1
0
mirror of synced 2024-11-22 09:14:23 +01:00
Commit Graph

595 Commits

Author SHA1 Message Date
Jason Smalls
1bcb945360 Harden get_meta in archive.py against variants of CVE-2022-35410 2023-07-11 21:31:53 +02:00
jvoisin
9159fe8705 Mention wp-mat in the readme 2023-06-05 19:52:13 +02:00
jvoisin
1b9608aecf Use proper type annotations instead of comments 2023-05-03 22:28:02 +02:00
jvoisin
2ac8c24dac Make use of is_dir/isdir for archives 2023-05-03 22:19:19 +02:00
jvoisin
71ecac85b0 Add some documentation about OSX 2023-04-11 21:35:25 +02:00
georg
b9677d8655 CI: codespell: drop obsolete list of ignored words
codespell was dropped via a63011b3f6.
Accordingly, this commit does some cleanup.
2023-03-21 13:18:54 +00:00
georg
6fde80d3e3 CI: shallow clone repository and limit depth to 5
The previous commit changed the strategy to 'clone', instead of 'fetch'
as before. While this fixes permission errors, it is also slower, as an
existing checkout of the repository will be ignored. To overcome this,
this commit limits the depth to 5.
2023-03-20 15:11:02 +00:00
georg
6c05360afa CI: 'clone' git repository instead of 'fetch'
While the former is slower, the later might lead to errors such as
"fatal: detected dubious ownership in repository at" which is fixed
GitLab upstream via
https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/3538, but
not yet released.

Closes #191
2023-03-20 15:10:56 +00:00
georg
596696dfbc CI: Add python3.{7,8,9,10,11} test jobs
Closes #187
2023-03-15 23:38:39 +00:00
jvoisin
daa17a3e9c Fix the CI on Archlinux 2023-03-12 13:29:46 +01:00
Gu1nn3zz
6061f47231 fix: Typing in the parser factory 2023-03-07 17:37:56 +00:00
georg
8b41764a3e CI: linting: ruff: specify image
Otherwise, this job might fail, depending on the runner which executes
the job, due to different configurations, especially wrt the default
image.

Ref https://0xacab.org/jvoisin/mat2/-/merge_requests/105
2023-03-07 11:25:17 +00:00
Rui Chen
ed0ffa5693 Update pyproject.toml to include version 2023-02-24 09:12:06 +00:00
jvoisin
b1c03bce72 Bump the changelog 2023-02-23 21:36:46 +01:00
jvoisin
a63011b3f6 Improve the CI
- Remove some useless linters
- Make use of ruff
2023-02-20 21:15:07 +01:00
jvoisin
e41390eb64 Explicitly pass a parameter to functools.lru_cache 2023-01-31 20:42:39 +01:00
jvoisin
66a36f6b15 Bump the changelog 2023-01-28 17:55:02 +01:00
jvoisin
3cb3f58084 Another typing pass 2023-01-28 17:22:26 +01:00
jvoisin
39fb254e01 Fix the type annotations 2023-01-28 15:57:20 +00:00
jvoisin
1f73a16ef3 imghdr is deprecated 2023-01-14 15:38:12 +01:00
jvoisin
e8b38f1101 Revert "Simplify a bit the typing annotations of ./mat2"
This reverts commit 29057d6cdf.
2023-01-14 15:35:21 +01:00
jvoisin
8d7230ba16 Fix -l output 2023-01-07 17:10:02 +01:00
jvoisin
2b02c82e7f Bump the changelog 2023-01-07 16:52:58 +01:00
Megamind
b00e221675 Make the 'A' in the README ascii art look more "A-like" 2022-12-30 20:05:33 +00:00
jvoisin
62a45c29df Improve xlsx support 2022-12-25 18:05:13 +01:00
jvoisin
6479d869e4 Remove the Nautilus extension 2022-12-05 20:31:12 +01:00
jvoisin
29057d6cdf Simplify a bit the typing annotations of ./mat2 2022-11-21 19:58:53 +01:00
jvoisin
180ea24e5a Remove pyflakes
Isn't borderline useless compared to mypy and pylint
2022-11-21 19:57:38 +01:00
jvoisin
618e0a8e39 Fix the tests on the latest Debian 2022-10-09 21:49:07 +02:00
jvoisin
6d93cf9397 Remove deprecated pylint checks 2022-10-09 21:14:20 +02:00
jvoisin
b1a16b334f Get rid of a deprecated check
Nobody should be using Poppler < 0.46
2022-10-09 21:11:02 +02:00
jvoisin
0501359600 Please pylint 2022-10-09 21:04:19 +02:00
jvoisin
cc5be8608b Simplify the typing annotations 2022-08-28 22:29:06 +02:00
b068931cc450442b 63f5b3d276ea4297
292f44c086 update source and installation 2022-08-24 20:20:02 +02:00
jvoisin
2dd196c2c7 Make use of cache to get binary paths 2022-08-05 20:43:37 +02:00
jvoisin
34eb878aae Add the CVE number to the changelog 2022-07-08 22:09:22 +02:00
jvoisin
eec5c33a6b Bump the changelog 2022-07-06 19:20:21 +02:00
jvoisin
beebca4bf1 Prevent arbitrary file read via zip archives
A zip file with a file pointing to /etc/passwd would, upon being cleaned by
mat2, produce a file with the filesystem's /etc/passwd file.
2022-07-05 16:27:07 +02:00
jvoisin
e2c4dbf721 Show a scary message in case of path traversal attempt 2022-07-05 15:30:10 +02:00
jvoisin
704367f91e Add support for HEIC files
Thanks to Maxime Morin ( https://www.maijin.fr/ )
for the patch.
2022-05-15 18:57:27 +02:00
jvoisin
2639713709 Minor cleanup 2022-05-05 22:00:09 +02:00
jvoisin
b18e6e11f0 Bump the changelog 2022-04-30 17:31:29 +02:00
jvoisin
62dc8c71c1 Enable gitlab's SAST 2022-04-02 16:19:13 +02:00
jvoisin
697e9583b9 Please the linters 2022-03-29 22:18:06 +02:00
jvoisin
1b37604d3a Make processing multiple files safer concurrence-wise 2022-03-29 22:15:04 +02:00
jvoisin
1c3e2afa1e Escape more control chars in the cli 2022-03-29 22:13:55 +02:00
jvoisin
05b8e97b68 Simplification of the testsuite 2022-03-29 22:13:33 +02:00
jvoisin
2a74a400e2 Fix the svg tests on archlinux 2022-03-28 23:22:42 +02:00
jvoisin
5ccddae7f5 Fix the PDF version
This should prevent the testsuite from breaking,
and marginally increase fingerprinting resistance.
2022-03-28 22:34:57 +02:00
jvoisin
12582ba2f5 Try to use modern rsvg functions when we can 2022-03-16 20:23:49 +01:00