Skip to content

Replace archiver library #3729

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
MDrakos wants to merge 1 commit into
base: master
Choose a base branch
from

Replace archiver library

562cdc5
Select commit
Loading
Failed to load commit list.
Draft

Replace archiver library #3729

Replace archiver library
562cdc5
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Sep 4, 2025 in 3s

4 new alerts including 4 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 4 high

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 101 in internal/archiver/archiver.go

See this annotation in the file changed.

Code scanning / CodeQL

Arbitrary file write extracting an archive containing symbolic links High

Unresolved path from an archive header, which may point outside the archive root, is used in
symlink creation
Loading
.

Check failure on line 103 in internal/archiver/archiver.go

See this annotation in the file changed.

Code scanning / CodeQL

Arbitrary file write extracting an archive containing symbolic links High

Unresolved path from an archive header, which may point outside the archive root, is used in
symlink creation
Loading
.

Check failure on line 288 in internal/archiver/archiver.go

See this annotation in the file changed.

Code scanning / CodeQL

Arbitrary file access during archive extraction ("Zip Slip") High

Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.

Check failure on line 396 in internal/archiver/archiver.go

See this annotation in the file changed.

Code scanning / CodeQL

Arbitrary file access during archive extraction ("Zip Slip") High

Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.