Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Rust crate zip to v2 #486

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Rust crate zip to v2 #486

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 24, 2024

This PR contains the following updates:

Package Type Update Change
zip dependencies major 0.6.6 -> 2.0.0

Release Notes

zip-rs/zip2 (zip)

v2.2.2

Compare Source

🐛 Bug Fixes
  • rewrite the EOCD/EOCD64 detection to fix extreme performance regression (#​247)

v2.2.1

Compare Source

🐛 Bug Fixes
  • remove executable bit (#​238)
  • (lzma) fixed panic in case of invalid lzma stream (#​259)
  • resolve new clippy warnings on nightly (#​262)
  • resolve clippy warning in nightly (#​252)
⚡ Performance

v2.2.0

Compare Source

🚀 Features
  • Expose ZipArchive::central_directory_start (#​232)

v2.1.6

Compare Source

🐛 Bug Fixes
  • (#​33) Rare combination of settings could lead to writing a corrupt archive with overlength extra data, and data_start locations when reading the archive back were also wrong (#​221)
🚜 Refactor
  • Eliminate some magic numbers and unnecessary path prefixes (#​225)

v2.1.5

Compare Source

🚜 Refactor
  • change invalid_state() return type to io::Result

v2.1.4

Compare Source

🐛 Bug Fixes
  • fix(#​215): Upgrade to deflate64 0.1.9
  • Panic when reading a file truncated in the middle of an XZ block header
  • Some archives with over u16::MAX files were handled incorrectly or slowly (#​189)
  • Check number of files when deciding whether a CDE is the real one
  • Could still select a fake CDE over a real one in some cases
  • May have to consider multiple CDEs before filtering for validity
  • We now keep searching for a real CDE header after read an invalid one from the file comment
  • Always search for data start when opening an archive for append, and reject the header if data appears to start after central directory
  • deep_copy_file no longer allows overwriting an existing file, to match the behavior of shallow_copy_file
  • File start position was wrong when extra data was present
  • Abort file if central extra data is too large
  • Overflow panic when central directory extra data is too large
  • ZIP64 header was being written twice when copying a file
  • ZIP64 header was being written to central header twice
  • Start position was incorrect when file had no extra data
  • Allow all reserved headers we can create
  • Fix a bug where alignment padding interacts with other extra-data fields
  • Fix bugs involving alignment padding and Unicode extra fields
  • Incorrect header when adding AES-encrypted files
  • Parse the extra field and reject it if invalid
  • Incorrect behavior following a rare combination of merge_archive, abort_file and deep_copy_file. As well, we now return an error when a file is being copied to itself.
  • path_to_string now properly handles the case of an empty path
  • Implement Debug for ZipWriter even when it's not implemented for the inner writer's type
  • Fix an issue where the central directory could be incorrectly detected
  • finish_into_readable() would corrupt the archive if the central directory had moved
🚜 Refactor
  • Verify with debug assertions that no FixedSizeBlock expects a multi-byte alignment (#​198)
  • Use new do_or_abort_file method
⚡ Performance
  • Speed up CRC when encrypting small files
  • Limit the number of extra fields
  • Refactor extra-data validation
  • Store extra data in plain vectors until after validation
  • Only build one IndexMap after choosing among the possible valid headers
  • Simplify validation of empty extra-data fields
  • Validate automatic extra-data fields only once, even if several are present
  • Remove redundant validate_extra_data() call
  • Skip searching for the ZIP32 header if a valid ZIP64 header is present (#​189)
⚙️ Miscellaneous Tasks
  • Fix a bug introduced by c934c82
  • Fix a failing unit test
  • Fix build errors on older Rust versions
  • Fix build
  • Fix another fuzz failure
  • Switch to ok_or_abort_file, and inline when that fails borrow checker
  • Switch to ok_or_abort_file, and inline when that fails borrow checker
  • Fix a build error
  • Fix boxed_local warning (can borrow instead)
  • Partial debug
  • Fix more errors when parsing multiple extra fields
  • Fix an error when decoding AES header
  • Fix an error caused by not allowing 0xa11e field
  • Bug fix: crypto_header was being counted toward extra_data_end
  • Bug fix: revert a change where crypto_header was incorrectly treated as an extra field
  • Fix a bug where a modulo of 0 was used
  • Fix a bug when ZipCrypto, alignment and a custom header are used
  • Fix a bug when both ZipCrypto and alignment are used
  • Fix another bug: header_end vs extra_data_end
  • Fix use of a stale value in a debug_assert_eq!
  • Fix: may still get an incorrect size if opening an invalid file for append
  • Fix: may need the absolute start as tiebreaker to ensure deterministic behavior

v2.1.3

Compare Source

🐛 Bug Fixes
  • Some date/time filters were previously unreliable (i.e. later-pass filters had no earliest-pass or latest-fail, and vice-versa)
  • Decode Zip-Info UTF8 name and comment fields (#​159)
🚜 Refactor
  • Return extended timestamp fields copied rather than borrowed (#​183)
⚙️ Miscellaneous Tasks
  • Fix a new Clippy warning
  • Fix a bug and inline deserialize for safety
  • Add check for wrong-length blocks, and incorporate fixed-size requirement into the trait name
  • Fix a fuzz failure by using checked_sub
  • Add feature gate for new unit test

v2.1.2

Compare Source

🐛 Bug Fixes
  • Derive Debug for ZipWriter
  • lower default version to 4.5 and use the version-needed-to-extract where feasible.
🚜 Refactor
  • use a MIN_VERSION constant
⚙️ Miscellaneous Tasks
  • Bug fixes for debug implementation
  • Bug fixes for debug implementation
  • Update unit tests
  • Remove unused import

v2.1.1

Compare Source

🐛 Bug Fixes
  • Derive Debug for ZipWriter
  • lower default version to 4.5 and use the version-needed-to-extract where feasible.
🚜 Refactor
  • use a MIN_VERSION constant
⚙️ Miscellaneous Tasks
  • Bug fixes for debug implementation
  • Bug fixes for debug implementation
  • Update unit tests
  • Remove unused import

v2.1.0

Compare Source

🚀 Features
  • Support mutual conversion between DateTime and MS-DOS pair
🐛 Bug Fixes
  • version-needed-to-extract was incorrect in central header, and version-made-by could be lower than that (#​100)
  • version-needed-to-extract was incorrect in central header, and version-made-by could be lower than that (#​100)
⚙️ Miscellaneous Tasks
  • Another tweak to ensure version_needed is applied
  • Tweaks to make version_needed and version_made_by work with recently-merged changes

v2.0.0

Compare Source

🚀 Features
  • Add fmt::Display for DateTime
  • Implement more traits for DateTime
🚜 Refactor
  • Change type of last_modified_time to Option<DateTime>
  • [breaking] Rename from_msdos to from_msdos_unchecked, make it unsafe, and add try_from_msdos (#​145)
⚙️ Miscellaneous Tasks
  • Continue to accept archives with invalid DateTime, and use now_utc() as default only when writing, not reading

v1.3.1

Compare Source

🚜 Refactor
  • Make deflate enable both default implementations
  • Merge the hidden deflate-flate2 flag into the public one
  • Rename _deflate-non-zopfli to _deflate-flate2
  • Reject encrypted and using_data_descriptor files slightly faster in read_zipfile_from_stream
  • Convert impl TryInto<NaiveDateTime> for DateTime to impl TryFrom<DateTime> for NaiveDateTime (#​136)
⚡ Performance
  • Change default compression implementation to flate2/zlib-ng
⚙️ Miscellaneous Tasks
  • chore(#​132): Attribution for some copied test data
  • chore(#​133): chmod -x src/result.rs

v1.3.0

Compare Source

🚀 Features
  • Add is_symlink method
🐛 Bug Fixes
  • Extract symlinks into symlinks on Unix and Windows, and fix a bug that affected making directories writable on MacOS
🚜 Refactor
  • Eliminate deprecation warning when --all-features implicitly enables the deprecated feature
  • Check if archive contains a symlink's target, without borrowing both at the same time
  • Eliminate a clone that's no longer necessary
  • is_dir only needs to look at the filename
  • Remove unnecessary #[cfg] attributes
⚙️ Miscellaneous Tasks
  • Fix borrow-of-moved-value
  • Box doesn't directly convert to PathBuf, so convert back to String first
  • partial revert - only &str has chars(), but Box should auto-deref
  • contains_key needs a Box<str>, so generify is_dir to accept one
  • Add missing ZipFileData::is_dir() method
  • Fix another Windows-specific error
  • More bug fixes for Windows-specific symlink code
  • More bug fixes for Windows-specific symlink code
  • Bug fix: variable name change
  • Bug fix: need both internal and output path to determine whether to symlink_dir
  • Another bug fix
  • Fix another error-type conversion error
  • Fix error-type conversion on Windows
  • Fix conditionally-unused import
  • Fix continued issues, and factor out the Vec-to-OsString conversion (cc: #​125)
  • Fix CI failure involving conversion to OsString for symlinks (see my comments on #​125)
  • Move path join into platform-independent code

v1.2.3

Compare Source

🐛 Bug Fixes
  • Remove a window when an extracted directory might be unexpectedly listable and/or cdable by non-owners
  • Extract directory contents on Unix even if the directory doesn't have write permission (https://github.com/zip-rs/zip-old/issues/423)
⚙️ Miscellaneous Tasks
  • More conditionally-unused imports

v1.2.2

Compare Source

🐛 Bug Fixes
  • Failed to clear "writing_raw" before finishing a symlink, leading to dropped extra fields
⚡ Performance
  • Use boxed slice for archive comment, since it can't be concatenated
  • Optimize for the fact that false signatures can't overlap with real ones

v1.2.1

Compare Source

🐛 Bug Fixes
  • Prevent panic when trying to read a file with an unsupported compression method
  • Prevent panic after reading an invalid LZMA file
  • Make Stored the default compression method if Deflated isn't available, so that zip files are readable by as much software as possible
  • version_needed was wrong when e.g. cfg(bzip2) but current file wasn't bzip2 (#​100)
  • file paths shouldn't start with slashes (#​102)
🚜 Refactor
  • Overhaul impl Arbitrary for FileOptions
  • Remove unused atomic module

v1.2.0

Compare Source

🚀 Features
  • Add method decompressed_size() so non-recursive ZIP bombs can be detected
🚜 Refactor
  • Make ZipWriter::finish() consume the ZipWriter
⚙️ Miscellaneous Tasks
  • Use panic! rather than abort to ensure the fuzz harness can process the failure
  • Update fuzz_write to use replace_with
  • Remove a drop that can no longer be explicit
  • Add #![allow(unexpected_cfgs)] in nightly

v1.1.4

Compare Source

🐛 Bug Fixes
  • Build was failing with bzip2 enabled
  • use is_dir in more places where Windows paths might be handled incorrectly
⚡ Performance
  • Quick filter for paths that contain "/../" or "/./" or start with "./" or "../"
  • Fast handling for separator-free paths
  • Speed up logic if main separator isn't '/'
  • Drop normalized_components slightly sooner when not using it
  • Speed up path_to_string in cases where the path is already in the proper format
⚙️ Miscellaneous Tasks
  • Refactor: can short-circuit handling of paths that start with MAIN_SEPARATOR, no matter what MAIN_SEPARATOR is
  • Bug fix: non-canonical path detection when MAIN_SEPARATOR is not slash or occurs twice in a row
  • Bug fix: must recreate if . or .. is a path element
  • Bug fix
◀️ Revert
  • #​58 (partial): bzip2-rs can't replace bzip2 because it's decompress-only

v1.1.3

Compare Source

🐛 Bug Fixes
  • Rare bug where find_and_parse would give up prematurely on detecting a false end-of-CDR header

v1.1.2

Compare Source

🐛 Bug Fixes
  • Alignment was previously handled incorrectly (#​33)
🚜 Refactor
  • deprecate deflate-miniz feature since it's now equivalent to deflate (#​35)

v1.1.1

Compare Source

Added
  • index_for_name, index_for_path, name_for_index: get the index of a file given its path or vice-versa, without
    initializing metadata from the local-file header or needing to mutably borrow the ZipArchive.
  • add_symlink_from_path, shallow_copy_file_from_path, deep_copy_file_from_path, raw_copy_file_to_path: copy a
    file or create a symlink using AsRef<Path> arguments
Changed
  • add_directory_from_path and start_file_from_path are no longer deprecated, and they now normalize .. as well as
    ..

v1.1.0

Added
  • Support for decoding LZMA.
Changed
  • Eliminated a custom AtomicU64 type by replacing it with OnceLock in the only place it's used.
  • FileOptions now has the subtype SimpleFileOptions which implements Copy but has no extra data.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/zip-2.x branch from f6768fd to cf864d7 Compare May 27, 2024 04:34
@renovate renovate bot force-pushed the renovate/zip-2.x branch from cf864d7 to c535f82 Compare June 17, 2024 04:13
@renovate renovate bot force-pushed the renovate/zip-2.x branch from c535f82 to cdd5287 Compare June 24, 2024 07:00
@renovate renovate bot force-pushed the renovate/zip-2.x branch from cdd5287 to 3362205 Compare August 19, 2024 04:21
@renovate renovate bot force-pushed the renovate/zip-2.x branch from 3362205 to 35a4b20 Compare November 11, 2024 04:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants