Open dependabot[bot] opened 5 months ago
Latest commit: 68815d37670e2cff48825089ad8dd4a5ae75ee84
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
Click here to learn what changesets are, and how to add one.
Click here if you're a maintainer who wants to add a changeset to this PR
Bumps archive from 2.0.10 to 3.3.8.
Changelog
Sourced from archive's changelog.
... (truncated)
Commits
01110f0
Update to 3.3.80d17b27
Use central directory filename instead of local file name when extracting zip...6de4923
improve symlink validation checkedb0d48
don't create symlinks to files outside of the extracted path85ac8df
Merge pull request #272 from Mastbau-FN/maindd10d64
Merge pull request #275 from skythomp16/main0e7e48e
Prevent tar creation from including full file pathd6fa3c3
add progress callback (fixes #112 for compression of zips only)76e9cd2
Close file input in extractArchiveToDiska888d54
Fix error decoding AES-192Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show