This PR changes GuardDog so that bzip2 and xz compression are allowed when sourcing a package from a tar archive. It also permits all common file extensions for these (.bz2, .bzip2, .xz) as well as for gzip (.gz, .gzip), which was already allowed in this context.
For local files, the PR uses the validation functions provided by tarsafe and zipfile to introspect the file contents (as opposed to just looking at the extension) before attempting to extract.
This PR changes GuardDog so that
bzip2andxzcompression are allowed when sourcing a package from a tar archive. It also permits all common file extensions for these (.bz2,.bzip2,.xz) as well as forgzip(.gz,.gzip), which was already allowed in this context.For local files, the PR uses the validation functions provided by
tarsafeandzipfileto introspect the file contents (as opposed to just looking at the extension) before attempting to extract.Closes #427