Maracas is a source code and bytecode analysis framework—written in Java with the help of Spoon—which analyzes how Java libraries evolve and how their evolution impacts their clients.
#403 - Use utf-8 by default when reading zip file names
#416 - Add NoCompression deflate compression level
Bug fixes:
#366 - Validate AES extra data record size
#368 - Include pos in array copy length calculation
#370 - Change IllegalArgumentException to ZipException
#371 - Handle unexpected EOF when reading raw stream
#372 - Handle unexpected EOF when reading compressed stream
#373 - Fill NPE when aesKeyStrength is null
#374 - Validate AES extra data record before calculating header size
#375 - Throw exception when file name length is 0
#376 - Replace RunTimeException with ZipException
#388 - Fix NPE in ZipParameters when file name is either null or empty
#400 - Minor improvement to canonical path check
#410 - Set entry size in ZipParameters to 0 by default
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/alien-tools/maracas/network/alerts).
Bumps zip4j from 2.9.1 to 2.10.0.
Release notes
Sourced from zip4j's releases.
Commits
fc3a258
Release v2.10.0328be36
#416 Add NoCompression deflate compression levelbe88df4
Remove duplicate code985d8c5
#372 Adjust test according to code change82e8984
#374 Validate AES extra data record before calculating header size445c161
#372 Handle unexpected eof when reading compressed stream55dc47b
#371 Handle unexpected eof when reading stream5b3c43b
#370 Change IllegalArgumentException to ZipExceptiondc00748
#368 Include pos in array copy length calculation4ac7080
#366 Adapt test according to the aes record validation changeDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/alien-tools/maracas/network/alerts).