Normalize the destination directory when extracting zip files

eirslett / frontend-maven-plugin

"Maven-node-grunt-gulp-npm-node-plugin to end all maven-node-grunt-gulp-npm-plugins." A Maven plugin that downloads/installs Node and NPM locally, runs NPM install, Grunt, Gulp and/or Karma.

Apache License 2.0

4.2k stars 868 forks source link

Normalize the destination directory when extracting zip files #1125

Closed mvilliger closed 7 months ago

mvilliger commented 7 months ago

Otherwise, relative installDirectory paths cannot be used because the zip-slip check fails with "Bad zip entry" exception even the zip is fine.

Closes https://github.com/eirslett/frontend-maven-plugin/issues/1124

eirslett commented 7 months ago

ok let's merge it!

mvilliger commented 7 months ago

Thanks :) Any plans when this will be available on Maven central?

eirslett commented 7 months ago

I think I will try to get https://github.com/eirslett/frontend-maven-plugin/pull/1108 merged first.