Fix code scanning alert - Arbitrary file access during archive extraction ("Zip Slip")

[svrooij]

Fixes #116

Fix the arbitrary file access during archive extraction (Zip Slip) vulnerability.

• src/Winget.CommunityRepository.Ef/WingetRepositoryWithEf.cs

  • Add ExtractToDirectory method to validate file paths during extraction.
  • Update LoadEntriesFromSqlLite method to use the new ExtractToDirectory method.

• src/WingetIntune/Implementations/DefaultFileManager.cs

  • Add validation for file paths in ExtractFileToFolder method.
  • Update ExtractFileToFolderAsync method to validate file paths during extraction.

---

For more details, open the Copilot Workspace session.

[github-actions[bot]]

Test Results

28 tests  ±0   28 :white_check_mark: ±0   1s :stopwatch: ±0s 10 suites ±0    0 :zzz: ±0   1 files   ±0    0 :x: ±0 

Results for commit 5235db37. ± Comparison against base commit 401c934b.