unzip-stream
Advanced tools
Comparing version 0.3.1 to 0.3.2
@@ -291,3 +291,3 @@ 'use strict'; | ||
// protect against malicious zip files which want to extract to parent dirs | ||
entry.path = entry.path.replace(/^([/\\]*[.]+[/\\]+)*[/\\]*/, ""); | ||
entry.path = entry.path.replace(/(?<=^|[/\\]+)[.][.]+(?=[/\\]+|$)/g, "."); | ||
entry.type = isDirectory ? 'Directory' : 'File'; | ||
@@ -294,0 +294,0 @@ entry.isDirectory = isDirectory; |
{ | ||
"name": "unzip-stream", | ||
"version": "0.3.1", | ||
"version": "0.3.2", | ||
"description": "Process zip files using streaming API", | ||
@@ -5,0 +5,0 @@ "author": "Michal Hruby <michal.mhr@gmail.com>", |
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
71020
38
908
4
2