Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Santize loaded filenames #884

Open
wants to merge 1 commit into
base: v2.x
Choose a base branch
from

Conversation

kant2002
Copy link

Backport of #813 to v2.7.0

I again need this for https://github.com/optilude/xlsx-template because users mention security vulnerability

Backport of Stuk#813 to v2.7.0

I again need this for https://github.com/optilude/xlsx-template  because users mention security vulnerability
@kant2002
Copy link
Author

Separate question, I would gladly abandon maintaining of the v2.x if I would be able use sync version of some methods. Is it possible if I reintroduce sync methods which I need, maybe with different name loadSync for example. That way I would not break my API, and would finally jump to v3.

@kant2002
Copy link
Author

@Stuk can you take a look at this?

@kant2002
Copy link
Author

kant2002 commented Feb 7, 2023

@Stuk hope you are doing fine. Pinging you just in case you miss this in notifications.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant