Skip to content

v0.7.0

Choose a tag to compare

@dnikolayev dnikolayev released this 12 Jun 11:43

Highlights

Security/integrity hardening and opt-in resource limits.

  • Resource limits (keyword-only): max_entries, max_entry_size, max_total_uncompressed_size, and max_archive_size (streams) raising a new LimitExceeded exception.
  • Integrity validation (from 0.6.1): fixes a decompression DoS, verifies CRC-32 / exact size / truncation, and extracts atomically.
  • Reject unsupported compression methods (bzip2/lzma) with NotImplementedError on both paths.
  • Deprecate unzip_stream(in_memory=True).
  • Top-level exports: from async_unzip import unzip, unzip_stream, LimitExceeded.

See the README changelog for full 0.6.1 + 0.7.0 details.