libpathrs
libarchive
libpathrs | libarchive | |
---|---|---|
1 | 33 | |
66 | 2,886 | |
- | 3.0% | |
0.0 | 9.1 | |
12 months ago | about 21 hours ago | |
Rust | C | |
GNU Lesser General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libpathrs
-
The tar archive format, and why GNU tar extracts in quadratic time
Author of openat2 here, yes it would (as well as protecting against races where the target directory is having path components changed to symlinks during extraction). RESOLVE_IN_ROOT would be more akin to extracting in a chroot(2).
I've been working on a userspace library[1] which would make writing userspace programs that interact with these kinds of dangerous paths more safe (though it's been on the backburner recently).
[1]: https://github.com/openSUSE/libpathrs
libarchive
-
The XZ attack and timeline
29. October 2021 At this point Jia Tan pops up, and the first thing we see from him is an innocuous patch to the xz repository, and while a lot of people believe he started out trying his luck with another library also known as libarchive, this is not the case, I would bet it’s more of a backup looking at the dates, being that there are a few days in between as shown in this commit.
- Zip entry size unset now honors user requested compression level
- Suspicious libarchive pull request
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
Potentially malicious commit by same author on libarchive: https://github.com/libarchive/libarchive/pull/1609
- WinRAR musste shady werden.
-
Making Amiga IFF Thumbnails Work in Linux
Full agreement, and with the addition of xpk¹/xfd² as natural extensions to that extensibility too. I see things like xfd supporting xz¹, and I'm simultaneously amazed that it exists and happy that I don't need to do xz {,de}compression on 68k ;)
I guess we have something similar-ish with libarchive⁴, but nobody(including me) has pushed the extra mile to get file dialogs to support random compression and decompression formats.
Beyond OT: I didn't realise how much stuff was still going on at aminet, but I love love LOVE that people are still dropping new car sets for Geoff Crammond's F1GP.
¹ http://aminet.net/package/util/pack/xpk_User
² http://aminet.net/package/util/pack/xfdmaster
³ http://aminet.net/package/util/pack/xfd_lzma.lha
⁴ https://www.libarchive.org/
-
WinRAR zero-day exploited since April to hack trading accounts
I don't have a preview channel install handy to check, but apparently they're using libarchive so here's the full list assuming they expose everything it supports:
https://github.com/libarchive/libarchive/wiki/LibarchiveForm...
-
Announcing Windows 11 Insider Preview Build 23493 for the Dev Channel
As announced at the Build conference back in May, this build adds native support for reading additional archive file formats using the libarchive open-source project such as
-
Poor winrar
LibarchiveFormats · libarchive/libarchive Wiki · GitHub
-
Windows 11 getting native support for 7-Zip, RAR, and GZ archives
Seems what they're using is BSD-liscensed: https://github.com/libarchive/libarchive/wiki
What are some alternatives?
bottlerocket - An operating system designed for hosting containers
ZLib - A massively spiffy yet delicately unobtrusive compression library.
toolbox-tuner - Graphical application intended for use on Fedora Silverblue to manage containertoolbx.org containers.
7z - Because 7-zip source code was in a 7z archive [mirror]
vagga - Vagga is a containerization tool without daemons
p7zip - A new p7zip fork with additional codecs and improvements (forked from https://sourceforge.net/projects/sevenzip/ AND https://sourceforge.net/projects/p7zip/).
unxip - A fast Xcode unarchiver
fpart - Sort files and pack them into partitions
unix-history-repo - Continuous Unix commit history from 1970 until today
pixz - Parallel, indexed xz compressor
Klib - A standalone and lightweight C library
ck - Concurrency primitives, safe memory reclamation mechanisms and non-blocking (including lock-free) data structures designed to aid in the research, design and implementation of high performance concurrent systems developed in C99+.