You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
No silent failures: All errors raise ValidationError
Security logging: All events logged for monitoring
@andrewtavis I checked the solution by creating a test file and it passed all the test. Kindly review it if find any dicrepancies I'll fix it. Thank you..
The activist team will do our best to address your contribution as soon as we can. If you're not already a member of our public Matrix community, please consider joining! We'd suggest that you use the Element client as well as Element X for a mobile app, and definitely join the General and Development rooms once you're in. Also consider attending our bi-weekly Saturday developer syncs! It'd be great to meet you 😊
The following is a checklist for maintainers to make sure this process goes as well as possible. Feel free to address the points below yourself in further commits if you realize that actions are needed :)
The TypeScript, pytest and formatting workflows within the PR checks do not indicate new errors in the files changed
The Playwright end to end and Zap penetration tests have been ran and are passing (if necessary)
The changelog has been updated with a description of the changes for the upcoming release and the corresponding issue (if necessary)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #1561
Problem
The
scrub_exif()function had security vulnerabilities:except Exceptionsilently returned unprocessed files with EXIF intactSolution
Complete refactor with security-first approach:
DecompressionBombError+ pixel count checkUnidentifiedImageError- Invalid imagesDecompressionBombError- Decompression bombsOSError- System errorsMemoryError- Memory exhaustionValidationError@andrewtavis I checked the solution by creating a test file and it passed all the test. Kindly review it if find any dicrepancies I'll fix it. Thank you..