* refactor: rename sanitize function
* fix: expose getDir
* fix: safe handling of untrusted resource names
- fixes: GHSA-2hqv-2xv4-5h5w
* test: sample file for GHSA-2hqv-2xv4-5h5w
* refactor: avoid detection of absolute files for resource check
* chore: enable info mode on gradle
* test: skip test on windows
* chore: debug windows handling
* fix: normalize entry with file separators
* fix: normalize filepath after cleansing
* chore: Android paths are not OS specific
* refactor: use java.nio for path traversal checking
* chore: align path separator on Windows for Zip files
* chore: rework towards basic directory traversal
* chore: remove '--info' on build.yml
* perf: process smali code in parallel
Note: backsmali can't be properly multithreaded because of the synchronized methods inside
* perf: start backsmali concurrently with a resources decompiler
* perf: speed up apk building by skipping temp archive creation
Now we're not compressing the same data twice
* refactor: extract duplicated code
* refactor: rename methods and inline some comments
* feat: initial migration to kotlin
* feat: initial migration to kotlin
* fix: wire up dependencies
* fix: Deprecated tag for kotlin detection
* refactor: put all modules into sub-projects
* fix: include jar file (android framework)
* fix: add version message/info
* fix: wire up version/gitrev to properties
* fix: wire up proguard on cli
* fix: wire up proguard
* fix: wire up output cleaning command
* fix: drop license header on gradle files
- fully rewritten from scratch by myself
- no longer including license header on build files
* fix: add compile utf8/flags for java8
* refactor: remove unneeded curly braces
* feat: progress towards maven-publish
* build: publish to maven
* docs: update documentation
* refactor: prevent implicit order by removal of afterEvaluate
* build: remove unused license plugin
* Correct use of <> diamond operator
* Correct modifiers order
* Private constructor for utility class
* Correct use of diamond operator
* Corrected naming convention
* Correct modifier order
* Use not synchronized class
* Introduced try/resource in stream copy
* Removed unused private field
* Code reformat
Reformat of IOUtils.copy from to stream
* Add a space
Improved code formatting
* Code reformat
Only a new space
* Code reformat
Removed extra spaces
Zip/APK files can legally contain entries that point to the parent directory of the one in which the .zip is located.
Usually, unzip implementations ignore them by default, and we‘ll do the same.
This is the list of files (resources, assets, etc) that are stored in
the .apk uncompressed.
For apps that use AssetFileDescriptor.openFd(), the adding compression
will break the call.
Maintains support for the resourcesAreCompressed key, but no longer
records it when decompiling (it instead records resources.arsc in the
doNotCompress list).
Extends ZipFile using apache commons compress ZipFile, to have finer control over the header allowing some parts to be ignored,
ex: the general access bit
