io icon indicating copy to clipboard operation
io copied to clipboard

Published 20 hours ago verified publisher icon sbt

add "limit" param for "zip bomb" protection

Open xuwei-k opened this issue 5 years ago • 1 comments

https://en.wikipedia.org/wiki/Zip_bomb

https://github.com/sbt/io/commit/d258f906431d556d3a8774c31f8432affb9259a9

WDYT? 👀

xuwei-k avatar Jul 18 '19 06:07 xuwei-k

It sounds like a good idea, but we should make sure that the default is large enough, and that user can override it somehow. Sometimes the files we handle could become really large, like JSON file containing an UpdateReport.

eed3si9n avatar Jul 18 '19 16:07 eed3si9n