- 09 Oct, 2020 1 commit
-
-
Script Kiddy authored
In case of conflict in i18n, keep the version of the branch "ours" To resolve a particular conflict, "git checkout --ours path/to/file.desktop"
-
- 06 Oct, 2020 1 commit
-
-
Nicolas Fella authored
-
- 03 Oct, 2020 1 commit
-
-
Christoph Feck authored
(cherry picked from commit 94cdb7a9)
-
- 27 Sep, 2020 1 commit
-
-
Alexander Lohnau authored
-
- 26 Sep, 2020 1 commit
-
-
Elvis Angelaccio authored
This makes it clear what the action actually does. BUG: 426960
-
- 25 Sep, 2020 2 commits
-
-
Laurent Montel authored
-
Script Kiddy authored
In case of conflict in i18n, keep the version of the branch "ours" To resolve a particular conflict, "git checkout --ours path/to/file.desktop"
-
- 16 Sep, 2020 1 commit
-
-
Laurent Montel authored
-
- 02 Sep, 2020 2 commits
-
-
Script Kiddy authored
In case of conflict in i18n, keep the version of the branch "ours" To resolve a particular conflict, "git checkout --ours path/to/file.desktop"
-
Script Kiddy authored
-
- 01 Sep, 2020 2 commits
-
-
Script Kiddy authored
In case of conflict in i18n, keep the version of the branch "ours" To resolve a particular conflict, "git checkout --ours path/to/file.desktop"
-
Script Kiddy authored
-
- 31 Aug, 2020 1 commit
-
-
Christoph Feck authored
(cherry picked from commit 4438db46)
-
- 30 Aug, 2020 1 commit
-
-
Elvis Angelaccio authored
unique_ptr has an `operator bool`, so they are not needed.
-
- 27 Aug, 2020 2 commits
-
-
Albert Astals Cid authored
-
There are archive types which allow to first create a symlink and then later on dereference it. If the symlink points outside of the archive, this results in writing outside of the destination directory. With the ARCHIVE_EXTRACT_SECURE_SYMLINKS option set, libarchive avoids this situation by verifying that none of the target path components are symlinks before writing. Remove the commented out code in the method, which would actually misbehave if enabled again. Signed-off-by:
Fabian Vogt <fabian@ritter-vogt.de>
-
- 26 Aug, 2020 2 commits
-
-
Add comment explaining what extractSelectedFilesTo is used for. Slightly tweak error message.
-
- No need to stat the url we get from QFileDialog::getSaveFileUrl, if it already exists the dialog should show the "do you want to overwrite?" message to the user on its own; also no need to check for isValid, the dialog will return valid urls, AFAICS - KIO::file_copy will check if the src url exists ...etc, we don't have to do that manually; also make the job async, and re-use the custom error messages where possible
-
- 24 Aug, 2020 3 commits
-
-
Michal Szymanski authored
Fix timestamp comparison test fail after QT5.11 by Switchng to QDatetime comparison instead of QString. 5.11 variant changed QDateTime toString fromat to ISODateWithMs
-
Christoph Cullmann authored
-
Alexey Ivanov authored
-
- 23 Aug, 2020 2 commits
-
-
Elvis Angelaccio authored
It's been commented since 68e58f5d from 13 years ago.
-
Alexey Ivanov authored
-
- 21 Aug, 2020 1 commit
-
-
In BatchExtract, use QUrl::fromLocalFile to construct a url with the file:// scheme, so that the destination dir can be opened after the extraction is finished. Bump minimum KF version to 5.71 as that's where OpenUrlJob was introduced.
-
- 18 Aug, 2020 2 commits
-
-
Alexey Ivanov authored
-
Alexey Ivanov authored
-
- 17 Aug, 2020 1 commit
-
-
Alexey Ivanov authored
-
- 15 Aug, 2020 1 commit
-
-
Alexey Ivanov authored
-
- 14 Aug, 2020 1 commit
-
-
Alexey Ivanov authored
-
- 08 Aug, 2020 2 commits
-
-
Pino Toscano authored
-
Pino Toscano authored
-
- 05 Aug, 2020 3 commits
-
-
Christoph Feck authored
(cherry picked from commit 6104ad1c)
-
Christoph Feck authored
-
Christoph Feck authored
-
- 31 Jul, 2020 4 commits
-
-
Christoph Feck authored
-
Laurent Montel authored
-
Laurent Montel authored
-
Laurent Montel authored
-
- 29 Jul, 2020 2 commits
-
-
Elvis Angelaccio authored
-
Elvis Angelaccio authored
Ark was vulnerable to directory traversal attacks because of missing validation of file paths in the archive. More details about this attack are available at: https://github.com/snyk/zip-slip-vulnerability Job::onEntry() is the only place where we can safely check the path of every entry in the archive. There shouldn't be a valid reason to have a "../" in an archive path, so we can just play safe and abort the LoadJob if we detect such an entry. This makes impossibile to extract this kind of malicious archives and perform the attack. Thanks to Albert Astals Cid for suggesting to use QDir::cleanPath() so that we can still allow loading of legitimate archives that contain "../" in their paths but still resolve inside the extraction folder.
-