1. 16 Sep, 2020 1 commit
  2. 02 Sep, 2020 2 commits
  3. 01 Sep, 2020 2 commits
  4. 31 Aug, 2020 1 commit
  5. 30 Aug, 2020 1 commit
  6. 27 Aug, 2020 2 commits
  7. 26 Aug, 2020 2 commits
    • Ahmad Samir's avatar
      Part: more async KIO jobs · eff5cd0b
      Ahmad Samir authored
      Add comment explaining what extractSelectedFilesTo is used for.
      Slightly tweak error message.
      eff5cd0b
    • Ahmad Samir's avatar
      Part: QFileDialog asks to overwrite a file on its own · 54ba94ec
      Ahmad Samir authored
      - No need to stat the url we get from QFileDialog::getSaveFileUrl, if it
        already exists the dialog should show the "do you want to overwrite?"
        message to the user on its own; also no need to check for isValid, the
        dialog will return valid urls, AFAICS
      - KIO::file_copy will check if the src url exists ...etc, we don't have
        to do that manually; also make the job async, and re-use the custom error
        messages where possible
      54ba94ec
  8. 24 Aug, 2020 3 commits
  9. 23 Aug, 2020 2 commits
  10. 21 Aug, 2020 1 commit
    • Ahmad Samir's avatar
      Port KRun to OpenUrlJob and ApplicationLauncherJob · c4c765a9
      Ahmad Samir authored
      In BatchExtract, use QUrl::fromLocalFile to construct a url with the
      file:// scheme, so that the destination dir can be opened after the
      extraction is finished.
      
      Bump minimum KF version to 5.71 as that's where OpenUrlJob was introduced.
      c4c765a9
  11. 18 Aug, 2020 2 commits
  12. 17 Aug, 2020 1 commit
  13. 15 Aug, 2020 1 commit
  14. 14 Aug, 2020 1 commit
  15. 08 Aug, 2020 2 commits
  16. 05 Aug, 2020 3 commits
  17. 31 Jul, 2020 4 commits
  18. 29 Jul, 2020 2 commits
    • Elvis Angelaccio's avatar
      Merge branch 'release/20.08' · 9393b0d8
      Elvis Angelaccio authored
      9393b0d8
    • Elvis Angelaccio's avatar
      Fix vulnerability to path traversal attacks · 0df59252
      Elvis Angelaccio authored
      Ark was vulnerable to directory traversal attacks because of
      missing validation of file paths in the archive.
      
      More details about this attack are available at:
      https://github.com/snyk/zip-slip-vulnerability
      
      Job::onEntry() is the only place where we can safely check the path of
      every entry in the archive. There shouldn't be a valid reason
      to have a "../" in an archive path, so we can just play safe and abort
      the LoadJob if we detect such an entry. This makes impossibile to
      extract this kind of malicious archives and perform the attack.
      
      Thanks to Albert Astals Cid for suggesting to use QDir::cleanPath()
      so that we can still allow loading of legitimate archives that
      contain "../" in their paths but still resolve inside the extraction folder.
      0df59252
  19. 22 Jul, 2020 2 commits
  20. 17 Jul, 2020 3 commits
  21. 11 Jul, 2020 2 commits