Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RubyZip 3.0 Upgrade #2332

Open
wheatley opened this issue Mar 3, 2022 · 3 comments
Open

RubyZip 3.0 Upgrade #2332

wheatley opened this issue Mar 3, 2022 · 3 comments
Assignees
@zinduolis
Labels
dependencies Pull requests that update a dependency file Maintainability Review Issue that needs to be reviewed for completion
Milestone
0.5.5.0-alpha

Comments

@wheatley
Copy link
Contributor

wheatley commented Mar 3, 2022

Need to check that we're not using any of these:

RubyZip 3.0 is coming!

The public API of some Rubyzip classes has been modernized to use named
parameters for optional arguments. Please check your usage of the
following classes:

  • Zip::File
  • Zip::Entry
  • Zip::InputStream
  • Zip::OutputStream

Please ensure that your Gemfiles and .gemspecs are suitably restrictive
to avoid an unexpected breakage when 3.0 is released (e.g. ~> 2.3.0).
See https://github.com/rubyzip/rubyzip for details. The Changelog also
lists other enhancements and bugfixes that have been implemented since
version 2.3.0.
@wheatley wheatley added Maintainability dependencies Pull requests that update a dependency file labels Mar 3, 2022
@DeezyE
Copy link
Contributor

DeezyE commented Mar 11, 2022

It's unclear to me what's changing here. Locking gemfile to 2.3.0 seems the simplest.

@wheatley wheatley mentioned this issue Mar 16, 2022
Closed
@wheatley wheatley added the Review Issue that needs to be reviewed for completion label Jun 6, 2022
@saimimughal007

This comment was marked as off-topic.

Sign in to view
@bcoles bcoles added this to the 0.5.5.0-alpha milestone Apr 28, 2023
@bcoles
Copy link
Collaborator

bcoles commented Apr 28, 2023

The following components use Ruby Zip:

modules/social_engineering/firefox_extension_dropper/module.rb:62:    Zip::File.open(xpi, Zip::File::CREATE) do |xpi|
modules/social_engineering/firefox_extension_reverse_shell/module.rb:55:    Zip::File.open(xpi, Zip::File::CREATE) do |xpi|
modules/social_engineering/firefox_extension_bindshell/module.rb:52:    Zip::File.open(xpi, Zip::File::CREATE) do |xpi|
modules/misc/wordpress/upload_rce_plugin/module.rb:22:    stringio = Zip::OutputStream.write_buffer do |zio|

@stephenakq stephenakq self-assigned this Mar 19, 2024
@stephenakq stephenakq assigned zinduolis and unassigned stephenakq Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zinduolis zinduolis

Labels
dependencies Pull requests that update a dependency file Maintainability Review Issue that needs to be reviewed for completion
Projects
None yet
Milestone
0.5.5.0-alpha
Development

No branches or pull requests
6 participants
@bcoles @wheatley @DeezyE @zinduolis @saimimughal007 @stephenakq