diff --git a/go.mod b/go.mod index f0feb0acf..49ca3fba6 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/gookit/color v1.5.4 github.com/jfrog/archiver/v3 v3.6.0 github.com/jfrog/build-info-go v1.9.26 - github.com/jfrog/gofrog v1.7.1 + github.com/jfrog/gofrog v1.7.2 github.com/stretchr/testify v1.9.0 github.com/xanzy/ssh-agent v0.3.3 golang.org/x/crypto v0.23.0 @@ -43,7 +43,7 @@ require ( github.com/pierrec/lz4/v4 v4.1.21 // indirect github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/rivo/uniseg v0.4.3 // indirect + github.com/rivo/uniseg v0.4.7 // indirect github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/skeema/knownhosts v1.2.2 // indirect github.com/ulikunitz/xz v0.5.11 // indirect diff --git a/go.sum b/go.sum index ca5deea59..73c0c0e43 100644 --- a/go.sum +++ b/go.sum @@ -54,8 +54,8 @@ github.com/jfrog/archiver/v3 v3.6.0 h1:OVZ50vudkIQmKMgA8mmFF9S0gA47lcag22N13iV3F github.com/jfrog/archiver/v3 v3.6.0/go.mod h1:fCAof46C3rAXgZurS8kNRNdSVMKBbZs+bNNhPYxLldI= github.com/jfrog/build-info-go v1.9.26 h1:1Ddc6+Ecvhc+UMnKhRVG1jGM6fYNwA49207azTBGBc8= github.com/jfrog/build-info-go v1.9.26/go.mod h1:8T7/ajM9aGshvgpwCtXwIFpyF/R6CEn4W+/FLryNXWw= -github.com/jfrog/gofrog v1.7.1 h1:ME1Meg4hukAT/7X6HUQCVSe4DNjMZACCP8aCY37EW/w= -github.com/jfrog/gofrog v1.7.1/go.mod h1:X7bjfWoQDN0Z4FQGbE91j3gbPP7Urwzm4Z8tkvrlbRI= +github.com/jfrog/gofrog v1.7.2 h1:VkAaA/9tmbw27IqgUOmaZWnO6ATUqL3vRzDnsROKATw= +github.com/jfrog/gofrog v1.7.2/go.mod h1:WJFk88SR9Sr9mKl1bQBig7DmSdXiBGKV3WhL9O6jL9w= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= @@ -84,8 +84,8 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rivo/uniseg v0.4.3 h1:utMvzDsuh3suAEnhH0RdHmoPbU648o6CvXxTx4SBMOw= -github.com/rivo/uniseg v0.4.3/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= +github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8= github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4= diff --git a/utils/archiveutils.go b/utils/archiveutils.go index 63f31c302..b4489dd59 100644 --- a/utils/archiveutils.go +++ b/utils/archiveutils.go @@ -17,16 +17,15 @@ import ( // bypassInspection - Set to true to bypass archive inspection against ZipSlip // Extract an archive file to the 'localPath'. func ExtractArchive(localPath, localFileName, originFileName, logMsgPrefix string, bypassInspection bool) error { - unarchiver := &unarchive.Unarchiver{ - BypassInspection: bypassInspection, - } - if !unarchiver.IsSupportedArchive(originFileName) { + if !unarchive.IsSupportedArchive(originFileName) { return nil } + extractionPath, err := getExtractionPath(localPath) if err != nil { return err } + var archivePath string if !strings.HasPrefix(localFileName, localPath) { archivePath = filepath.Join(localPath, localFileName) @@ -37,11 +36,17 @@ func ExtractArchive(localPath, localFileName, originFileName, logMsgPrefix strin if err != nil { return err } + err = os.MkdirAll(extractionPath, 0755) if errorutils.CheckError(err) != nil { return err } + log.Info(logMsgPrefix+"Extracting archive:", archivePath, "to", extractionPath) + + unarchiver := &unarchive.Unarchiver{ + BypassInspection: bypassInspection, + } return errorutils.CheckError(extract(archivePath, originFileName, extractionPath, unarchiver)) }