b0f3957320
Merge upstream
2024-02-14 00:18:03 +01:00
0fd4443db7
build: Revert publishing on Jitpack
2024-02-14 00:08:44 +01:00
3bb7888eb4
build: version bump (2.9.3)
2024-01-20 06:41:07 -05:00
bd82a53663
test: run path traversal test on Windows
2024-01-20 06:37:17 -05:00
1b1c7f8f50
fix: tighten up detectPossibleDirectoryTraversal for Windows
2024-01-20 06:37:12 -05:00
841db5061a
build: version bump (2.9.2)
2024-01-05 06:29:04 -05:00
f56de45f38
build: start new dev cycle (2.9.2-SNAPSHOT)
2024-01-05 06:28:51 -05:00
93e7d6bdbf
Prevent arbitrary file writes with malicious resource names. ( #3484 )
...
* refactor: rename sanitize function
* fix: expose getDir
* fix: safe handling of untrusted resource names
- fixes: GHSA-2hqv-2xv4-5h5w
* test: sample file for GHSA-2hqv-2xv4-5h5w
* refactor: avoid detection of absolute files for resource check
* chore: enable info mode on gradle
* test: skip test on windows
* chore: debug windows handling
* fix: normalize entry with file separators
* fix: normalize filepath after cleansing
* chore: Android paths are not OS specific
* refactor: use java.nio for path traversal checking
* chore: align path separator on Windows for Zip files
* chore: rework towards basic directory traversal
* chore: remove '--info' on build.yml
2024-01-05 06:28:07 -05:00
077b2009da
build: version bump (2.9.1)
2023-12-05 18:26:28 -05:00
98b34fdd03
build(deps): bump actions/setup-java from 3 to 4 ( #3454 )
...
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-java/releases )
- [Commits](https://github.com/actions/setup-java/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-04 06:08:40 -05:00
aa3bd84ceb
build(deps): bump commons-io:commons-io from 2.15.0 to 2.15.1 ( #3453 )
...
Bumps commons-io:commons-io from 2.15.0 to 2.15.1.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-04 06:07:01 -05:00
a375717ade
fix: support alignment towards resTable_entry start ( #3452 )
2023-12-04 05:58:27 -05:00
bea15e6f12
build(deps): bump gradle/gradle-build-action from 2.9.0 to 2.10.0 ( #3445 )
...
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.9.0...v2.10.0 )
---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-27 06:17:49 -05:00
2911342f39
build(deps): bump com.guardsquare:proguard-gradle from 7.4.0 to 7.4.1 ( #3444 )
...
Bumps [com.guardsquare:proguard-gradle](https://github.com/Guardsquare/proguard ) from 7.4.0 to 7.4.1.
- [Release notes](https://github.com/Guardsquare/proguard/releases )
- [Commits](https://github.com/Guardsquare/proguard/compare/v7.4...v7.4.1 )
---
updated-dependencies:
- dependency-name: com.guardsquare:proguard-gradle
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-27 06:13:39 -05:00
7047172d5e
build(deps): bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 ( #3443 )
...
Bumps org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0.
---
updated-dependencies:
- dependency-name: org.apache.commons:commons-lang3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-27 06:02:29 -05:00
72d0bc164d
#3427 - Treat manifest warnings as warnings ( #3429 )
...
* feat: treat warnings as warnings during aapt2 build
* test: add invalid fragment to manifest to confirm warning
2023-11-16 06:45:38 -05:00
bf1041e4fb
test: add test case for android:isAccessibilityTool ( #3426 )
...
* test: add test case for android:isAccessibilityTool
* test: augment tests for accessibility service extension
2023-11-16 05:58:38 -05:00
4441648192
build: remove docker ( #3423 )
2023-11-08 06:44:46 -05:00
9e9079d30f
build: patch aapt2 to ignore private resources (unix/win) ( #3396 )
...
* build: patch aapt2 to ignore private resources (unix/win)
* build: patch aapt2 private resources (mac)
2023-11-08 06:30:13 -05:00
eec0288e69
Adapt null resource to be treated as reference instead of empty string. ( #3417 )
...
* fix: handle null resolved items as references
* test: add color null test for aapt2
2023-11-03 06:40:32 -04:00
fc4a59fb33
Merge branch 'upstream'
2023-11-03 00:16:28 +01:00
63b1976448
build(deps): bump org.apache.commons:commons-text from 1.10.0 to 1.11.0 ( #3414 )
...
Bumps org.apache.commons:commons-text from 1.10.0 to 1.11.0.
---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 20:28:50 -04:00
750fdf37ca
build(deps): bump commons-cli:commons-cli from 1.5.0 to 1.6.0 ( #3413 )
...
Bumps commons-cli:commons-cli from 1.5.0 to 1.6.0.
---
updated-dependencies:
- dependency-name: commons-cli:commons-cli
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 20:16:25 -04:00
b3453bdf9c
build(deps): bump commons-io:commons-io from 2.14.0 to 2.15.0 ( #3412 )
...
Bumps commons-io:commons-io from 2.14.0 to 2.15.0.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 20:05:35 -04:00
01c949a8ff
Update Docker build instructions after #3363 ( #3407 )
2023-10-21 08:57:57 -04:00
247735c434
feat: de-dupe attribute names during styles writing ( #3404 )
2023-10-16 07:15:34 -04:00
03fa70bd2a
build: docker fixes ( #3378 )
...
* build: shorten tags on docker push
* build: only deploy on commits to master
2023-10-16 06:58:05 -04:00
34a6970852
build: test on lts versions (including 21) ( #3381 )
...
* build: test on lts versions
* build: upgrade to proguard 7.4.0
2023-10-14 06:52:52 -04:00
e2a5742b18
use apiLevel instead of forceApi when building the apk ( #3399 )
2023-10-11 19:44:00 -04:00
199780103c
refactor: support current position during chunk verbose output ( #3395 )
2023-10-10 21:23:05 -04:00
29b8430b00
build(deps): bump docker/setup-buildx-action from 2 to 3 ( #3386 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 06:22:37 -04:00
81db0427be
build(deps): bump docker/login-action from 2 to 3 ( #3385 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 06:07:24 -04:00
db4e62813d
build(deps): bump docker/build-push-action from 4 to 5 ( #3384 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 05:47:55 -04:00
c68c74f7d4
build: Publish on Jitpack
2023-10-09 05:15:46 +02:00
525c0125a3
feat: Upgrade gradle to v8.4 ( #3376 )
2023-10-08 14:59:26 -04:00
35e23a9ad7
Merge branch 'upstream'
...
# Conflicts:
# brut.apktool/apktool-lib/build.gradle.kts
# build.gradle.kts
2023-10-08 20:42:48 +02:00
d2599874d8
build: start new dev cycle (2.9.1-SNAPSHOT)
2023-10-08 14:10:20 -04:00
b64e257c9b
build: version bump (2.9.0)
2023-10-08 09:40:30 -04:00
6794f54aa0
build: rename 2.8.2 to 2.9.0
2023-10-08 09:40:15 -04:00
ef268f2d26
build: restore aapt1 miui qualifiers + static ( #3379 )
...
* build: restore aapt1 miui qualifiers (mac)
* build: restore aapt1 miui qualifiers (unix/win)
2023-10-08 08:04:35 -04:00
7fe58ca0c2
Android 14 - Support for Grammatical Inflection ( #3374 )
...
* build: update aapt/aapt2 with win/linux binaries
* docs: add note for specific aapt tag
* test: test for grammatical inflection
* build: update aapt/aapt2 with mac binaries
* build: update aapt/aapt2 with mac binaries (static libstl)
2023-10-08 06:38:10 -04:00
01cf954c23
Update Windows helper script to handle /c properly. ( #2973 )
2023-10-06 07:22:31 -04:00
959b6de063
fix: support COMPACT/OFFSET16 packed resources. ( #3372 )
...
* fix: support COMPACT/OFFSET16
* fix: properly read specNamesId from compact resources
* fix: properly read OFFSET16 in entries
* test: add assertions for compact/offset16 sample
* refactor: extract flags out of private functions
2023-10-06 07:22:02 -04:00
616539f24b
refactor: hard-code IMAGE_NAME, add some spaces ( #3371 )
2023-10-04 20:52:37 -04:00
679c133d21
feat: make aapt2 default ( #3370 )
2023-10-04 20:52:28 -04:00
cc5a8bad17
Added support for PR builds on master ( #3363 )
...
* added support for PR builds on master
* add linefeed to .dockerignore
* single dockerfile
* fix dockerfile ref
* update for java 17 lts
2023-10-04 20:14:56 -04:00
bc7394080d
Android 14 Support (Partial) ( #3206 )
...
* fix: prevent over-reading config flags
* feat: add grammatical inflection
* fix: add natural requirement for U
* fix: UpsideDownCake is now 34
* test: test for grammatical inflection
* fix: add detection for compact resources
* fix: add detection for offset16 table types
* Revert "test: test for grammatical inflection"
This reverts commit fa08cef9fe6d436176f74152d85a652a771971ad.
* refactor: use enum instead of magic numbers
2023-10-04 20:13:58 -04:00
91a5863f16
build: update aapt/aapt2 with win/linux binaries ( #3360 )
...
* build: update aapt/aapt2 with win/linux binaries
* build: update aapt/aapt2 with mac binaries
2023-10-04 19:03:12 -04:00
448440b528
Added auto-build of docker image ( #3361 )
...
* added auto-build of docker image
* updated instructions
* add tag image
* clear refs/tags
* dockerfile updates
* build: adjust workflow to remove qemu and collision on github_*
---------
Co-authored-by: Connor Tumbleson <iBotPeaches@users.noreply.github.com>
2023-10-03 06:22:31 -04:00
45d0a00088
Add Docker support ( #3351 )
...
* add Docker image
* use latest version in Docker image
* Dockerfile optimizations from PR feedback
2023-10-02 06:47:40 -04:00
oSumAtrIX
Connor Tumbleson
Connor Tumbleson
dependabot[bot]
Andrew Szeto
Josh Miers
ArjunaKumarMohanta
maksz42
Ben Curtis
Ben Curtis