Skip to content

Commit 79e63e5

Browse files
encukouencukou
authored
[3.8] gh-102950: Implement PEP 706 – Filter for tarfile.extractall (GH-102953) (#104548)
Backport of c8c3956
1 parent 3205d1f commit 79e63e5

File tree

8 files changed

+1777
-78
lines changed

8 files changed

+1777
-78
lines changed

Doc/library/shutil.rst

Lines changed: 27 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -640,7 +640,7 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules.
640640
Remove the archive format *name* from the list of supported formats.
641641

642642

643-
.. function:: unpack_archive(filename[, extract_dir[, format]])
643+
.. function:: unpack_archive(filename[, extract_dir[, format[, filter]]])
644644

645645
Unpack an archive. *filename* is the full path of the archive.
646646

@@ -654,11 +654,29 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules.
654654
registered for that extension. In case none is found,
655655
a :exc:`ValueError` is raised.
656656

657+
The keyword-only *filter* argument, which was added in Python 3.8.17,
658+
is passed to the underlying unpacking function.
659+
For zip files, *filter* is not accepted.
660+
For tar files, it is recommended to set it to ``'data'``,
661+
unless using features specific to tar and UNIX-like filesystems.
662+
(See :ref:`tarfile-extraction-filter` for details.)
663+
The ``'data'`` filter will become the default for tar files
664+
in Python 3.14.
665+
657666
.. audit-event:: shutil.unpack_archive filename,extract_dir,format shutil.unpack_archive
658667

668+
.. warning::
669+
670+
Never extract archives from untrusted sources without prior inspection.
671+
It is possible that files are created outside of the path specified in
672+
the *extract_dir* argument, e.g. members that have absolute filenames
673+
starting with "/" or filenames with two dots "..".
674+
659675
.. versionchanged:: 3.7
660676
Accepts a :term:`path-like object` for *filename* and *extract_dir*.
661677

678+
.. versionchanged:: 3.8.17
679+
Added the *filter* argument.
662680

663681
.. function:: register_unpack_format(name, extensions, function[, extra_args[, description]])
664682

@@ -667,11 +685,14 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules.
667685
``.zip`` for Zip files.
668686

669687
*function* is the callable that will be used to unpack archives. The
670-
callable will receive the path of the archive, followed by the directory
671-
the archive must be extracted to.
672-
673-
When provided, *extra_args* is a sequence of ``(name, value)`` tuples that
674-
will be passed as keywords arguments to the callable.
688+
callable will receive:
689+
690+
- the path of the archive, as a positional argument;
691+
- the directory the archive must be extracted to, as a positional argument;
692+
- possibly a *filter* keyword argument, if it was given to
693+
:func:`unpack_archive`;
694+
- additional keyword arguments, specified by *extra_args* as a sequence
695+
of ``(name, value)`` tuples.
675696

676697
*description* can be provided to describe the format, and will be returned
677698
by the :func:`get_unpack_formats` function.

0 commit comments

Comments
 (0)