dataforge/fn_registry
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

feat: funciones Python infra y tipos Python (core, datascience, infra)

Browse Source 
Infra: cache_to_file, cache_to_sqlite, http_download_file, http_get_json,
http_post_json, read_file_with_encoding, safe_extract_zip, scan_directory,
setup_logger, normalize_zip_filenames.
Tipos: 30+ tipos core (agent_action, context, task, message, parse_result...),
6 tipos datascience (entity_candidate, extraction_result...), 2 tipos infra.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Egutierrez
2026-04-05 17:11:43 +02:00
parent 63a9cb5273
commit 9fd0ca9cac
110 changed files with 5714 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
python/functions/infra/safe_extract_zip.md
+46
View File
@@ -0,0 +1,46 @@
---
name: safe_extract_zip
kind: function
lang: py
domain: infra
version: "1.0.0"
purity: impure
signature: "def safe_extract_zip(zip_path: str, dest_dir: str) -> None"
description: "Extrae un archivo ZIP con proteccion contra Zip Slip (path traversal attack). Valida que cada archivo extraido quede dentro del directorio destino antes de extraerlo. Normaliza nombres de archivo UTF-8 antes de extraer."
tags: [zip, extract, security, zip-slip, path-traversal, infra, io]
uses_functions: [normalize_zip_filenames_py_infra]
uses_types: []
returns: []
returns_optional: false
error_type: "error_go_core"
imports: [os, zipfile, pathlib]
tested: true
tests:
- "ZIP normal extrae correctamente dentro del destino"
- "ZIP con path traversal lanza ValueError"
- "ZIP con paths absolutos lanza ValueError"
test_file_path: "python/functions/infra/safe_extract_zip_test.py"
file_path: "python/functions/infra/safe_extract_zip.py"
---
## Ejemplo
```python
from safe_extract_zip import safe_extract_zip
# Extraccion segura
try:
safe_extract_zip("archive.zip", "/tmp/output")
except ValueError as e:
print(f"Zip Slip bloqueado: {e}")
except zipfile.BadZipFile:
print("Archivo ZIP invalido")
```
## Notas
Funcion impura: escribe archivos en disco.
La proteccion contra Zip Slip consiste en resolver el path absoluto de cada miembro antes de extraerlo y verificar que empiece con `str(dest_dir) + os.sep`. Esto bloquea tanto `../../etc/passwd` como `/etc/passwd`.
La normalizacion de nombres UTF-8 se delega a `normalize_zip_filenames` y se ejecuta antes de la validacion de paths.