You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
v3.0.1
Security
Path traversal protection for archive extraction (tar-slip/zip-slip) — Added new centralized msticpy.common.archive_utils module that validates archive member paths before extraction, preventing malicious archives from writing files outside the intended directory. Applied to GeoIP database extraction (tar), Mordor dataset extraction (zip), and Sentinel query pack downloads (zip). (#889)
Bug Fixes
NumPy 2.4 compatibility — Regenerated 23 pickle test/data files to eliminate VisibleDeprecationWarning from NumPy 2.4+ caused by legacy align=0 dtype parameters. (#890)
IPython version constraint by Python version — Split IPython requirement to >=8.39.0 for Python 3.10 and >=9.13.0 for Python 3.11+, since IPython 9.x dropped Python 3.10 support. (#890)
Dependency Updates
Runtime
Package
Old
New
azure-kusto-data
>=4.4.0, <7.0.0
>=6.0.3, <7.0.0
ipython
>=7.23.1
>=8.39.0 (py3.10) / >=9.13.0 (py3.11+)
msal-extensions
>=0.3.0
>=1.3.1
nest-asyncio
>=1.4.0
>=1.6.0
packaging
>=24.0
>=26.2
pygments
>=2.0.0
>=2.20.0
requests
>=2.31.0
>=2.33.1
typing-extensions
>=4.2.0
>=4.15.0
urllib3
>=1.23
>=2.6.3
Development / CI
Package
Old
New
aiohttp
>=3.7.4
>=3.13.5
bandit
>=1.7.0
>=1.9.4
coverage
>=5.5
>=7.13.5
ruff
>=0.6.6
>=0.15.12
sphinx-rtd-theme
>=1.0.0
>=3.1.0
Internal
Applied Ruff 0.15.12 formatting to Sentinel provider modules, Azure Monitor driver, Cybereason driver, and outliers module (whitespace/style only).
