v3.0.1
Security
- Path traversal protection for archive extraction (tar-slip/zip-slip) — Added new centralized
msticpy.common.archive_utilsmodule that validates archive member paths before extraction, preventing malicious archives from writing files outside the intended directory. Applied to GeoIP database extraction (tar), Mordor dataset extraction (zip), and Sentinel query pack downloads (zip). (#889)
Bug Fixes
- NumPy 2.4 compatibility — Regenerated 23 pickle test/data files to eliminate
VisibleDeprecationWarningfrom NumPy 2.4+ caused by legacyalign=0dtype parameters. (#890) - IPython version constraint by Python version — Split IPython requirement to
>=8.39.0for Python 3.10 and>=9.13.0for Python 3.11+, since IPython 9.x dropped Python 3.10 support. (#890)
Dependency Updates
Runtime
| Package | Old | New |
|---|---|---|
azure-kusto-data
| >=4.4.0, <7.0.0
| >=6.0.3, <7.0.0
|
ipython
| >=7.23.1
| >=8.39.0 (py3.10) / >=9.13.0 (py3.11+)
|
msal-extensions
| >=0.3.0
| >=1.3.1
|
nest-asyncio
| >=1.4.0
| >=1.6.0
|
packaging
| >=24.0
| >=26.2
|
pygments
| >=2.0.0
| >=2.20.0
|
requests
| >=2.31.0
| >=2.33.1
|
typing-extensions
| >=4.2.0
| >=4.15.0
|
urllib3
| >=1.23
| >=2.6.3
|
Development / CI
| Package | Old | New |
|---|---|---|
aiohttp
| >=3.7.4
| >=3.13.5
|
bandit
| >=1.7.0
| >=1.9.4
|
coverage
| >=5.5
| >=7.13.5
|
ruff
| >=0.6.6
| >=0.15.12
|
sphinx-rtd-theme
| >=1.0.0
| >=3.1.0
|
Internal
- Applied Ruff 0.15.12 formatting to Sentinel provider modules, Azure Monitor driver, Cybereason driver, and outliers module (whitespace/style only).