Bump securetar from 2024.11.0 to 2025.1.2

[dependabot]

Bumps securetar from 2024.11.0 to 2025.1.2.

Release notes

Sourced from securetar's releases.

2025.1.2

What's Changed

• Bump version to 2025.1.2 (#77) @​agners
• Validate inner tar when decrypting (#75) @​emontnemery
• Correct read of tail in DecryptInnerTar (#76) @​emontnemery
• Improve tests (#74) @​emontnemery
• Correct ciphertext size calculation in DecryptInnerTar (#73) @​emontnemery

2025.1.1

[!NOTE]
This version has a breaking change in the atomic_contents_add() API. Instead of a list a filter function is now expected.

What's Changed

• Bump version to 2025.1.1 (#72) @​agners
• Modify atomic_contents_add to accept a filter function (#71) @​emontnemery

2025.1.0

[!NOTE]
This version has a slightly different handling of padding for encrypted tar files. For inner encrypted tar files, a PAX header _securetar.version with value 2.0 is added to indicate the new format. The library itself is backwards compatible since Python tarfile is not checking gzip footer and/or does not read past the tar end-of-file marker.

What's Changed

• Bump version to 2025.1.0 (#70) @​agners
• Add header with securetar version (#69) @​emontnemery
• Store size of plaintext as custom header (#67) @​emontnemery
• Update typing of SecureTarFile construct to allow None name (#68) @​emontnemery
• Fix mistake in test (#66) @​emontnemery
• Add decryption helper (#65) @​emontnemery
• Bump pytest from 8.3.3 to 8.3.4 (#63) @​dependabot
• Improve padding when writing encrypted tar (#64) @​emontnemery

Commits

• c9f0970 Merge pull request #77 from pvizeli/bump-version-to-2025.1.2
• 672b197 Bump version to 2025.1.2
• 03bcfad Merge pull request #75 from emontnemery/validate_inner_tar
• 300b197 Merge branch 'main' into validate_inner_tar
• 279ba59 Merge pull request #76 from emontnemery/fix_decrypt_2
• c5c08ee Correct read of tail in DecryptInnerTar
• b328f6e Update test
• 58b7d2c Format code
• 7acf09e Refactor
• d98e112 Add custom exception
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #5553.