Skip to content

build(deps): update dependency fluentftp to v54#466

Merged
BrycensRanch merged 1 commit intodevelopfrom
dep/fluentftp-54.x
Mar 22, 2026
Merged

build(deps): update dependency fluentftp to v54#466
BrycensRanch merged 1 commit intodevelopfrom
dep/fluentftp-54.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate bot commented Mar 22, 2026

This PR contains the following updates:

Package Change Age Confidence
FluentFTP 53.0.254.0.2 age confidence

Release Notes

robinrodricks/FluentFTP (FluentFTP)

v54.0.2

  • High severity security fixes
    • CVE (unassigned) for CRLF vulnerability (credits to Pramod Kumar)
    • URL-encoded, directory traversal, path confusion and Unicode-spoofing vulnerabilities (credits to Robin Rodricks)
  • FTP Protocol
    • New: Secure FTP path sanitizer to protect against FTP command injection, traversal, encoding bypasses, and parser confusion attacks
    • Security: Major changes to FTP path handling, many new restrictions are introduced (check FluentFTP Wiki -> Security page), and while this may break complex file or directory paths, it is required for the security of your application
    • Security: FTP command sanitization implemented in Execute API
    • Security: FTP path sanitization implemented in all major API: CreateDirectory, DeleteDirectory, DeleteFile, DirectoryExists, DownloadBytes, DownloadDirectory, DownloadFile, DownloadStream, EmptyDirectory, FileExists, GetChecksum, GetFilePermissions, GetFileSize, GetListing, GetModifiedTime, GetNameListing, GetObjectInfo, MoveDirectory, MoveFile, OpenAppend, OpenRead, OpenWrite, Rename, SetFilePermissions, SetModifiedTime, SetWorkingDirectory, TransferDirectory, TransferFile, UploadBytes, UploadDirectory, UploadFiles, UploadStream, CompareFile
  • Code cleanup
    • Change: Renamed primary overload of GetFtpPath to SanitizeFtpPath to better convey its intended function
    • Change: Renamed secondary overload of GetFtpPath to AppendFtpPath to better convey its intended function

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - "before 8am every weekday" in timezone America/New_York.

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Bumping application dependencies label Mar 22, 2026
@github-actions github-actions bot added the Core Related to SnapX.Core label Mar 22, 2026
@BrycensRanch BrycensRanch merged commit 4634325 into develop Mar 22, 2026
28 checks passed
@renovate renovate bot deleted the dep/fluentftp-54.x branch March 22, 2026 22:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BrycensRanch BrycensRanch BrycensRanch approved these changes

Assignees

No one assigned

Labels

Core Related to SnapX.Core dependencies Bumping application dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BrycensRanch