Workflow

Debloat

Latest version: v1.6.2

Safety actively analyzes 714875 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 3 of 5

1.5.3.4

- NSIS Parser improvements
- Additional use cases for NSIS were identified and tested. These identified additional bugs which are fixed in this version. These use cases were added and tested:
- bzip2_liquid
- bzip2_solid
- lzma_liquid
- lzma_solid
- zlib_liquid
- zlib_solid

1.5.3.3

- Modified NSIS Parser significantly.
- Two use cases were identified where the parser were not working adequately. This resulted in identifying two logic bugs which resulted in fixing one and a large rewrite of some portions of the NSIS Parser. Rewrite was done by Huettenhain (https://github.com/huettenhain) for the original project of the NSIS Parser (https://github.com/binref/refinery) and then was incorporated into Debloat by me (Squiblydoo).
- Removed some code that was unused.

1.5.3.2

- Fixed a bug with the RSRC trimming
- These were some long standing issues:
- The default threshold and default size_limit were brought into conformance with Refinery Trim
- With the previously high threshold, it could result in problems from removing the entire resource.
- I also reverted the compression method in this section. The one used elsewhere was found not to be compatible with this part of the processing.

1.5.3.1

- Fixed NSIS extractor bug.
- Bug was caused due to the failure of adding some bytes when iterating through NSIS entries.
- Bug was caused by a missing variable.
- Updated the imports for nsisParser and readers
- (Somehow?) It was working without these needing to be explicitly mentioned, but it has been updated for completeness.

1.5.3

- Fixed alignment bug
- There was a bug where I was subtracting instead of adding bytes to fix alignment. It now adds instead of subtracts.
- Polished the trim
- The "find_chunk_start" method had some unclear logic, that has been improved.
- Instead of trying to remove all junk, the method now returns all bytes if the full regex was unable to match.
- So, if the step is 1000 or 2000 bytes and not all of them are junk, it will leave all 1000
- The logic is that they aren't really hurting anything by being here, and it is better to leave them than accidentally remove them.

1.5.2

- Merged Optimization changes
- Changes primarily related to the trim_junk function
- Primary changes reduced the active memory cost
- No changes in the functionality were made in this release.

Page 3 of 5

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.