fix(backend): enable 7z archives on unix

[risu729]

Summary

• migrate direct 7z handling from sevenz-rust to sevenz-rust2
• enable .7z extraction and strip-component probing on Unix as well as Windows
• update tool-stub docs and add a focused 7z extraction test

Why

The old sevenz-rust crate points to the dyz1990/sevenz-rust GitHub repo, which no longer resolves via GitHub and appears to have been deleted or made private. It is also no longer maintained.

sevenz-rust2 is the maintained fork/replacement, with the active library repository at hasenbanck/sevenz-rust2. ubi already brings sevenz-rust2 into the dependency graph.

This keeps the direct dependency on sevenz-rust2 = "0.20" because 0.21.0 currently requires Rust 1.93 while this crate declares rust-version = "1.91".

Aqua supports .7z archives on Unix, so there is no need to keep the Windows-only guard around extraction or auto strip_components probing.

Library links

• Old crate: sevenz-rust
• Old repo: dyz1990/sevenz-rust
• New crate: sevenz-rust2
• New repo: hasenbanck/sevenz-rust2

Validation

• mise x cargo -- cargo check
• mise x cargo -- cargo test file::tests::test_extract_archive_7z -- --exact --test-threads=1
• mise x cargo -- cargo fmt --check

Note: a broader mise x cargo -- cargo test file::tests run was not useful because Cargo's substring filter also matched unrelated config::env_directive::file::tests; one unrelated global-state panic poisoned later tests.

Summary by CodeRabbit

• New Features
  • Added cross-platform support for extracting .7z archives (previously Windows-only).
• Bug Fixes
  • Improved .7z extraction path handling, including backslash-style entry names.
  • Safer extraction: rejects archive entries that attempt directory traversal or use absolute target paths.
  • Refined strip_components behavior for single-directory archives and made .7z inspection work consistently across platforms.
• Documentation
  • Updated developer docs to reflect that .7z is no longer Windows-only.
• Tests
  • Added unit tests covering .7z inspection, extraction, strip_components, and negative traversal cases.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 6f7434dd-6957-4149-b8c0-c7a9a7212c71

📥 Commits

Reviewing files that changed from the base of the PR and between c36db68 and db572c0.

📒 Files selected for processing (1)

• src/file.rs

🚧 Files skipped from review as they are similar to previous changes (1)

• src/file.rs

---

📝 Walkthrough

Walkthrough

Replaces the sevenz-rust crate (0.6) with sevenz-rust2 (0.20), removing #[cfg(windows)] guards from un7z and inspect_7z_contents so .7z extraction works on all platforms. The rewritten un7z uses sevenz_rust2::decompress_file_with_extract_fn with per-entry path sanitization that normalizes backslashes and rejects directory-traversal attempts. The can_probe_strip SevenZip/non-Windows guard in HttpBackend::extract_archive is removed. Documentation and comprehensive cross-platform tests are updated accordingly.

Changes

Cross-platform 7z extraction via sevenz-rust2

Layer / File(s)	Summary
Dependency swap and docs update Cargo.toml, docs/dev-tools/tool-stubs.md	Replaces sevenz-rust = "0.6" with sevenz-rust2 = "0.20" and removes the "Windows only" qualifier from the .7z archive format entry in docs.
Cross-platform un7z and inspect_7z_contents src/file.rs	un7z calls sevenz_rust2::decompress_file_with_extract_fn unconditionally with per-entry path sanitization (backslash normalization, traversal rejection); inspect_7z_contents uses sevenz_rust2::Archive::open unconditionally; extract_archive routes SevenZip format to un7z without Windows cfg guards; non-Windows error variants removed.
Remove SevenZip strip-components guard in HttpBackend src/backend/http.rs	Drops the can_probe_strip/SevenZip-on-non-Windows condition so the single-directory strip-components probe applies to .7z archives on all platforms.
Cross-platform test for 7z extraction src/file.rs	Adds test_extract_archive_7z which constructs .7z archives with sevenz_rust2, validates inspect_7z_contents and should_strip_components, extracts with and without strip_components: 1, asserts file contents, tests backslash path normalization (pkg\\tool), and validates rejection of traversal and absolute paths.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• jdx/mise#10275: Modifies SevenZip-specific strip_components logic in src/backend/http.rs, directly related to the can_probe_strip guard removal in this PR.
• jdx/mise#10274: Earlier extraction-helper hardening that overlaps with this PR's refactor of un7z and inspect_7z_contents in src/file.rs.
• jdx/mise#10224: Adjusts .7z handling for the aqua backend on Windows, complementary to this PR's cross-platform 7z extraction implementation.

Poem

🐰 A bunny on Linux once cried with a sigh,
"Why must my .7z be Windows-only? Why?"
Now sevenz-rust2 hops to every shore,
No #[cfg(windows)] gates anymore!
Extract on all platforms — hip hip hooray! 🎉

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 61.54% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(backend): enable 7z archives on unix' directly and accurately captures the main objective of the PR—enabling 7z archive support on Unix systems by migrating to the maintained sevenz-rust2 dependency.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR migrates 7z handling from the unmaintained sevenz-rust crate to the maintained sevenz-rust2 fork and enables .7z extraction and strip-component probing on all platforms (previously Windows-only).

• Adds sanitize_7z_entry_path which normalises Windows-style backslash separators and rejects path-traversal (..), absolute, and prefixed entry paths, addressing the two P1 findings raised in the previous review round.
• Removes the #[cfg(windows)] guards from un7z, inspect_7z_contents, and the can_probe_strip condition in http.rs, and adds a comprehensive test covering normal extraction, strip-components, backslash paths, path traversal, and absolute-path entries.

Confidence Score: 5/5

Safe to merge — both prior blocking findings are fully addressed by the new sanitize_7z_entry_path function, and the test suite validates all security-relevant cases.

The change is well-scoped: a library swap plus the removal of platform guards. sanitize_7z_entry_path correctly handles backslash normalisation, .. traversal, Unix absolute paths, and Windows-prefix paths. The test covers all four attack vectors and the strip-components happy path.

No files require special attention.

Important Files Changed

Filename	Overview
src/file.rs	Core extraction logic: adds sanitize_7z_entry_path to normalise backslash paths and block traversal; removes Windows-only guards from un7z and inspect_7z_contents; adds comprehensive test covering security and strip-components cases.
src/backend/http.rs	Removes the can_probe_strip Windows-only guard, enabling auto strip-components detection for 7z archives on all platforms; no logic changes otherwise.
Cargo.toml	Replaces sevenz-rust = "0.6" with sevenz-rust2 = "0.20", pinned below 0.21 due to MSRV constraint (Rust 1.93 required by 0.21 vs declared 1.91).
Cargo.lock	Lock file updated to reflect crate swap; old sevenz-rust and its transitive deps (bit-set 0.6, lzma-rust, nt-time, filetime_creation) removed, sevenz-rust2 deps added.
docs/dev-tools/tool-stubs.md	Doc-only update: removes "(Windows only)" qualifier from the .7z archive format entry.

_{Reviews (3): Last reviewed commit: "fix(backend): reject unsafe 7z entry pat..." | Re-trigger Greptile}