Add test suite, security hardening, bug fixes, and decorator migration

[marloson]

Summary

• pytest infrastructure: Add pytest.ini, requirements-dev.txt, and tests/conftest.py with Context singleton isolation fixture and --update-golden option
• Unit tests (29 tests): Cover plugin_loader, context, ilapfuncs, and search_files
• Artifact integration tests (76 parametrized tests): Run real artifact plugins against test data ZIPs with golden file regression detection
• CI workflow: .github/workflows/run_tests.yml with separate jobs for unit and artifact tests on Python 3.12
• Security: path traversal fix (search_files.py): Add _is_safe_path() containment check to FileSeekerTar and FileSeekerZip to prevent zip slip / tar slip attacks on malicious archives
• Security: SQL injection fixes: Parameterize queries in does_column_exist_in_db, does_table_exist_in_db (ilapfuncs.py), lava_get_media_item, lava_get_media_references (lavafuncs.py), pingertextfree.py, googleChat.py, tikTok.py
• Bug fixes: TSV export escapechar error ([Bug] systemVersionPlist.py crashes with TypeError due to incorrect variable assignment #1390), Chrome autofill column check ([Bug] sqlite3.ProgrammingError in mailprotect.py during iOS < 13 artifact parsing #1386), cashApp date format crash (Discord manifest script appends all found manifest files instead of only the Discord one #1340), Discord attachment column mismatch (bug: headers in ProcessedFilesLog.html #1264), Viber duplicate name error (Bug: get_data_list_with_media crashes on invalid media IDs #1237)
• Plugin migration: Migrate all 75 legacy __artifacts__ (v1) plugins to __artifacts_v2__ format
• Decorator migration: Migrate 45 plugins to @artifact_processor decorator, removing ~830 lines of boilerplate (229/281 = 81.5% decorated)
• CLAUDE.md: Add pre-commit checklist and common pitfalls

Net result: 193 files changed, +22,296 / -2,898 lines

Commits

1. 6af146f6 — Fix mypy type errors and add mypy configuration
2. 6b009b4f — Add test suite and appleNotes artifact plugin
3. 0cb8e3d1 — Add GitHub Actions CI workflow for unit and artifact tests
4. 927e0d1a — Prevent path traversal in zip and tar file extraction
5. f29b6fa1 — Add pre-commit checklist and common pitfalls to CLAUDE.md
6. 62431362 — Fix TSV export escapechar error and Chrome autofill column check
7. 08890d7f — Parameterize SQL queries to prevent injection
8. dee456de — Migrate all 75 legacy plugins from __artifacts__ to __artifacts_v2__
9. 8d25df39 — Resolve 5 open bugs ([Bug] systemVersionPlist.py crashes with TypeError due to incorrect variable assignment #1390, [Bug] sqlite3.ProgrammingError in mailprotect.py during iOS < 13 artifact parsing #1386, Discord manifest script appends all found manifest files instead of only the Discord one #1340, bug: headers in ProcessedFilesLog.html #1264, Bug: get_data_list_with_media crashes on invalid media IDs #1237)
10. c630d421 — Migrate 45 artifact plugins to @artifact_processor decorator

Test plan

• PYTHONPATH=. pytest tests/unit/ -v -m unit — 29 passed
• PYTHONPATH=. pytest tests/artifacts/ -v -m artifact — 74 passed, 2 skipped
• PYTHONPATH=. pylint scripts/ --disable=C,R --exit-zero — no errors on migrated files
• Path traversal: _is_safe_path() rejects ../ entries in both zip and tar seekers
• SQL injection: All f-string interpolations replaced with ? params or whitelist validation
• v1→v2 migration: grep -r '__artifacts__ =' scripts/artifacts/ returns 0 matches
• Manual smoke test with a real iOS extraction to verify report output

[marloson]

Hi @abrignoni — wanted to flag a few things for easier review:

Bug fixes included — in addition to the test suite and plugin migration, the most recent commit (b3f5e4a) addresses 5 open issues:

• [Bug] systemVersionPlist.py crashes with TypeError due to incorrect variable assignment #1390 — systemVersionPlist.py: was assigning the function object instead of calling it for the plist path
• • [Bug] sqlite3.ProgrammingError in mailprotect.py during iOS < 13 artifact parsing #1386 — mailprotect.py: redundant db.close() inside context manager causing double-close
• • Discord manifest script appends all found manifest files instead of only the Discord one #1340 — discordManifest.py: was pulling in all apps' manifests, not just Discord's container
• • bug: headers in ProcessedFilesLog.html #1264 — ileapp.py: <h2> headings in ProcessedFilesLog, renamed "module" → "artifact"
• • Bug: get_data_list_with_media crashes on invalid media IDs #1237 — ilapfuncs.py / lavafuncs.py: defensive error handling for invalid media reference IDs + parameterized SQL in lava_get_full_media_info()
    CI workflow — the run_tests.yml workflow is currently awaiting maintainer approval to run. If you're able to approve it, the unit tests (29 tests) and artifact integration tests (74 passing, 2 skipped) should give you a green signal on the test suite.

Scope note — I understand this is a large PR (+21k lines, mostly the v1→v2 plugin migration). Happy to split it into smaller focused PRs if that would make review easier — e.g., security fixes + bug fixes in one PR, test suite in another, and the v1→v2 migration separately. Just let me know what works best.

[stark4n6]

@marloson it might be good to chunk these PRs out to separate ones just from a size perspective for reviewing

[marloson]

Thanks @stark4n6 — totally agree, this grew larger than ideal. Happy to split it out. Here's what I'm thinking for the breakdown:

1. Security + bug fixes — path traversal fix, SQL injection hardening, and the 5 open bug resolutions ([Bug] systemVersionPlist.py crashes with TypeError due to incorrect variable assignment #1390, [Bug] sqlite3.ProgrammingError in mailprotect.py during iOS < 13 artifact parsing #1386, Discord manifest script appends all found manifest files instead of only the Discord one #1340, bug: headers in ProcessedFilesLog.html #1264, Bug: get_data_list_with_media crashes on invalid media IDs #1237). Small, self-contained, high value.
2. 2. Test suite + CI — pytest infrastructure, unit tests, artifact integration tests, and the GitHub Actions workflow.
3. 3. v1→v2 plugin migration — the 75 legacy __artifacts__ → __artifacts_v2__ conversions. Mechanical but large.
4. 4. Decorator migration — the 45 plugins migrated to @artifact_processor.
      Let me know if you'd prefer a different grouping, or if there's a particular chunk you'd want to see first. I'll close this PR and open the focused ones once I hear back.

[stark4n6]

@marloson I think these 4 steps work, if you can do them in 4 PRs. We can take them in whatever order is easiest

[JamesHabben]

Overall this is way too much. Even many of the commits are going after too many things. Impossible to review this.

We would love to get the artifact modules up to the v2, but we have found that many are not as simple to update. They've needed some careful handling and adjustment. Plus there are quite a few PR currently open that are addressing this. I hope you've reviewed those and not stepped on top.

Also, there is a doc that describes the general flow of updates we are looking for. For one thing, we are deprecating the multi-parameter function and moving all to the single parameter with context. I saw many here updating to the multi.

The test suite needs to be reviewed further. I've already built and documented most of the artifact integration tests and this looks to be reinventing that. I ran into lots of bumps on that road and had to adjust it in a bunch of ways. I saw that you are using the test data being generated but didn't consider the test code already written.

The golden image is not yet built into that, but it's a goal once we have comfort in the tests. That said, we need to build these gold images carefully. I have found parsing errors in modules when building those result files that are currently in place, and I've had to modify the module to fix issues. We do not want to assume that current state of any module is ready for gold images.

[marloson]

Thanks @JamesHabben and @stark4n6 for the thorough feedback — completely agree this PR grew too large. Closing this and will reopen as 4 focused PRs in the order that makes most sense for review:

1. Security + bug fixes — path traversal fix, SQL injection hardening, and the 5 open bug resolutions ([Bug] systemVersionPlist.py crashes with TypeError due to incorrect variable assignment #1390, [Bug] sqlite3.ProgrammingError in mailprotect.py during iOS < 13 artifact parsing #1386, Discord manifest script appends all found manifest files instead of only the Discord one #1340, bug: headers in ProcessedFilesLog.html #1264, Bug: get_data_list_with_media crashes on invalid media IDs #1237)
2. 2. Test suite + CI — pytest infrastructure, unit tests, and GitHub Actions workflow
3. 3. v1→v2 plugin migration — the 75 legacy __artifacts__ → __artifacts_v2__ conversions
4. 4. Decorator migration — the 45 plugins migrated to @artifact_processor
      I'll review the existing test code and open PRs before opening any of these to avoid stepping on in-progress work. Thanks again for the guidance.