Validate encrypted tile payload bounds; add regression test and update docs by AEliu · Pull Request #13 · AEliu/ArtX

AEliu · 2026-04-21T07:23:53Z

Prevent malformed encrypted tile payloads from being silently accepted or causing subtle errors during tile download by adding defensive validation.
Keep documentation aligned with the current package layout and fix a small wording typo.
Add a regression test to ensure encrypted tile validation remains enforced.

Add bounds checks in decrypt_tile_if_needed to validate header metadata offsets and encrypted payload length and raise DownloadError on malformed data.
Add test_download_tiles_rejects_malformed_encrypted_payload in tests/test_tile_cache.py to cover malformed encrypted tile handling during tile download.
Update docs/project-status.md to reference src/artx/... instead of stale src/googleart_download/... and change compatibility-shell to compatibility-shim.

Ran uv run pytest -q tests/test_tile_cache.py tests/test_transport.py and received 32 passed.
Ran uv run ruff check src/artx/download/tiles.py tests/test_tile_cache.py docs/project-status.md and all checks passed.

Fix encrypted tile bounds checks and refresh docs

672e1f4

AEliu added the codex label Apr 21, 2026 — with ChatGPT Codex Connector

Provide feedback