[libgpiod][PATCH] bindings: python: specify a tar extract filter

[Vincent Fazio <vfazio@xxxxxxxxxxx>]

Starting in Python 3.12, extracting files from tarballs without a filter
specified generates a DeprecationWarning [0].

For Python >= 3.12, specify the `fully_trusted_filter` filter which
replicates the behavior from previous versions.

This filter also makes sense as we should be able to trust the tarball
the maintainers generate after the hash has been verified.

[0]: https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter

Signed-off-by: Vincent Fazio <vfazio@xxxxxxxxxxx>
---
 bindings/python/setup.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/bindings/python/setup.py b/bindings/python/setup.py
index 1f04b99..7ab783f 100644
--- a/bindings/python/setup.py
+++ b/bindings/python/setup.py
@@ -70,6 +70,7 @@ def fetch_tarball(command):
     def wrapper(self):
         # Just-in-time import of tarfile and urllib.request so these are
         # not required for Yocto to build a vendored or linked package
+        import sys
         import tarfile
         from tempfile import TemporaryDirectory
         from urllib.request import urlretrieve
@@ -122,7 +123,10 @@ def fetch_tarball(command):
             # Unpack the downloaded tarball
             log.info(f"unpacking: {tarball_filename}")
             with tarfile.open(downloaded_tarball) as f:
-                f.extractall(temp_dir)
+                if sys.version_info < (3, 12):
+                    f.extractall(temp_dir)
+                else:
+                    f.extractall(temp_dir, filter=tarfile.fully_trusted_filter)
 
             # Copy the include and lib directories we need to build libgpiod
             base_dir = path.join(temp_dir, f"libgpiod-{LIBGPIOD_VERSION}")
-- 
2.34.1