My implementation ofPEP-706 has a bug: it wrongly determines the target of symlinks, and thus wrongly raisesLinkOutsideDestinationError on some valid tarballs.

I didn't pay enough attention to this quirk of the format (which I'd like to add toTarInfolinkname docs):

For symbolic links (SYMTYPE), the linkname is relative to the directory that contains the link.
For hard links (LNKTYPE), the linkname is relative to the root of the archive.

So, in a tarball that contains the following, the links point todir/target:

• dir/target
• other_dir/symlink ->../dir/target
• other_dir/hardlink ->dir/target

Butdata_filter thinks thatother_dir/symlink will point to../dir target outside the destination directory.

I have a fix but would like to test it more next week, before merging.
Sorry for the extra work this'll cause for a lot of people :(

Linked PRs

• gh-107845: Fix symlink handling for tarfile.data_filter #107846
• [3.11] gh-107845: Fix symlink handling for tarfile.data_filter (GH-107846) #108209
• [3.10] gh-107845: Fix symlink handling for tarfile.data_filter (GH-107846) #108210
• [3.12] gh-107845: Fix symlink handling for tarfile.data_filter (GH-107846) #108211
• [3.9] gh-107845: Fix symlink handling for tarfile.data_filter (GH-107846) #108274
• [3.8] gh-107845: Fix symlink handling for tarfile.data_filter (GH-107846) #108279