{"id":1688,"library":"pyzipper","title":"pyzipper","description":"Pyzipper is a Python library that extends the functionality of Python's built-in `zipfile` module by adding support for AES encryption. Forked from Python 3.7's `zipfile` module, it maintains a similar API while enabling the creation and extraction of password-protected ZIP archives with AES encryption. The current version is 0.3.6, released in July 2022, and it appears to have an infrequent release cadence.","status":"active","version":"0.3.6","language":"en","source_language":"en","source_url":"https://github.com/danifus/pyzipper","tags":["zip","aes","encryption","compression","security","archive"],"install":[{"cmd":"pip install pyzipper","lang":"bash","label":"Install pyzipper"}],"dependencies":[{"reason":"Required for AES encryption functionality.","package":"pycryptodomex","optional":false}],"imports":[{"note":"pyzipper provides `AESZipFile` as its primary class, which replaces the standard `zipfile.ZipFile` for AES encryption features. Directly using `zipfile.ZipFile` will not provide AES encryption.","wrong":"from zipfile import ZipFile","symbol":"AESZipFile","correct":"import pyzipper\nwith pyzipper.AESZipFile(...) as zf:"}],"quickstart":{"code":"import pyzipper\nimport os\n\nsecret_password = b'your_secret_password'\nzip_filename = 'secure_archive.zip'\ncontent_to_write = \"This is a secret message that needs to be protected.\"\n\n# Create an AES encrypted zip file\nwith pyzipper.AESZipFile(zip_filename, 'w', compression=pyzipper.ZIP_LZMA, encryption=pyzipper.WZ_AES) as zf:\n    zf.setpassword(secret_password)\n    zf.writestr('secret.txt', content_to_write)\n    print(f\"'{zip_filename}' created with 'secret.txt' encrypted.\")\n\n# Read content from the AES encrypted zip file\nwith pyzipper.AESZipFile(zip_filename, 'r') as zf:\n    zf.setpassword(secret_password)\n    try:\n        read_content = zf.read('secret.txt').decode('utf-8')\n        print(f\"Content read from 'secret.txt': {read_content}\")\n    except RuntimeError as e:\n        print(f\"Error reading file (incorrect password or corruption): {e}\")\n\n# Clean up the created zip file\nif os.path.exists(zip_filename):\n    os.remove(zip_filename)\n    print(f\"Cleaned up '{zip_filename}'.\")","lang":"python","description":"This quickstart demonstrates how to create a new ZIP archive, add a file with AES encryption and LZMA compression, set a password, and then read the content back, using `pyzipper.AESZipFile`."},"warnings":[{"fix":"Ensure `zf.setpassword()` is called with a bytes object: `zf.setpassword(b'your_password')`.","message":"Passwords must be provided as byte strings (e.g., `b'yourpassword'`), not regular Python strings. Failing to do so will result in errors during encryption or decryption operations.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Avoid using `pathlib.Path` objects directly with `pyzipper` where `zipfile` in Python 3.8+ would support them. Convert `pathlib.Path` objects to strings if necessary before passing them to `pyzipper` methods.","message":"Pyzipper was forked from Python 3.7's `zipfile` module and therefore lacks support for `pathlib`-compatible wrappers and other new features introduced in Python 3.8 and later versions of the standard `zipfile` module.","severity":"breaking","affected_versions":"All versions"},{"fix":"If filename confidentiality is required, consider an additional layer of encryption or obfuscation for filenames before archiving, or use a different archiving solution that encrypts metadata.","message":"File metadata, such as filenames, are not encrypted by pyzipper. Only the file contents are protected by AES encryption. This means an attacker could still see the names of the files within the archive.","severity":"gotcha","affected_versions":"All versions"},{"fix":"For applications requiring the highest level of security, evaluate alternatives to the ZIP format or implement additional security measures outside of `pyzipper` to protect sensitive data.","message":"The AES-2 encryption used by pyzipper, while better than ZipCrypto, has known flaws and may not be suitable for all high-security use cases. Information leakage can occur, especially if the ZIP file can be intercepted and modified.","severity":"deprecated","affected_versions":"All versions"},{"fix":"Monitor the GitHub repository for updates and consider contributing or forking the project if specific maintenance needs arise. Factor in the maintenance status when planning for long-term usage in critical applications.","message":"The project's last release was in July 2022, which might indicate infrequent maintenance. Users should be aware that active development, bug fixes, or security patches might not be regularly provided.","severity":"gotcha","affected_versions":"0.3.6 and potentially future versions"}],"env_vars":null,"last_verified":"2026-04-09T00:00:00.000Z","next_check":"2026-07-08T00:00:00.000Z"}