chore: update Python3 bindings to work with upstream libinjection v4.0.0 API

[Copilot]

• Explore repository and understand the codebase
• Fix libinjection/__init__.py - Python 2 implicit import to Python 3 explicit relative import
• Fix libinjection/libinjection.i:
  • Add #include <string.h> to preamble
  • Fix NULL handling for PyUnicode_AsUTF8AndSize() - clear exception on NULL
  • Change Py_BuildValue("s#", ...) to y# to avoid crash on non-UTF-8 bytes (e.g. 0xA0)
  • Add NULL check on arglist before PyObject_CallObject
  • Replace %apply (char *STRING, ...) with custom typemaps accepting both str (UTF-8) and bytes (passthrough)
  • Add -o libinjection/libinjection_wrap.c -outdir libinjection to SWIG command
• Fix setup.py - dynamic LIBINJECTION_VERSION detection + encoding="utf-8"
• Update Makefile:
  • List ALL required headers in copy target (libinjection_xss.h, libinjection_html5.h)
  • Add sed patches to fix upstream C/H files (type mismatches, static visibility)
  • Add SWIG -o and -outdir output flags
  • Fix test command to use python3 -m pytest test_driver.py -v (no cd /tmp)
• Rename pytest.py → example_sqli.py to remove pytest module shadowing
• Update README.md - SWIG command with -o/-outdir, fix testing instructions
• Fix test_driver.py:
  • Fix test data paths to use upstream/tests/
  • Read input as bytes for exact byte semantics with non-ASCII inputs
  • Fix print_token to not strip trailing spaces (needed for empty-value tokens)
  • Decode expected output as UTF-8
• Fix json2python.py - decode keyword bytes to str (latin-1) in lookup callback
• Add test_api.py - API tests for SQLi tuple return, XSS detection, stateful API, version
• All 14 tests pass
• CodeQL security scan

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Update the module</issue_title>
<issue_description>- Check that the module works with upstream libinjection/libinjection.

• Update README adding building steps.
  </issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Update the module #6

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Copilot]

Pull request overview

This PR updates the project’s Python 3 SWIG bindings and build tooling to work against upstream libinjection v4.0.0, and adds README build/usage instructions.

Changes:

• Adjusts packaging/build so the compiled extension is placed under the libinjection package and defines LIBINJECTION_VERSION during compilation.
• Updates the SWIG interface for Python 3 string handling, exposes XSS APIs, and adds typemaps for correct length handling and fingerprint output.
• Updates Makefile/README build + test workflows (Python 3, SWIG 4.x, pytest).

Reviewed changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
setup.py	Reads upstream version for LIBINJECTION_VERSION macro and renames the extension into the package namespace.
libinjection/libinjection.i	Python 3 C-API fixes, new includes, typemap updates, and exposes XSS-related APIs.
libinjection/__init__.py	Switches to explicit relative import for Python 3 package semantics.
README.md	Adds build instructions and usage examples (SQLi + XSS) and pytest guidance.
Makefile	Updates build/test commands for Python 3, SWIG 4.x, and pytest; updates upstream copy targets.
.gitignore	Ignores generated/copied artifacts like words.py and libinjection_error.h.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[fzipi]

@copilot apply changes based on the comments in this thread

[Copilot]

@copilot apply changes based on the comments in this thread

Applied all review feedback in commit beeae1a:

• Makefile: Added all required header targets (libinjection_xss.h, libinjection_html5.h); added SWIG -o libinjection/libinjection_wrap.c -outdir libinjection flags; replaced cd /tmp && python3 -m pytest with python3 -m pytest test_driver.py -v from repo root; added comments to the sed patching block
• pytest.py → example_sqli.py: Renamed to remove pytest module shadowing that blocked running tests from repo root
• libinjection.i: Added #include <string.h>; changed Py_BuildValue("s#", ...) to y# with a comment explaining the reason (prevents crash on non-UTF-8 bytes like 0xA0); added NULL guard on arglist; replaced PyUnicode_AsUTF8AndSize NULL path to PyErr_Clear() + ch = '\0'; replaced %apply (char *STRING, ...) with custom typemaps accepting both str (UTF-8 encoded) and bytes (passed through as-is)
• setup.py: Added encoding="utf-8" to file open
• test_driver.py: Fixed test data paths to upstream/tests/; reads input as bytes for exact byte semantics (fixes 0xA0 word-separator test); fixed print_token to use rstrip('\r\n') instead of strip() (preserves trailing spaces in empty-value tokens); decodes expected output as UTF-8
• json2python.py: Decodes keyword bytes to str (latin-1) in lookup callback
• test_api.py (new): Added tests for sqli() tuple return, xss() detection, stateful API, and version()

All 14 tests pass.