
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
7zip-wrapper
Advanced tools
A comprehensive, feature-complete Node.js wrapper for 7-Zip with TypeScript support, bundled binaries, and cross-platform compatibility.
A powerful, type-safe Node.js wrapper for 7-Zip with native Stream & Buffer support.
7zip-wrapper provides a modern, Promise-based API for 7-Zip operations. It bundles the 7-Zip binary for Windows, Linux, and macOS, ensuring zero configuration and reliable execution everywhere.
addFromStream) and out of archives (extractToStream).extractToBuffer) or add Buffers to archives.npm install 7zip-wrapper
The ZipWrapper class provides a clean, fluent interface for all operations.
import { ZipWrapper } from '7zip-wrapper';
const zip = new ZipWrapper();
// 1. Create an archive
await zip.add('backup.7z', ['src/', 'package.json'], {
level: 9,
password: 'secret-password',
});
// 2. Extract an archive
await zip.extract('backup.7z', {
outputDir: './restored',
overwrite: true,
});
If you prefer functions over classes, you can import them directly:
import { add, extract, list } from '7zip-wrapper';
await add('archive.zip', 'files/', { type: 'zip' });
await extract('archive.zip', { outputDir: 'out' });
Handle data efficiently without writing to temporary files.
Pipe a Readable stream (or Buffer) directly into an archive entry.
import { Readable } from 'stream';
const myStream = Readable.from(['Hello World']);
await zip.addFromStream('archive.7z', 'hello.txt', myStream);
Get a Readable stream for a file inside an archive.
const readStream = zip.extractToStream('archive.7z', 'large-file.log');
readStream.pipe(process.stdout);
Read a file from an archive directly into memory.
const buffer = await zip.extractToBuffer('assets.7z', 'config.json');
const config = JSON.parse(buffer.toString());
add(archive, files, options)Create or update an archive.
| Option | Type | Description |
|---|---|---|
type | string | Archive format (7z, zip, tar, gzip, etc.) |
level | 0-9 | Compression level (0=store, 9=ultra) |
password | string | Password for encryption |
encryptFilenames | boolean | Encrypt file names (Head encryption) |
recursive | boolean | Recurse into subdirectories (default: true) |
extract(archive, options)Extract files from an archive.
| Option | Type | Description |
|---|---|---|
outputDir | string | Destination directory |
files | string[] | Specific files/patterns to extract |
overwrite | boolean | Overwrite existing files |
password | string | Password for decryption |
Monitor operation progress for UI feedback.
await zip.add('big-archive.7z', 'data/', {
onProgress: (progress) => {
console.log(`Processing: ${progress.percent}% (${progress.file})`);
},
});
For simple, one-off tasks without configuration.
import { quick } from '7zip-wrapper';
await quick.zip(['file1.txt'], 'archive.zip'); // Max compression ZIP
await quick.sevenz(['file1.txt'], 'archive.7z'); // Max compression 7z
await quick.extract('archive.7z', 'output/');
| Format | Read | Write |
|---|---|---|
| 7z | ✅ | ✅ |
| ZIP | ✅ | ✅ |
| TAR | ✅ | ✅ |
| GZIP | ✅ | ✅ |
| XZ | ✅ | ✅ |
| RAR | ✅ | ❌* |
*RAR creation is not supported by 7-Zip open source binaries.
src/: TypeScript source code.examples/: Ready-to-run usage examples.MIT © Rashed Iqbal
FAQs
A comprehensive, feature-complete Node.js wrapper for 7-Zip with TypeScript support, bundled binaries, and cross-platform compatibility.
We found that 7zip-wrapper demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.