Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
🚀 DAY 5 OF LAUNCH WEEK:Introducing Webhook Events for Alert Changes.Learn more →
tar-fs
Filesystem bindings for tar-stream.
npm install tar-fs
Usage
tar-fs allows you to pack directories into tarballs and extract tarballs into directories.
It doesn't gunzip for you, so if you want to extract a .tar.gz with this you'll need to use something like gunzip-maybe in addition to this.
const tar = require('tar-fs')
const fs = require('fs')
// packing a directory
tar.pack('./my-directory').pipe(fs.createWriteStream('my-tarball.tar'))
// extracting a directory
fs.createReadStream('my-other-tarball.tar').pipe(tar.extract('./my-other-directory'))
To ignore various files when packing or extracting add a ignore function to the options. ignore
is also an alias for filter. Additionally you get header if you use ignore while extracting.
That way you could also filter by metadata.
const pack = tar.pack('./my-directory', {
ignore (name) {
return path.extname(name) === '.bin' // ignore .bin files when packing
}
})
const extract = tar.extract('./my-other-directory', {
ignore (name) {
return path.extname(name) === '.bin' // ignore .bin files inside the tarball when extracing
}
})
const extractFilesDirs = tar.extract('./my-other-other-directory', {
ignore (_, header) {
// pass files & directories, ignore e.g. symlinks
return header.type !== 'file' && header.type !== 'directory'
}
})
You can also specify which entries to pack using the entries option
const pack = tar.pack('./my-directory', {
entries: ['file1', 'subdir/file2'] // only the specific entries will be packed
})
If you want to modify the headers when packing/extracting add a map function to the options
const pack = tar.pack('./my-directory', {
map (header) {
header.name = 'prefixed/'+header.name
return header
}
})
const extract = tar.extract('./my-directory', {
map (header) {
header.name = 'another-prefix/'+header.name
return header
}
})
Similarly you can use mapStream incase you wanna modify the input/output file streams
const pack = tar.pack('./my-directory', {
mapStream (fileStream, header) {
// NOTE: the returned stream HAS to have the same length as the input stream.
// If not make sure to update the size in the header passed in here.
if (path.extname(header.name) === '.js') {
return fileStream.pipe(someTransform)
}
return fileStream
}
})
const extract = tar.extract('./my-directory', {
mapStream (fileStream, header) {
if (path.extname(header.name) === '.js') {
return fileStream.pipe(someTransform)
}
return fileStream
}
})
Set options.fmode and options.dmode to ensure that files/directories extracted have the corresponding modes
const extract = tar.extract('./my-directory', {
dmode: parseInt(555, 8), // all dirs should be readable
fmode: parseInt(444, 8) // all files should be readable
})
It can be useful to use dmode and fmode if you are packing/unpacking tarballs between *nix/windows to ensure that all files/directories unpacked are readable.
Alternatively you can set options.readable and/or options.writable to set the dmode and fmode to readable/writable.
var extract = tar.extract('./my-directory', {
readable: true, // all dirs and files should be readable
writable: true, // all dirs and files should be writable
})
Set options.strict to false if you want to ignore errors due to unsupported entry types (like device files)
To dereference symlinks (pack the contents of the symlink instead of the link itself) set options.dereference to true.
Copy a directory
Copying a directory with permissions and mtime intact is as simple as
tar.pack('source-directory').pipe(tar.extract('dest-directory'))
Interaction with tar-stream
Use finalize: false and the finish hook to
leave the pack stream open for further entries (see
tar-stream#pack),
and use pack to pass an existing pack stream.
const mypack = tar.pack('./my-directory', {
finalize: false,
finish (sameAsMypack) {
mypack.entry({name: 'generated-file.txt'}, "hello")
tar.pack('./other-directory', {
pack: sameAsMypack
})
}
})
License
MIT
Other packages similar to tar-fs
tar
The 'tar' package is another Node.js module for manipulating tar files. It provides similar functionality to tar-fs, such as packing and extracting tarball files. However, it also includes support for additional features like gzip compression and incremental backups.
archiver
Archiver is a streaming interface for archive generation, supporting ZIP and TAR formats. It offers more format options than tar-fs and includes features like appending to existing archives and setting global archive headers.
FAQs
filesystem bindings for tar-stream
The npm package tar-fs receives a total of 24,840,099 weekly downloads. As such, tar-fs popularity was classified as popular.
We found that tar-fs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 16 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025
Product
Introducing Socket Scanning for OpenVSX Extensions
Socket now scans OpenVSX extensions, giving teams early detection of risky behaviors, hidden capabilities, and supply chain threats in developer tools.
By Mix Irving, Ryan Eberhardt -  Nov 20, 2025