Security News
Combatting Alert Fatigue by Prioritizing Malicious Intent
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
The tar-fs npm package is a Node.js module that allows you to interact with tarball (.tar) files. It provides functionality to pack and extract tarball files using file system streams. It is a high-level module that makes it easy to create and extract tar files in a Node.js environment.
Packing files into a tarball
This feature allows you to pack a directory into a tarball. The code sample demonstrates how to pack the contents of '/source/directory' into a tarball named 'archive.tar' located at '/destination/'.
const tar = require('tar-fs');
const fs = require('fs');
let pack = tar.pack('/source/directory')
.pipe(fs.createWriteStream('/destination/archive.tar'));
Extracting files from a tarball
This feature allows you to extract the contents of a tarball into a directory. The code sample demonstrates how to extract the contents of 'archive.tar' from '/source/' into the '/destination/directory'.
const tar = require('tar-fs');
const fs = require('fs');
fs.createReadStream('/source/archive.tar')
.pipe(tar.extract('/destination/directory'));
The 'tar' package is another Node.js module for manipulating tar files. It provides similar functionality to tar-fs, such as packing and extracting tarball files. However, it also includes support for additional features like gzip compression and incremental backups.
Archiver is a streaming interface for archive generation, supporting ZIP and TAR formats. It offers more format options than tar-fs and includes features like appending to existing archives and setting global archive headers.
filesystem bindings for tar-stream.
npm install tar-fs
tar-fs allows you to pack directories into tarballs and extract tarballs into directories.
var tar = require('tar-fs');
var fs = require('fs');
// packing a directory
tar.pack('./my-directory').pipe(fs.createWriteStream('my-tarball.tar'));
// extracting a directory
fs.createReadStream('my-other-tarball.tar').pipe(tar.extract('./my-other-directory'));
To ignore various files when packing or extracting add a ignore function to the options
var pack = tar.pack('./my-directory', {
ignore: function(name) {
return path.extname(name) === '.bin'; // ignore .bin files when packing
}
});
var extract = tar.extract('./my-other-directory', {
ignore: function(name) {
return path.extname(name) === '.bin'; // ignore .bin files inside the tarball when extracing
}
});
If you want to modify the headers when packing/extracting add a map function to the options
var pack = tar.pack('./my-directory', {
map: function(header) {
header.name = 'prefixed/'+header.name;
return header;
}
});
var extract = tar.pack('./my-directory', {
map: function(header) {
header.name = 'another-prefix/'+header.name;
return header;
}
});
Set options.fmode
and options.dmode
to ensure that files/directories extracted have the corresponding modes
var extract = tar.extract('./my-directory', {
dmode: 0555, // all dirs and files should be readable
fmode: 0444
});
This is useful when the tarball was created on windows (which can result in dirs not being readable)
Copying a directory with permissions and mtime intact is as simple as
tar.pack('source-directory').pipe(tar.extract('dest-directory'));
Packing and extracting a 6.1 GB with 2496 directories and 2398 files yields the following results on my Macbook Air. See the benchmark here
MIT
FAQs
filesystem bindings for tar-stream
The npm package tar-fs receives a total of 14,629,793 weekly downloads. As such, tar-fs popularity was classified as popular.
We found that tar-fs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.