tar - npm Package Compare versions
| 'use strict' | ||
| // When writing files on Windows, translate the characters to their | ||
| // 0xf000 higher-encoded versions. | ||
| const raw = [ | ||
| '|', | ||
| '<', | ||
| '>', | ||
| '?' | ||
| ] | ||
| const win = raw.map(char => | ||
| String.fromCharCode(0xf000 + char.charCodeAt(0))) | ||
| const toWin = new Map(raw.map((char, i) => [char, win[i]])) | ||
| const toRaw = new Map(win.map((char, i) => [char, raw[i]])) | ||
| module.exports = { | ||
| encode: s => raw.reduce((s, c) => s.split(c).join(toWin.get(c)), s), | ||
| decode: s => win.reduce((s, c) => s.split(c).join(toRaw.get(c)), s) | ||
| } |
+7
-0
@@ -10,2 +10,3 @@ 'use strict' | ||
| const mkdirSync = mkdir.sync | ||
| const winchars = require('./winchars.js') | ||
@@ -52,2 +53,5 @@ const ONENTRY = Symbol('onEntry') | ||
| // turn ><?| in filenames into 0xf000-higher encoded forms | ||
| this.win32 = !!opt.win32 || process.platform === 'win32' | ||
| // do not unpack over files that are newer than what's in the archive | ||
@@ -106,2 +110,5 @@ this.newer = !!opt.newer | ||
| if (this.win32) | ||
| entry.path = winchars.encode(entry.path) | ||
| if (path.isAbsolute(entry.path)) | ||
@@ -108,0 +115,0 @@ entry.absolute = entry.path |
@@ -26,2 +26,3 @@ 'use strict' | ||
| const warner = require('./warn-mixin.js') | ||
| const winchars = require('./winchars.js') | ||
@@ -58,3 +59,3 @@ const WriteEntry = warner(class WriteEntry extends MiniPass { | ||
| if (this.win32) { | ||
| this.path = this.path.replace(/\\/g, '/') | ||
| this.path = winchars.decode(this.path.replace(/\\/g, '/')) | ||
| p = p.replace(/\\/g, '/') | ||
@@ -61,0 +62,0 @@ } |
+1
-1
@@ -5,3 +5,3 @@ { | ||
| "description": "tar for node", | ||
| "version": "3.1.1", | ||
| "version": "3.1.2", | ||
| "repository": { | ||
@@ -8,0 +8,0 @@ "type": "git", |
+6
-1
@@ -552,2 +552,5 @@ # node-tar | ||
| in this implementation, and modes are set by default already. | ||
| - `win32` True if on a windows platform. Causes behavior where | ||
| filenames containing `<|>?` chars are converted to | ||
| windows-compatible values while being unpacked. | ||
@@ -657,3 +660,5 @@ ### class tar.Unpack.Sync | ||
| - `win32` True if on a windows platform. Causes behavior where paths | ||
| replace `\` with `/`. | ||
| replace `\` with `/` and filenames containing the windows-compatible | ||
| forms of `<|>?` characters are converted to actual `<|>?` characters | ||
| in the archive. | ||
| - `noPax` Suppress pax extended headers. Note that this means that | ||
@@ -660,0 +665,0 @@ long paths and linkpaths will be truncated, and large or negative |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
115507
0.98%- Number of package files
22
4.76%- Lines of code
2612
0.89%- Number of lines in readme file
853
0.59%