tar - npm Package Compare versions

Comparing version 6.1.0 to 6.1.1

lib/unpack.js

@@ -17,2 +17,3 @@ 'use strict'
 const pathReservations = require('./path-reservations.js')
+const stripAbsolutePath = require('./strip-absolute-path.js')
 
@@ -228,7 +229,6 @@ const ONENTRY = Symbol('onEntry')
       // so we only need to test this one to get both
-      if (path.win32.isAbsolute(p)) {
-        const parsed = path.win32.parse(p)
-        entry.path = p.substr(parsed.root.length)
-        const r = parsed.root
-        this.warn('TAR_ENTRY_INFO', `stripping ${r} from absolute path`, {
+      const [root, stripped] = stripAbsolutePath(p)
+      if (root) {
+        entry.path = stripped
+        this.warn('TAR_ENTRY_INFO', `stripping ${root} from absolute path`, {
           entry,
@@ -235,0 +235,0 @@ path: p,

lib/write-entry.js

@@ -26,2 +26,3 @@ 'use strict'
 const winchars = require('./winchars.js')
+const stripAbsolutePath = require('./strip-absolute-path.js')
 
@@ -56,8 +57,8 @@ const modeFix = require('./mode-fix.js')
     let pathWarn = false
-    if (!this.preservePaths && path.win32.isAbsolute(p)) {
-      // absolutes on posix are also absolutes on win32
-      // so we only need to test this one to get both
-      const parsed = path.win32.parse(p)
-      this.path = p.substr(parsed.root.length)
-      pathWarn = parsed.root
+    if (!this.preservePaths) {
+      const [root, stripped] = stripAbsolutePath(this.path)
+      if (root) {
+        this.path = stripped
+        pathWarn = root
+      }
     }
@@ -356,6 +357,8 @@
     let pathWarn = false
-    if (path.isAbsolute(this.path) && !this.preservePaths) {
-      const parsed = path.parse(this.path)
-      pathWarn = parsed.root
-      this.path = this.path.substr(parsed.root.length)
+    if (!this.preservePaths) {
+      const [root, stripped] = stripAbsolutePath(this.path)
+      if (root) {
+        this.path = stripped
+        pathWarn = root
+      }
     }
@@ -362,0 +365,0 @@

package.json

@@ -5,3 +5,3 @@ {
   "description": "tar for node",
-  "version": "6.1.0",
+  "version": "6.1.1",
   "repository": {
@@ -42,3 +42,3 @@ "type": "git",
     "rimraf": "^2.7.1",
-    "tap": "^14.9.2",
+    "tap": "^15.0.9",
     "tar-fs": "^1.16.3",
@@ -45,0 +45,0 @@ "tar-stream": "^1.6.2"

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Lines of code

3242

increased by0.5%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

148918

decreased by-0.92%

No dependency changes