Comparing version 0.1.1 to 0.1.2
78
index.js
@@ -6,4 +6,7 @@ | ||
, parse = require('tar-parse') | ||
, each = require('foreach/async-promised') | ||
, each = require('foreach/series/promise') | ||
, write = require('writefile') | ||
, promisify = require('promisify') | ||
, mkdir = promisify(require('mkdirp')) | ||
, all = require('when-all') | ||
@@ -18,12 +21,19 @@ /** | ||
return unpack(pkg).then(function(files){ | ||
var base = common(Object.keys(files)) | ||
.replace(/^\//, '') | ||
.replace('/', '\\/') | ||
var regx = new RegExp('^\\/?'+base+'\\/?') | ||
return each(files, function(stream, path){ | ||
path = join(dest, path.replace(regx, '')) | ||
var promise = write(path, stream) | ||
stream.resume() | ||
return promise | ||
var paths = files | ||
.filter(function(f){ return f.type != 'Directory' }) | ||
.map(function(f){ return f.path }) | ||
var chop = makeChopper(common(paths)) | ||
// compute paths and drop unnecessary dirs | ||
files = files.filter(function(file){ | ||
var relative = chop(file.path) | ||
file.path = join(dest, relative) | ||
return relative | ||
}) | ||
// write | ||
return each(files, function(file){ | ||
if (file.type == 'Directory') return mkdir(file.path) | ||
return write(file.path, file.text) | ||
}) | ||
}) | ||
@@ -33,18 +43,54 @@ } | ||
/** | ||
* generate a function which chops `fat` from paths | ||
* (String) -> (String) -> String | ||
*/ | ||
function makeChopper(fat){ | ||
var tail = '' | ||
var regex = fat.split('/').reduce(function(regex, seg){ | ||
tail += ')?' | ||
return regex + '(?:\\/' + seg | ||
}) | ||
regex += tail | ||
// make the first slash optional | ||
regex = regex.replace(/^\(\?:\\\//, '(?:\\/?') | ||
regex = new RegExp('^'+regex+'\\/?') | ||
return function(path){ | ||
return path.replace(regex, '') | ||
} | ||
} | ||
/** | ||
* unpack the contents `pkg` into an Object | ||
* (Stream) -> Promise object | ||
*/ | ||
// fuck streams1 suck! I'm buffering their contents | ||
// here because pausing one stream causes the whole | ||
// parsing stream to pause which means I don't get any | ||
// more entries which means the process never completes | ||
function unpack(pkg){ | ||
var p = new Promise | ||
var files = {} | ||
var files = [] | ||
pkg.pipe(parse()) | ||
.on('data', function(entry){ | ||
if (entry.type != 'File') return | ||
files[entry.path] = entry | ||
entry.pause() | ||
var file = new Promise | ||
files.push(file) | ||
var buf = '' | ||
entry.on('data', function(data){ | ||
buf += data | ||
}) | ||
.on('end', function(){ | ||
entry.text = buf | ||
file.fulfill(entry) | ||
}) | ||
.on('error', function(e){ file.reject(e) }) | ||
}) | ||
.on('error', function(e){ p.reject(e) }) | ||
.on('end', function(){ p.fulfill(files) }) | ||
.on('end', function(){ | ||
all(files).then( | ||
function(v){ p.fulfill(v) }, | ||
function(e){ p.reject(e) }) | ||
}) | ||
return p | ||
} |
{ | ||
"name": "untar", | ||
"version": "0.1.1", | ||
"version": "0.1.2", | ||
"description": "a simple tar file unpacker", | ||
@@ -15,10 +15,13 @@ "keywords": [ | ||
"tar-parse": "0.0.2", | ||
"foreach": "https://github.com/jkroso/forEach/archive/0.3.0.tar.gz", | ||
"foreach": "https://github.com/jkroso/forEach/archive/0.5.0.tar.gz", | ||
"laissez-faire": "~0.12.1", | ||
"path": "https://github.com/jkroso/path/archive/1.1.0.tar.gz", | ||
"writefile": "~0.1.0" | ||
"writefile": "~0.1.1", | ||
"mkdirp": "~0.3.5", | ||
"promisify": "https://github.com/jkroso/promisify/archive/0.2.0.tar.gz", | ||
"when-all": "~0.2.2" | ||
}, | ||
"devDependencies": { | ||
"when-all": "https://github.com/jkroso/when-all/archive/0.2.1.tar.gz" | ||
"fs-equals": "~0.1.0" | ||
} | ||
} |
@@ -30,3 +30,3 @@ | ||
$ npm install | ||
$ node examples/index.js | ||
$ node test | ||
``` | ||
@@ -33,0 +33,0 @@ ## todo |
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 2 instances in 1 package
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 1 instance in 1 package
3805
84
8
3
+ Addedmkdirp@~0.3.5
+ Addedpromisify@https://github.com/jkroso/promisify/archive/0.2.0.tar.gz
+ Addedwhen-all@~0.2.2
+ Addedwhen-all@0.2.2(transitive)
Updatedforeach@https://github.com/jkroso/forEach/archive/0.5.0.tar.gz
Updatedwritefile@~0.1.1