Comparing version 2.10.0 to 3.0.0
28
index.js
var fs = require("fs"); | ||
var zlib = require("zlib"); | ||
var fd_slicer = require("fd-slicer"); | ||
var fd_slicer = require("./fd-slicer"); | ||
var crc32 = require("buffer-crc32"); | ||
@@ -567,3 +567,3 @@ var util = require("util"); | ||
// this is part of yauzl's API, so implement this function on the client-visible stream | ||
endpointStream.destroy = function() { | ||
installDestroyFn(endpointStream, function() { | ||
destroyed = true; | ||
@@ -574,3 +574,3 @@ if (inflateFilter !== endpointStream) inflateFilter.unpipe(endpointStream); | ||
readStream.destroy(); | ||
}; | ||
}); | ||
} | ||
@@ -700,7 +700,7 @@ callback(null, endpointStream); | ||
}); | ||
refUnrefFilter.destroy = function() { | ||
installDestroyFn(refUnrefFilter, function() { | ||
stream.unpipe(refUnrefFilter); | ||
refUnrefFilter.unref(); | ||
stream.destroy(); | ||
}; | ||
}); | ||
@@ -713,7 +713,7 @@ var byteCounter = new AssertByteCountStream(end - start); | ||
}); | ||
byteCounter.destroy = function() { | ||
installDestroyFn(byteCounter, function() { | ||
destroyed = true; | ||
refUnrefFilter.unpipe(byteCounter); | ||
refUnrefFilter.destroy(); | ||
}; | ||
}); | ||
@@ -798,4 +798,18 @@ return stream.pipe(refUnrefFilter).pipe(byteCounter); | ||
// Node 8 introduced a proper destroy() implementation on writable streams. | ||
function installDestroyFn(stream, fn) { | ||
if (typeof stream.destroy === "function") { | ||
// New API. | ||
stream._destroy = function(err, cb) { | ||
fn(); | ||
if (cb != null) cb(err); | ||
}; | ||
} else { | ||
// Old API. | ||
stream.destroy = fn; | ||
} | ||
} | ||
function defaultCallback(err) { | ||
if (err) throw err; | ||
} |
{ | ||
"name": "yauzl", | ||
"version": "2.10.0", | ||
"version": "3.0.0", | ||
"description": "yet another unzip library for node", | ||
"main": "index.js", | ||
"scripts": { | ||
"test": "node test/test.js", | ||
"test-cov": "istanbul cover test/test.js", | ||
"test-travis": "istanbul cover --report lcovonly test/test.js" | ||
"test": "node test/test.js" | ||
}, | ||
"repository": { | ||
"type": "git", | ||
"url": "https://github.com/thejoshwolfe/yauzl.git" | ||
"url": "git+https://github.com/thejoshwolfe/yauzl.git" | ||
}, | ||
@@ -29,13 +27,12 @@ "keywords": [ | ||
"dependencies": { | ||
"fd-slicer": "~1.1.0", | ||
"buffer-crc32": "~0.2.3" | ||
"buffer-crc32": "~0.2.3", | ||
"pend": "~1.2.0" | ||
}, | ||
"devDependencies": { | ||
"bl": "~1.0.0", | ||
"istanbul": "~0.3.4", | ||
"pend": "~1.2.0" | ||
"bl": "^6.0.11" | ||
}, | ||
"files": [ | ||
"fd-slicer.js", | ||
"index.js" | ||
] | ||
} |
# yauzl | ||
[![Build Status](https://travis-ci.org/thejoshwolfe/yauzl.svg?branch=master)](https://travis-ci.org/thejoshwolfe/yauzl) | ||
[![Coverage Status](https://img.shields.io/coveralls/thejoshwolfe/yauzl.svg)](https://coveralls.io/r/thejoshwolfe/yauzl) | ||
yet another unzip library for node. For zipping, see | ||
@@ -35,3 +32,3 @@ [yazl](https://github.com/thejoshwolfe/yazl). | ||
// Directory file names end with '/'. | ||
// Note that entires for directories themselves are optional. | ||
// Note that entries for directories themselves are optional. | ||
// An entry's fileName implicitly requires its parent directories to exist. | ||
@@ -269,3 +266,3 @@ zipfile.readEntry(); | ||
then the above options must be used to obain the file's raw data. | ||
Speficying `{start: 0, end: entry.compressedSize}` will result in the complete file, | ||
Specifying `{start: 0, end: entry.compressedSize}` will result in the complete file, | ||
which is effectively the default values for these options, | ||
@@ -292,3 +289,4 @@ but note that unlike omitting the options, when you specify `start` or `end` as any non-`null` value, | ||
If this zipfile was created using `fromRandomAccessReader()`, the `RandomAccessReader` implementation | ||
must provide readable streams that implement a `.destroy()` method (see `randomAccessReader._readStreamForRange()`) | ||
must provide readable streams that implement a `._destroy()` method according to | ||
https://nodejs.org/api/stream.html#writable_destroyerr-callback (see `randomAccessReader._readStreamForRange()`) | ||
in order for calls to `readStream.destroy()` to work in this context. | ||
@@ -457,7 +455,7 @@ | ||
The returned stream *must* implement a method `.destroy()` | ||
if you call `readStream.destroy()` on streams you get from `openReadStream()`. | ||
If you never call `readStream.destroy()`, then streams returned from this method do not need to implement a method `.destroy()`. | ||
`.destroy()` should abort any streaming that is in progress and clean up any associated resources. | ||
`.destroy()` will only be called after the stream has been `unpipe()`d from its destination. | ||
If you call `readStream.destroy()` on streams you get from `openReadStream()`, | ||
the returned stream *must* implement a method `._destroy()` according to https://nodejs.org/api/stream.html#writable_destroyerr-callback . | ||
If you never call `readStream.destroy()`, then streams returned from this method do not need to implement a method `._destroy()`. | ||
`._destroy()` should abort any streaming that is in progress and clean up any associated resources. | ||
`._destroy()` will only be called after the stream has been `unpipe()`d from its destination. | ||
@@ -498,2 +496,14 @@ Note that the stream returned from this method might not be the same object that is provided by `openReadStream()`. | ||
The automated tests for this project run on node versions 12 and up. Older versions of node are not supported. | ||
### Files corrupted by the Mac Archive Utility are not my problem | ||
For a lengthy discussion, see [issue #69](https://github.com/thejoshwolfe/yauzl/issues/69). | ||
In summary, the Mac Archive Utility is buggy when creating large zip files, | ||
and this library does not make any effort to work around the bugs. | ||
This library will attempt to interpret the zip file data at face value, | ||
which may result in errors, or even silently incomplete data. | ||
If this bothers you, that's good! Please complain to Apple. :) | ||
I have accepted that this library will simply not support that nonsense. | ||
### No Streaming Unzip API | ||
@@ -613,2 +623,11 @@ | ||
* 3.0.0 | ||
* BREAKING CHANGE: implementations of [RandomAccessReader](#class-randomaccessreader) that implement a `destroy` method must instead implement `_destroy` in accordance with the node standard https://nodejs.org/api/stream.html#writable_destroyerr-callback (note the error and callback parameters). If you continue to override `destory` instead, some error handling may be subtly broken. Additionally, this is required for async iterators to work correctly in some versions of node. [issue #110](https://github.com/thejoshwolfe/yauzl/issues/110) | ||
* BREAKING CHANGE: Drop support for node versions older than 12. | ||
* Maintenance: Fix buffer deprecation warning by bundling `fd-slicer` with a 1-line change, rather than depending on it. [issue #114](https://github.com/thejoshwolfe/yauzl/issues/114) | ||
* Maintenance: Upgrade `bl` dependency; add `package-lock.json`; drop deprecated istanbul dependency. This resolves all security warnings for this project. [pull #125](https://github.com/thejoshwolfe/yauzl/pull/125) | ||
* Maintenance: Replace broken Travis CI with GitHub Actions. [pull #148](https://github.com/thejoshwolfe/yauzl/pull/148) | ||
* Maintenance: Fixed a long-standing issue in the test suite where a premature exit would incorrectly signal success. | ||
* Officially gave up on supporting Mac Archive Utility corruption in order to rescue my motivation for this project. [issue #69](https://github.com/thejoshwolfe/yauzl/issues/69) | ||
* 2.10.0 | ||
@@ -615,0 +634,0 @@ * Added support for non-conformant zipfiles created by Microsoft, and added option `strictFileNames` to disable the workaround. [issue #66](https://github.com/thejoshwolfe/yauzl/issues/66), [issue #88](https://github.com/thejoshwolfe/yauzl/issues/88) |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
76351
1
5
1018
678
3
+ Addedpend@~1.2.0
- Removedfd-slicer@~1.1.0
- Removedfd-slicer@1.1.0(transitive)