exarch-rs 0.1.0 → 0.1.2

package/Cargo.toml

@@ -8,6 +8,7 @@ rust-version.workspace = true
 license.workspace = true
 repository.workspace = true
 homepage.workspace = true
+publish = false
 
 [lib]
 crate-type = ["cdylib"]

package/README.md

@@ -34,7 +34,7 @@ bun add exarch-rs
 
 ## Requirements
 
-- Node.js >= 14
+- Node.js >= 18
 
 ## Quick Start
 

package/biome.json

@@ -0,0 +1,47 @@
+{
+  "$schema": "https://biomejs.dev/schemas/2.3.10/schema.json",
+  "vcs": {
+    "enabled": true,
+    "clientKind": "git",
+    "useIgnoreFile": false,
+    "defaultBranch": "main"
+  },
+  "linter": {
+    "enabled": true,
+    "rules": {
+      "recommended": true
+    }
+  },
+  "formatter": {
+    "enabled": true,
+    "indentStyle": "space",
+    "indentWidth": 2,
+    "lineWidth": 100,
+    "lineEnding": "lf"
+  },
+  "javascript": {
+    "formatter": {
+      "quoteStyle": "single",
+      "trailingCommas": "es5",
+      "semicolons": "always",
+      "arrowParentheses": "always"
+    }
+  },
+  "json": {
+    "formatter": {
+      "trailingCommas": "none"
+    }
+  },
+  "files": {
+    "includes": [
+      "**/*.js",
+      "**/*.json",
+      "!**/node_modules",
+      "!**/target",
+      "!**/*.node",
+      "!**/package-lock.json",
+      "!**/index.js",
+      "!**/index.d.ts"
+    ]
+  }
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "exarch-rs",
-  "version": "0.1.0",
-  "description": "Memory-safe archive extraction library",
+  "version": "0.1.2",
+  "description": "Memory-safe archive extraction library with built-in security validation",
   "main": "index.js",
   "types": "index.d.ts",
   "keywords": [
@@ -10,14 +10,25 @@
     "security",
     "tar",
     "zip",
+    "gzip",
+    "bzip2",
+    "xz",
+    "zstd",
+    "path-traversal",
+    "zip-bomb",
     "napi-rs",
     "rust"
   ],
+  "author": "Exarch Contributors",
   "license": "MIT OR Apache-2.0",
+  "homepage": "https://github.com/bug-ops/exarch",
   "repository": {
     "type": "git",
     "url": "https://github.com/bug-ops/exarch"
   },
+  "bugs": {
+    "url": "https://github.com/bug-ops/exarch/issues"
+  },
   "napi": {
     "name": "exarch-rs",
     "triples": {
@@ -26,12 +37,21 @@
   },
   "scripts": {
     "build": "napi build --platform --release",
-    "build:debug": "napi build --platform"
+    "build:debug": "napi build --platform",
+    "test": "node --test tests/*.test.js",
+    "test:coverage": "node --test --experimental-test-coverage tests/*.test.js",
+    "format": "biome format --write .",
+    "format:check": "biome format .",
+    "lint": "biome lint .",
+    "lint:fix": "biome lint --write .",
+    "check": "biome check --write .",
+    "check:ci": "biome check ."
   },
   "devDependencies": {
-    "@napi-rs/cli": "^3.0.0"
+    "@biomejs/biome": "^2.0",
+    "@napi-rs/cli": "^3.5"
   },
   "engines": {
-    "node": ">= 14"
+    "node": ">= 18"
   }
 }

package/src/config.rs

@@ -73,8 +73,8 @@ impl SecurityConfig {
     /// # Errors
     ///
     /// Returns error if size is negative.
-    #[napi]
-    pub fn max_file_size(&mut self, size: i64) -> Result<&Self> {
+    #[napi(js_name = "setMaxFileSize")]
+    pub fn set_max_file_size(&mut self, size: i64) -> Result<&Self> {
         if size < 0 {
             return Err(Error::from_reason("max file size cannot be negative"));
         }
@@ -90,8 +90,8 @@ impl SecurityConfig {
     /// # Errors
     ///
     /// Returns error if size is negative.
-    #[napi]
-    pub fn max_total_size(&mut self, size: i64) -> Result<&Self> {
+    #[napi(js_name = "setMaxTotalSize")]
+    pub fn set_max_total_size(&mut self, size: i64) -> Result<&Self> {
         if size < 0 {
             return Err(Error::from_reason("max total size cannot be negative"));
         }
@@ -107,8 +107,8 @@ impl SecurityConfig {
     /// # Errors
     ///
     /// Returns error if ratio is not a positive finite number.
-    #[napi]
-    pub fn max_compression_ratio(&mut self, ratio: f64) -> Result<&Self> {
+    #[napi(js_name = "setMaxCompressionRatio")]
+    pub fn set_max_compression_ratio(&mut self, ratio: f64) -> Result<&Self> {
         if !ratio.is_finite() || ratio <= 0.0 {
             return Err(Error::from_reason(
                 "compression ratio must be a positive finite number",
@@ -119,50 +119,50 @@ impl SecurityConfig {
     }
 
     /// Sets the maximum file count.
-    #[napi]
-    pub fn max_file_count(&mut self, count: u32) -> &Self {
+    #[napi(js_name = "setMaxFileCount")]
+    pub fn set_max_file_count(&mut self, count: u32) -> &Self {
         self.inner.max_file_count = count as usize;
         self
     }
 
     /// Sets the maximum path depth.
-    #[napi]
-    pub fn max_path_depth(&mut self, depth: u32) -> &Self {
+    #[napi(js_name = "setMaxPathDepth")]
+    pub fn set_max_path_depth(&mut self, depth: u32) -> &Self {
         self.inner.max_path_depth = depth as usize;
         self
     }
 
     /// Allows or denies symlinks.
-    #[napi]
-    pub fn allow_symlinks(&mut self, allow: Option<bool>) -> &Self {
+    #[napi(js_name = "setAllowSymlinks")]
+    pub fn set_allow_symlinks(&mut self, allow: Option<bool>) -> &Self {
         self.inner.allowed.symlinks = allow.unwrap_or(true);
         self
     }
 
     /// Allows or denies hardlinks.
-    #[napi]
-    pub fn allow_hardlinks(&mut self, allow: Option<bool>) -> &Self {
+    #[napi(js_name = "setAllowHardlinks")]
+    pub fn set_allow_hardlinks(&mut self, allow: Option<bool>) -> &Self {
         self.inner.allowed.hardlinks = allow.unwrap_or(true);
         self
     }
 
     /// Allows or denies absolute paths.
-    #[napi]
-    pub fn allow_absolute_paths(&mut self, allow: Option<bool>) -> &Self {
+    #[napi(js_name = "setAllowAbsolutePaths")]
+    pub fn set_allow_absolute_paths(&mut self, allow: Option<bool>) -> &Self {
         self.inner.allowed.absolute_paths = allow.unwrap_or(true);
         self
     }
 
     /// Allows or denies world-writable files.
-    #[napi]
-    pub fn allow_world_writable(&mut self, allow: Option<bool>) -> &Self {
+    #[napi(js_name = "setAllowWorldWritable")]
+    pub fn set_allow_world_writable(&mut self, allow: Option<bool>) -> &Self {
         self.inner.allowed.world_writable = allow.unwrap_or(true);
         self
     }
 
     /// Sets whether to preserve permissions from archive.
-    #[napi]
-    pub fn preserve_permissions(&mut self, preserve: Option<bool>) -> &Self {
+    #[napi(js_name = "setPreservePermissions")]
+    pub fn set_preserve_permissions(&mut self, preserve: Option<bool>) -> &Self {
         self.inner.preserve_permissions = preserve.unwrap_or(true);
         self
     }
@@ -361,6 +361,185 @@ impl SecurityConfig {
     }
 }
 
+/// Configuration for archive creation operations.
+///
+/// Controls how archives are created from filesystem sources, including
+/// security options, compression settings, and file filtering.
+///
+/// # Defaults
+///
+/// | Setting | Default Value |
+/// |---------|--------------|
+/// | `compression_level` | 6 (balanced) |
+/// | `preserve_permissions` | true |
+/// | `follow_symlinks` | false (secure) |
+/// | `include_hidden` | false |
+/// | `max_file_size` | None (no limit) |
+/// | `exclude_patterns` | `[".git", ".DS_Store", "*.tmp"]` |
+#[napi]
+#[derive(Debug, Clone)]
+pub struct CreationConfig {
+    inner: exarch_core::creation::CreationConfig,
+}
+
+#[napi]
+impl CreationConfig {
+    /// Creates a new `CreationConfig` with secure defaults.
+    #[napi(constructor)]
+    pub fn new() -> Self {
+        Self {
+            inner: exarch_core::creation::CreationConfig::default(),
+        }
+    }
+
+    /// Creates a `CreationConfig` with secure defaults.
+    ///
+    /// This is equivalent to calling `new CreationConfig()`.
+    #[napi(factory)]
+    pub fn default() -> Self {
+        Self::new()
+    }
+
+    /// Sets the compression level (1-9).
+    ///
+    /// Higher values provide better compression but slower speed.
+    /// Default: 6 (balanced).
+    ///
+    /// # Errors
+    ///
+    /// Returns error if level is not in range 1-9.
+    #[napi(js_name = "setCompressionLevel")]
+    #[allow(clippy::cast_possible_truncation)] // level is validated to be 1-9
+    pub fn set_compression_level(&mut self, level: u32) -> Result<&Self> {
+        if !(1..=9).contains(&level) {
+            return Err(Error::from_reason(
+                "compression level must be between 1 and 9",
+            ));
+        }
+        self.inner.compression_level = Some(level as u8);
+        Ok(self)
+    }
+
+    /// Sets whether to preserve file permissions from source.
+    ///
+    /// Default: true.
+    #[napi(js_name = "setPreservePermissions")]
+    pub fn set_preserve_permissions(&mut self, preserve: Option<bool>) -> &Self {
+        self.inner.preserve_permissions = preserve.unwrap_or(true);
+        self
+    }
+
+    /// Sets whether to follow symlinks when adding files.
+    ///
+    /// Default: false (store symlinks as symlinks).
+    ///
+    /// Security note: Following symlinks may include unintended files
+    /// from outside the source directory.
+    #[napi(js_name = "setFollowSymlinks")]
+    pub fn set_follow_symlinks(&mut self, follow: Option<bool>) -> &Self {
+        self.inner.follow_symlinks = follow.unwrap_or(true);
+        self
+    }
+
+    /// Sets whether to include hidden files (files starting with '.').
+    ///
+    /// Default: false.
+    #[napi(js_name = "setIncludeHidden")]
+    pub fn set_include_hidden(&mut self, include: Option<bool>) -> &Self {
+        self.inner.include_hidden = include.unwrap_or(true);
+        self
+    }
+
+    /// Sets maximum size for a single file in bytes.
+    ///
+    /// Files larger than this limit will be skipped.
+    ///
+    /// # Errors
+    ///
+    /// Returns error if size is negative.
+    #[napi(js_name = "setMaxFileSize")]
+    pub fn set_max_file_size(&mut self, size: i64) -> Result<&Self> {
+        if size < 0 {
+            return Err(Error::from_reason("max file size cannot be negative"));
+        }
+        #[allow(clippy::cast_sign_loss)]
+        {
+            self.inner.max_file_size = if size == 0 { None } else { Some(size as u64) };
+        }
+        Ok(self)
+    }
+
+    /// Adds an exclude pattern.
+    ///
+    /// Files matching this pattern will be skipped.
+    ///
+    /// # Errors
+    ///
+    /// Returns error if pattern contains null bytes.
+    #[napi]
+    pub fn add_exclude_pattern(&mut self, pattern: String) -> Result<&Self> {
+        if pattern.contains('\0') {
+            return Err(Error::from_reason(
+                "pattern contains null bytes - potential security issue",
+            ));
+        }
+        self.inner.exclude_patterns.push(pattern);
+        Ok(self)
+    }
+
+    /// Finalizes the configuration (for API consistency).
+    #[napi]
+    pub fn build(&self) -> &Self {
+        self
+    }
+
+    // Property getters
+
+    /// Compression level (1-9).
+    #[napi(getter)]
+    pub fn get_compression_level(&self) -> Option<u32> {
+        self.inner.compression_level.map(u32::from)
+    }
+
+    /// Whether to preserve permissions.
+    #[napi(getter)]
+    pub fn get_preserve_permissions(&self) -> bool {
+        self.inner.preserve_permissions
+    }
+
+    /// Whether to follow symlinks.
+    #[napi(getter)]
+    pub fn get_follow_symlinks(&self) -> bool {
+        self.inner.follow_symlinks
+    }
+
+    /// Whether to include hidden files.
+    #[napi(getter)]
+    pub fn get_include_hidden(&self) -> bool {
+        self.inner.include_hidden
+    }
+
+    /// Maximum file size in bytes.
+    #[napi(getter)]
+    #[allow(clippy::cast_possible_wrap)]
+    pub fn get_max_file_size(&self) -> Option<i64> {
+        self.inner.max_file_size.map(|s| s as i64)
+    }
+
+    /// List of exclude patterns.
+    #[napi(getter)]
+    pub fn get_exclude_patterns(&self) -> Vec<String> {
+        self.inner.exclude_patterns.clone()
+    }
+}
+
+impl CreationConfig {
+    /// Returns a reference to the inner `CoreCreationConfig`.
+    pub fn as_core(&self) -> &exarch_core::creation::CreationConfig {
+        &self.inner
+    }
+}
+
 #[cfg(test)]
 #[allow(
     clippy::unwrap_used,
@@ -400,9 +579,9 @@ mod tests {
     #[test]
     fn test_builder_pattern_method_chaining() {
         let mut config = SecurityConfig::new();
-        config.max_file_size(100_000_000).unwrap();
-        config.max_total_size(1_000_000_000).unwrap();
-        config.max_file_count(50_000);
+        config.set_max_file_size(100_000_000).unwrap();
+        config.set_max_total_size(1_000_000_000).unwrap();
+        config.set_max_file_count(50_000);
 
         assert_eq!(config.get_max_file_size(), 100_000_000);
         assert_eq!(config.get_max_total_size(), 1_000_000_000);
@@ -412,7 +591,7 @@ mod tests {
     #[test]
     fn test_builder_compression_ratio_valid() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(200.0);
+        let result = config.set_max_compression_ratio(200.0);
         assert!(result.is_ok());
         assert_eq!(config.get_max_compression_ratio(), 200.0);
     }
@@ -420,28 +599,28 @@ mod tests {
     #[test]
     fn test_builder_compression_ratio_rejects_nan() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(f64::NAN);
+        let result = config.set_max_compression_ratio(f64::NAN);
         assert!(result.is_err());
     }
 
     #[test]
     fn test_builder_compression_ratio_rejects_infinity() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(f64::INFINITY);
+        let result = config.set_max_compression_ratio(f64::INFINITY);
         assert!(result.is_err());
     }
 
     #[test]
     fn test_builder_compression_ratio_rejects_negative() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(-10.0);
+        let result = config.set_max_compression_ratio(-10.0);
         assert!(result.is_err());
     }
 
     #[test]
     fn test_builder_compression_ratio_rejects_zero() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(0.0);
+        let result = config.set_max_compression_ratio(0.0);
         assert!(result.is_err());
     }
 
@@ -524,7 +703,7 @@ mod tests {
     #[test]
     fn test_max_file_size_negative_value() {
         let mut config = SecurityConfig::new();
-        let result = config.max_file_size(-1);
+        let result = config.set_max_file_size(-1);
         assert!(result.is_err(), "negative file size should be rejected");
         assert!(
             result.unwrap_err().to_string().contains("negative"),
@@ -535,7 +714,7 @@ mod tests {
     #[test]
     fn test_max_file_size_i64_max() {
         let mut config = SecurityConfig::new();
-        let result = config.max_file_size(i64::MAX);
+        let result = config.set_max_file_size(i64::MAX);
         assert!(result.is_ok(), "i64::MAX should be accepted");
         assert_eq!(
             config.get_max_file_size(),
@@ -547,7 +726,7 @@ mod tests {
     #[test]
     fn test_max_total_size_negative_value() {
         let mut config = SecurityConfig::new();
-        let result = config.max_total_size(-1);
+        let result = config.set_max_total_size(-1);
         assert!(result.is_err(), "negative total size should be rejected");
         assert!(
             result.unwrap_err().to_string().contains("negative"),
@@ -558,7 +737,7 @@ mod tests {
     #[test]
     fn test_max_total_size_i64_max() {
         let mut config = SecurityConfig::new();
-        let result = config.max_total_size(i64::MAX);
+        let result = config.set_max_total_size(i64::MAX);
         assert!(result.is_ok(), "i64::MAX should be accepted");
         assert_eq!(
             config.get_max_total_size(),
@@ -570,7 +749,7 @@ mod tests {
     #[test]
     fn test_max_file_count_u32_max() {
         let mut config = SecurityConfig::new();
-        config.max_file_count(u32::MAX);
+        config.set_max_file_count(u32::MAX);
         assert_eq!(
             config.get_max_file_count(),
             u32::MAX,
@@ -581,7 +760,7 @@ mod tests {
     #[test]
     fn test_max_path_depth_u32_max() {
         let mut config = SecurityConfig::new();
-        config.max_path_depth(u32::MAX);
+        config.set_max_path_depth(u32::MAX);
         assert_eq!(
             config.get_max_path_depth(),
             u32::MAX,
@@ -592,7 +771,7 @@ mod tests {
     #[test]
     fn test_max_file_size_zero() {
         let mut config = SecurityConfig::new();
-        let result = config.max_file_size(0);
+        let result = config.set_max_file_size(0);
         assert!(result.is_ok(), "zero file size should be accepted");
         assert_eq!(config.get_max_file_size(), 0);
     }
@@ -601,12 +780,12 @@ mod tests {
     #[test]
     fn test_property_getters_return_correct_values() {
         let mut config = SecurityConfig::new();
-        config.max_file_size(100_000_000).unwrap();
-        config.max_total_size(1_000_000_000).unwrap();
-        config.max_compression_ratio(250.0).unwrap();
-        config.max_file_count(50_000);
-        config.max_path_depth(64);
-        config.preserve_permissions(Some(true));
+        config.set_max_file_size(100_000_000).unwrap();
+        config.set_max_total_size(1_000_000_000).unwrap();
+        config.set_max_compression_ratio(250.0).unwrap();
+        config.set_max_file_count(50_000);
+        config.set_max_path_depth(64);
+        config.set_preserve_permissions(Some(true));
 
         assert_eq!(
             config.get_max_file_size(),
@@ -788,8 +967,8 @@ mod tests {
     #[test]
     fn test_builder_pattern_with_build() {
         let mut config = SecurityConfig::new();
-        config.max_file_size(100_000_000).unwrap();
-        config.max_total_size(1_000_000_000).unwrap();
+        config.set_max_file_size(100_000_000).unwrap();
+        config.set_max_total_size(1_000_000_000).unwrap();
         let result = config.build();
 
         assert_eq!(
@@ -804,14 +983,14 @@ mod tests {
     #[test]
     fn test_builder_compression_ratio_rejects_negative_infinity() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(f64::NEG_INFINITY);
+        let result = config.set_max_compression_ratio(f64::NEG_INFINITY);
         assert!(result.is_err(), "negative infinity should be rejected");
     }
 
     #[test]
     fn test_builder_compression_ratio_accepts_very_small_positive() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(0.000001);
+        let result = config.set_max_compression_ratio(0.000001);
         assert!(
             result.is_ok(),
             "very small positive values should be accepted"
@@ -822,7 +1001,7 @@ mod tests {
     #[test]
     fn test_builder_compression_ratio_accepts_very_large() {
         let mut config = SecurityConfig::new();
-        let result = config.max_compression_ratio(1_000_000.0);
+        let result = config.set_max_compression_ratio(1_000_000.0);
         assert!(result.is_ok(), "very large values should be accepted");
         assert_eq!(config.get_max_compression_ratio(), 1_000_000.0);
     }
@@ -831,7 +1010,7 @@ mod tests {
     #[test]
     fn test_security_config_clone() {
         let mut config = SecurityConfig::new();
-        let _ = config.max_file_size(100_000_000).unwrap();
+        let _ = config.set_max_file_size(100_000_000).unwrap();
 
         let cloned = config.clone();
         assert_eq!(
@@ -924,4 +1103,81 @@ mod tests {
             ".git should be in default banned components"
         );
     }
+
+    // CreationConfig tests
+    #[test]
+    fn test_creation_config_default() {
+        let config = CreationConfig::new();
+        assert_eq!(config.get_compression_level(), Some(6));
+        assert!(config.get_preserve_permissions());
+        assert!(!config.get_follow_symlinks());
+        assert!(!config.get_include_hidden());
+        assert_eq!(config.get_max_file_size(), None);
+        assert_eq!(config.get_exclude_patterns().len(), 3);
+    }
+
+    #[test]
+    fn test_creation_config_builder() {
+        let mut config = CreationConfig::new();
+        config.set_compression_level(9).unwrap();
+        config.set_preserve_permissions(Some(false));
+        config.set_follow_symlinks(Some(true));
+        config.set_include_hidden(Some(true));
+        config.set_max_file_size(1_000_000).unwrap();
+
+        assert_eq!(config.get_compression_level(), Some(9));
+        assert!(!config.get_preserve_permissions());
+        assert!(config.get_follow_symlinks());
+        assert!(config.get_include_hidden());
+        assert_eq!(config.get_max_file_size(), Some(1_000_000));
+    }
+
+    #[test]
+    fn test_creation_config_compression_level_rejects_invalid() {
+        let mut config = CreationConfig::new();
+        assert!(config.set_compression_level(0).is_err());
+        assert!(config.set_compression_level(10).is_err());
+    }
+
+    #[test]
+    fn test_creation_config_compression_level_accepts_valid() {
+        let mut config = CreationConfig::new();
+        assert!(config.set_compression_level(1).is_ok());
+        assert!(config.set_compression_level(9).is_ok());
+    }
+
+    #[test]
+    fn test_creation_config_max_file_size_negative() {
+        let mut config = CreationConfig::new();
+        let result = config.set_max_file_size(-1);
+        assert!(result.is_err());
+        assert!(
+            result
+                .unwrap_err()
+                .to_string()
+                .contains("cannot be negative")
+        );
+    }
+
+    #[test]
+    fn test_creation_config_add_exclude_pattern() {
+        let mut config = CreationConfig::new();
+        config.add_exclude_pattern("*.log".to_string()).unwrap();
+        let patterns = config.get_exclude_patterns();
+        assert!(patterns.contains(&"*.log".to_string()));
+    }
+
+    #[test]
+    fn test_creation_config_add_exclude_pattern_rejects_null() {
+        let mut config = CreationConfig::new();
+        let result = config.add_exclude_pattern("bad\0pattern".to_string());
+        assert!(result.is_err());
+    }
+
+    #[test]
+    fn test_creation_config_as_core() {
+        let config = CreationConfig::new();
+        let core = config.as_core();
+        assert_eq!(core.compression_level, Some(6));
+    }
 }