exarch-rs 0.1.1 → 0.2.0

package/Cargo.toml

@@ -17,7 +17,7 @@ crate-type = ["cdylib"]
 exarch-core.workspace = true
 napi = { workspace = true, features = ["async", "napi4", "error_anyhow", "tokio_rt"] }
 napi-derive.workspace = true
-tokio.workspace = true
+tokio = { workspace = true, features = ["rt"] }
 
 [build-dependencies]
 napi-build.workspace = true

package/README.md

@@ -6,7 +6,7 @@
 [![CI](https://img.shields.io/github/actions/workflow/status/bug-ops/exarch/ci.yml?branch=main)](https://github.com/bug-ops/exarch/actions)
 [![License](https://img.shields.io/npm/l/exarch-rs)](../../LICENSE-MIT)
 
-Memory-safe archive extraction library for Node.js.
+Memory-safe archive extraction and creation library for Node.js.
 
 > [!IMPORTANT]
 > **exarch** is designed as a secure replacement for vulnerable archive libraries like `tar-fs`, which has known CVEs with CVSS scores up to 9.4.
@@ -38,6 +38,8 @@ bun add exarch-rs
 
 ## Quick Start
 
+### Extraction
+
 ```javascript
 const { extractArchive } = require('exarch-rs');
 
@@ -46,6 +48,16 @@ const result = await extractArchive('archive.tar.gz', '/output/path');
 console.log(`Extracted ${result.filesExtracted} files`);
 ```
 
+### Creation
+
+```javascript
+const { createArchive } = require('exarch-rs');
+
+// Async (recommended)
+const result = await createArchive('backup.tar.gz', ['src/', 'package.json']);
+console.log(`Created archive with ${result.filesAdded} files`);
+```
+
 ## Usage
 
 ### Async API (Recommended)
@@ -178,14 +190,18 @@ The library provides built-in protection against:
 
 ## Supported Formats
 
-| Format | Extensions |
-|--------|------------|
-| TAR | `.tar` |
-| TAR+GZIP | `.tar.gz`, `.tgz` |
-| TAR+BZIP2 | `.tar.bz2`, `.tbz2` |
-| TAR+XZ | `.tar.xz`, `.txz` |
-| TAR+ZSTD | `.tar.zst`, `.tzst` |
-| ZIP | `.zip` |
+| Format | Extensions | Extract | Create |
+|--------|------------|:-------:|:------:|
+| TAR | `.tar` | ✅ | ✅ |
+| TAR+GZIP | `.tar.gz`, `.tgz` | ✅ | ✅ |
+| TAR+BZIP2 | `.tar.bz2`, `.tbz2` | ✅ | ✅ |
+| TAR+XZ | `.tar.xz`, `.txz` | ✅ | ✅ |
+| TAR+ZSTD | `.tar.zst`, `.tzst` | ✅ | ✅ |
+| ZIP | `.zip` | ✅ | ✅ |
+| 7z | `.7z` | ✅ | — |
+
+> [!NOTE]
+> 7z creation is not yet supported. Solid and encrypted 7z archives are rejected for security reasons.
 
 ## Comparison with tar-fs
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "exarch-rs",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "description": "Memory-safe archive extraction library with built-in security validation",
   "main": "index.js",
   "types": "index.d.ts",

package/src/lib.rs

@@ -208,9 +208,13 @@ pub fn extract_archive_sync(
     let default_config = exarch_core::SecurityConfig::default();
     let config_ref = config.map_or(&default_config, |c| c.as_core());
 
-    // Run extraction synchronously
-    let report = exarch_core::extract_archive(&archive_path, &output_dir, config_ref)
-        .map_err(convert_error)?;
+    // Run extraction synchronously with panic safety
+    // CRITICAL: Never panic across FFI boundary
+    let report = std::panic::catch_unwind(std::panic::AssertUnwindSafe(|| {
+        exarch_core::extract_archive(&archive_path, &output_dir, config_ref)
+    }))
+    .map_err(|_| Error::from_reason("Internal panic during archive extraction"))?
+    .map_err(convert_error)?;
 
     Ok(ExtractionReport::from(report))
 }

package/tests/create.test.js

@@ -1,7 +1,7 @@
 /**
  * Tests for archive creation functions
  */
-const { describe, it, beforeEach } = require('node:test');
+const { describe, it, beforeEach, afterEach } = require('node:test');
 const assert = require('node:assert');
 const fs = require('node:fs');
 const path = require('node:path');
@@ -39,6 +39,12 @@ describe('createArchive (async)', () => {
     outputPath = path.join(tempDir, 'output.tar.gz');
   });
 
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
   it('should create a tar.gz archive', async () => {
     const report = await createArchive(outputPath, [sourceDir]);
 
@@ -95,6 +101,12 @@ describe('createArchiveSync', () => {
     outputPath = path.join(tempDir, 'output.tar.gz');
   });
 
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
   it('should create archive synchronously', () => {
     const report = createArchiveSync(outputPath, [sourceDir]);
 

package/tests/extract.test.js

@@ -1,10 +1,7 @@
 /**
  * Tests for archive extraction functions
- *
- * NOTE: Extraction tests are skipped until exarch-core extract_archive API is fully implemented.
- * The current implementation is a placeholder (see exarch-core/src/api.rs).
  */
-const { describe, it, beforeEach } = require('node:test');
+const { describe, it, beforeEach, afterEach } = require('node:test');
 const assert = require('node:assert');
 const fs = require('node:fs');
 const path = require('node:path');
@@ -42,19 +39,29 @@ describe('extractArchive (async)', () => {
     fs.mkdirSync(outputDir);
   });
 
-  // TODO: Enable when core extract_archive is implemented
-  it.skip('should extract a valid archive', async () => {
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
+  it('should extract a valid archive', async () => {
     createValidArchive(archivePath, tempDir);
 
     const report = await extractArchive(archivePath, outputDir);
 
-    assert.ok(report.filesExtracted >= 1);
+    assert.strictEqual(report.filesExtracted, 1);
     assert.ok(report.bytesWritten >= 13);
     assert.ok(report.durationMs >= 0);
+
+    // Verify extracted file exists and has correct content
+    const extractedFile = path.join(outputDir, 'hello.txt');
+    assert.ok(fs.existsSync(extractedFile), 'Extracted file should exist');
+    const content = fs.readFileSync(extractedFile, 'utf8');
+    assert.strictEqual(content, 'Hello, World!');
   });
 
-  // TODO: Enable when core extract_archive is implemented
-  it.skip('should accept custom SecurityConfig', async () => {
+  it('should accept custom SecurityConfig', async () => {
     createValidArchive(archivePath, tempDir);
 
     const config = new SecurityConfig();
@@ -63,15 +70,6 @@ describe('extractArchive (async)', () => {
 
     assert.ok(report.filesExtracted >= 1);
   });
-
-  it('should return empty report for valid archive (placeholder)', async () => {
-    createValidArchive(archivePath, tempDir);
-
-    const report = await extractArchive(archivePath, outputDir);
-
-    // Core extract_archive is currently a placeholder
-    assert.strictEqual(report.filesExtracted, 0);
-  });
 });
 
 describe('extractArchiveSync', () => {
@@ -86,18 +84,28 @@ describe('extractArchiveSync', () => {
     fs.mkdirSync(outputDir);
   });
 
-  // TODO: Enable when core extract_archive is implemented
-  it.skip('should extract a valid archive synchronously', () => {
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
+  it('should extract a valid archive synchronously', () => {
     createValidArchive(archivePath, tempDir);
 
     const report = extractArchiveSync(archivePath, outputDir);
 
-    assert.ok(report.filesExtracted >= 1);
+    assert.strictEqual(report.filesExtracted, 1);
     assert.ok(report.bytesWritten >= 13);
+
+    // Verify extracted file exists and has correct content
+    const extractedFile = path.join(outputDir, 'hello.txt');
+    assert.ok(fs.existsSync(extractedFile), 'Extracted file should exist');
+    const content = fs.readFileSync(extractedFile, 'utf8');
+    assert.strictEqual(content, 'Hello, World!');
   });
 
-  // TODO: Enable when core extract_archive is implemented
-  it.skip('should accept custom SecurityConfig', () => {
+  it('should accept custom SecurityConfig', () => {
     createValidArchive(archivePath, tempDir);
 
     const config = new SecurityConfig();
@@ -106,13 +114,4 @@ describe('extractArchiveSync', () => {
 
     assert.ok(report.filesExtracted >= 1);
   });
-
-  it('should return empty report for valid archive (placeholder)', () => {
-    createValidArchive(archivePath, tempDir);
-
-    const report = extractArchiveSync(archivePath, outputDir);
-
-    // Core extract_archive is currently a placeholder
-    assert.strictEqual(report.filesExtracted, 0);
-  });
 });

package/tests/list-verify.test.js

@@ -1,7 +1,7 @@
 /**
  * Tests for listArchive and verifyArchive functions
  */
-const { describe, it, beforeEach } = require('node:test');
+const { describe, it, beforeEach, afterEach } = require('node:test');
 const assert = require('node:assert');
 const fs = require('node:fs');
 const path = require('node:path');
@@ -38,6 +38,12 @@ describe('listArchive (async)', () => {
     archivePath = path.join(tempDir, 'test.tar.gz');
   });
 
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
   it('should list archive contents', async () => {
     createValidArchive(archivePath, tempDir);
 
@@ -78,6 +84,12 @@ describe('listArchiveSync', () => {
     archivePath = path.join(tempDir, 'test.tar.gz');
   });
 
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
   it('should list archive contents synchronously', () => {
     createValidArchive(archivePath, tempDir);
 
@@ -98,6 +110,12 @@ describe('verifyArchive (async)', () => {
     archivePath = path.join(tempDir, 'test.tar.gz');
   });
 
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
   it('should verify a valid archive', async () => {
     createValidArchive(archivePath, tempDir);
 
@@ -137,6 +155,12 @@ describe('verifyArchiveSync', () => {
     archivePath = path.join(tempDir, 'test.tar.gz');
   });
 
+  afterEach(() => {
+    if (tempDir && fs.existsSync(tempDir)) {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
   it('should verify archive synchronously', () => {
     createValidArchive(archivePath, tempDir);