NPM.Tarball (NPM v0.6.0)

Copy Markdown View Source

Download and extract npm package tarballs.

Verifies SHA-512 integrity and extracts contents to disk.

Summary

Functions

extract(tgz_data, dest_dir)

Extract a .tgz tarball into a destination directory.

fetch_and_extract(tarball_url, integrity, dest_dir)

Download a tarball, verify its integrity, and extract to a directory.

verify_integrity(body, arg2)

Verify SHA-512 integrity of a binary against an SRI hash.

Functions

extract(tgz_data, dest_dir)

@spec extract(binary(), String.t()) :: {:ok, non_neg_integer()} | {:error, term()}

Extract a .tgz tarball into a destination directory.

Strips the package/ prefix that npm tarballs use. Returns {:ok, file_count}.

fetch_and_extract(tarball_url, integrity, dest_dir)

@spec fetch_and_extract(String.t(), String.t(), String.t()) ::
  {:ok, non_neg_integer()} | {:error, term()}

Download a tarball, verify its integrity, and extract to a directory.

Returns {:ok, file_count} or {:error, reason}.

verify_integrity(body, arg2)

@spec verify_integrity(binary(), String.t()) :: :ok | {:error, :integrity_mismatch}

Verify SHA-512 integrity of a binary against an SRI hash.