With a comprehensive open source management solution like the Tidelift Subscription, you can efficiently manage the ways development teams use thousands of open source components across JavaScript, Python, Java, PHP, Ruby, .NET, Rust, and more. Accelerate application development, cut costs, and reduce risk with catalogs of known-good, proactively maintained open source components—backed by maintainers.
tar-stream is a part of the Tidelift Subscriptiontar-stream is a streaming tar parser and generator and nothing else. It is streams2 and operates purely using streams which means you can easily extract/parse tarballs without ever hitting the file system. tar-stream exposes two streams, pack which creates tarballs and extract which extracts tarballs. To modify an existing tarball use both.It implementes USTAR with additional support for pax extended headers. It should be compatible with all popular tar distributions out there (gnutar, bsdtar etc).
tar-stream is available via the npm package manager.
JavaScript users get vulnerability remediation advice for 59,272 package releases
Java users get SPDX-formatted licenses for 55,933 package releases
Python users get SPDX-formatted licenses for 11,191 package releases
Conda users get SPDX-formatted licenses for 201 package releases
Python users get vulnerability remediation advice for 10,840 package releases
Generate SBOMs of all the packages used in your applications with rich insights such as:
Security-advised and license-annotated catalog recommendations to keep your applications safe:
Create a custom repository of pre-vetted and approved packages unique to your organization:
