Package tar@3.0.0 (latest) broke unpack.js

Question

Package tar@3.0.0 (latest) broke unpack.js

Closed this issue 7 years ago · 11 comments

node_modules\wndb-with-exceptions\unpack.js:52
    .pipe(tar.Extract({ path: __dirname }))
              ^

TypeError: tar.Extract is not a function
    at extractTarball (F:\Repositories\iris-bot-engine.git\node_modules\wndb-with-exceptions\unpack.js:52:15)
    at Object.<anonymous> (F:\Repositories\iris-bot-engine.git\node_modules\wndb-with-exceptions\unpack.js:58:1)
    at Module._compile (module.js:571:32)
    at Object.Module._extensions..js (module.js:580:10)
    at Module.load (module.js:488:32)
    at tryModuleLoad (module.js:447:12)
    at Function.Module._load (module.js:439:3)
    at Module.runMain (module.js:605:10)
    at run (bootstrap_node.js:420:7)
    at startup (bootstrap_node.js:139:9)

tar@2.2.1 was the last version compatible with unpack.js

In tar@3.0.0 method tar.Extract was renamed tar.x see:
tar@2.2.1 => tar.js vs tar@3.0.0 => tar.js

You are using tar@latest in package.json it should be tar@2.2.1

Answer 1 · 2017-05-10T05:29:55.000Z

I come to the same error. This breaks the installation of SuperScript.

Answer 2 · 2017-05-10T05:55:22.000Z

Took me hours to get this, It's breaking everything

Answer 3 · 2017-05-10T10:06:36.000Z

For me, too. It breaks the installation of several projects here

Answer 4 · 2017-05-10T10:52:50.000Z

Hi guys, I'm very new to Node, I'm sure there are smarter ways to do this, this is my solution that can be used just in case anyone is impatient for a fix.

You can just downgrade the tar library to 2.2.1 as @ZaDarkSide pointed out and extend the libraries that depend on WNdb-with-exceptions.

Answer 5 · 2017-05-10T13:11:54.000Z

Many thanks for reporting. I'll look into this today. -- Stuart Watt Chief Technology Officer t: +1 416-522-8287 | e: stuart.watt@turalt.com | w: turalt.com

Answer 6 · 2017-05-10T13:20:08.000Z

Updated original post with more info.

Answer 7 · 2017-05-10T14:03:02.000Z

OK, version 3.0.2 is up and should resolve these problems. Many thanks for alerting me, and with the help identifying and resolving. Let me know if there are future issues, especially, as the PR hinted, on Windows (which I haven't yet tested the resolution on).

Answer 8 · 2017-05-10T14:11:07.000Z

OK, it's resolved, thank you!

Answer 9 · 2017-05-10T16:24:20.000Z

Thanks for fixing - though wouldn't the best fix be to use semantic versioning on the tar package so this doesn't potentially happen again?

i.e. "tar": "^3.0.0" rather than "tar": "latest" which will break whenever a new major version is released! Cheers 🙂

Answer 10 · 2017-05-10T16:40:59.000Z

@benhjames I thought about that, but it'd constrain downstream and I didn't think that was the right call if there are downstream users. I'm open to ideas, though, and I might discuss with a few folks who've faced similar challenges with CPAN. tar is used in a lot of places, so I can see the old API getting backported into 3.0 even if deprecated (it's upstream of webpack, for example, and even some of my node-gyp installs).

if I was writing a code dependency, that'd probably be the right call, but since this is only needed at install time it felt different, and more critical. But I'll certainly consider this.

Answer 11 · 2017-05-10T17:01:56.000Z

@morungos thanks for the response!

I think I'd argue though that using latest instead of semver makes it more challenging for downstream projects to use this package, since whenever it majorly upgrades, it will break all downstream things (as witnessed!)

I guess I'm mostly curious as to why it would be critical to have latest over a specific (and more importantly, compatible) range of versions. :)