what is the reason behind using tarr instead of the official tar package?
the name of that package makes it look like typo-squatting and a security threat, additionally I can't find the source code for the tarr package since it points to the github of the original one 👍
Good question. I forget the exact reason but I published tarr to freeze the node-tar codebase to resolve a dependency issue. This was some time ago so probably worth revisiting.
The
tarr
module https://www.npmjs.com/package/tarr (with an extra r at the end) copy of the official node-tar package https://www.npmjs.com/package/tar was added in this commithttps://github.com/sintaxi/surge/commit/bf652192da4c9e6f2da4f197b31f62aeb9e401cd
what is the reason behind using
tarr
instead of the officialtar
package?the name of that package makes it look like
typo-squatting
and a security threat, additionally I can't find the source code for thetarr
package since it points to the github of the original one 👍