Ensure .gz files are extracted too

2026-04-27 01:08:46 +00:00 · 2025-12-17 10:25:47 +00:00
parent f28848a66a
commit f2ccf3b4f1
4 changed files with 133 additions and 61 deletions
@@ -87355,7 +87355,7 @@ var require_graceful_fs = __commonJS({
      polyfills(fs9);
      fs9.gracefulify = patch;
      fs9.createReadStream = createReadStream;
-      fs9.createWriteStream = createWriteStream2;
+      fs9.createWriteStream = createWriteStream3;
      var fs$readFile = fs9.readFile;
      fs9.readFile = readFile;
      function readFile(path7, options, cb) {
@@ -87567,7 +87567,7 @@ var require_graceful_fs = __commonJS({
      function createReadStream(path7, options) {
        return new fs9.ReadStream(path7, options);
      }
-      function createWriteStream2(path7, options) {
+      function createWriteStream3(path7, options) {
        return new fs9.WriteStream(path7, options);
      }
      var fs$open = fs9.open;
@@ -120961,11 +120961,11 @@ function scanFileForTokens(filePath, relativePath, logger) {
    return [];
  }
 }
-async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth = 0) {
+async function scanArchiveFile(archivePath, relativeArchivePath, extractDir, logger, depth = 0) {
  const MAX_DEPTH = 10;
  if (depth > MAX_DEPTH) {
    throw new Error(
-      `Maximum zip extraction depth (${MAX_DEPTH}) reached for ${zipPath}`
+      `Maximum archive extraction depth (${MAX_DEPTH}) reached for ${archivePath}`
    );
  }
  const result = {
@@ -120973,14 +120973,29 @@ async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth =
    findings: []
  };
  try {
-    logger.debug(`Extracting zip file: ${zipPath}`);
    const tempExtractDir = fs5.mkdtempSync(
      path5.join(extractDir, `extract-${depth}-`)
    );
-    await exec.exec("unzip", ["-q", "-o", zipPath, "-d", tempExtractDir]);
+    const fileName = path5.basename(archivePath).toLowerCase();
+    if (fileName.endsWith(".tar.gz") || fileName.endsWith(".tgz")) {
+      logger.debug(`Extracting tar.gz file: ${archivePath}`);
+      await exec.exec("tar", ["-xzf", archivePath, "-C", tempExtractDir]);
+    } else if (fileName.endsWith(".gz")) {
+      logger.debug(`Extracting gz file: ${archivePath}`);
+      const outputFile = path5.join(
+        tempExtractDir,
+        path5.basename(archivePath, ".gz")
+      );
+      await exec.exec("gunzip", ["-c", archivePath], {
+        outStream: fs5.createWriteStream(outputFile)
+      });
+    } else if (fileName.endsWith(".zip")) {
+      logger.debug(`Extracting zip file: ${archivePath}`);
+      await exec.exec("unzip", ["-q", "-o", archivePath, "-d", tempExtractDir]);
+    }
    const scanResult = await scanDirectory(
      tempExtractDir,
-      relativeZipPath,
+      relativeArchivePath,
      logger,
      depth + 1
    );
@@ -120989,7 +121004,7 @@ async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth =
    fs5.rmSync(tempExtractDir, { recursive: true, force: true });
  } catch (e) {
    logger.debug(
-      `Could not extract or scan zip file ${zipPath}: ${getErrorMessage(e)}`
+      `Could not extract or scan archive file ${archivePath}: ${getErrorMessage(e)}`
    );
  }
  return result;
@@ -120999,17 +121014,18 @@ async function scanFile(fullPath, relativePath, extractDir, logger, depth = 0) {
    scannedFiles: 1,
    findings: []
  };
-  const ext = path5.extname(fullPath).toLowerCase();
-  if (ext === ".zip") {
-    const zipResult = await scanZipFile(
+  const fileName = path5.basename(fullPath).toLowerCase();
+  const isArchive = fileName.endsWith(".zip") || fileName.endsWith(".tar.gz") || fileName.endsWith(".tgz") || fileName.endsWith(".gz");
+  if (isArchive) {
+    const archiveResult = await scanArchiveFile(
      fullPath,
      relativePath,
      extractDir,
      logger,
      depth
    );
-    result.scannedFiles += zipResult.scannedFiles;
-    result.findings.push(...zipResult.findings);
+    result.scannedFiles += archiveResult.scannedFiles;
+    result.findings.push(...archiveResult.findings);
  }
  const fileFindings = scanFileForTokens(fullPath, relativePath, logger);
  result.findings.push(...fileFindings);
@@ -87355,7 +87355,7 @@ var require_graceful_fs = __commonJS({
      polyfills(fs19);
      fs19.gracefulify = patch;
      fs19.createReadStream = createReadStream2;
-      fs19.createWriteStream = createWriteStream2;
+      fs19.createWriteStream = createWriteStream3;
      var fs$readFile = fs19.readFile;
      fs19.readFile = readFile;
      function readFile(path16, options, cb) {
@@ -87567,7 +87567,7 @@ var require_graceful_fs = __commonJS({
      function createReadStream2(path16, options) {
        return new fs19.ReadStream(path16, options);
      }
-      function createWriteStream2(path16, options) {
+      function createWriteStream3(path16, options) {
        return new fs19.WriteStream(path16, options);
      }
      var fs$open = fs19.open;
@@ -125603,11 +125603,11 @@ function scanFileForTokens(filePath, relativePath, logger) {
    return [];
  }
 }
-async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth = 0) {
+async function scanArchiveFile(archivePath, relativeArchivePath, extractDir, logger, depth = 0) {
  const MAX_DEPTH = 10;
  if (depth > MAX_DEPTH) {
    throw new Error(
-      `Maximum zip extraction depth (${MAX_DEPTH}) reached for ${zipPath}`
+      `Maximum archive extraction depth (${MAX_DEPTH}) reached for ${archivePath}`
    );
  }
  const result = {
@@ -125615,14 +125615,29 @@ async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth =
    findings: []
  };
  try {
-    logger.debug(`Extracting zip file: ${zipPath}`);
    const tempExtractDir = fs12.mkdtempSync(
      path11.join(extractDir, `extract-${depth}-`)
    );
-    await exec.exec("unzip", ["-q", "-o", zipPath, "-d", tempExtractDir]);
+    const fileName = path11.basename(archivePath).toLowerCase();
+    if (fileName.endsWith(".tar.gz") || fileName.endsWith(".tgz")) {
+      logger.debug(`Extracting tar.gz file: ${archivePath}`);
+      await exec.exec("tar", ["-xzf", archivePath, "-C", tempExtractDir]);
+    } else if (fileName.endsWith(".gz")) {
+      logger.debug(`Extracting gz file: ${archivePath}`);
+      const outputFile = path11.join(
+        tempExtractDir,
+        path11.basename(archivePath, ".gz")
+      );
+      await exec.exec("gunzip", ["-c", archivePath], {
+        outStream: fs12.createWriteStream(outputFile)
+      });
+    } else if (fileName.endsWith(".zip")) {
+      logger.debug(`Extracting zip file: ${archivePath}`);
+      await exec.exec("unzip", ["-q", "-o", archivePath, "-d", tempExtractDir]);
+    }
    const scanResult = await scanDirectory(
      tempExtractDir,
-      relativeZipPath,
+      relativeArchivePath,
      logger,
      depth + 1
    );
@@ -125631,7 +125646,7 @@ async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth =
    fs12.rmSync(tempExtractDir, { recursive: true, force: true });
  } catch (e) {
    logger.debug(
-      `Could not extract or scan zip file ${zipPath}: ${getErrorMessage(e)}`
+      `Could not extract or scan archive file ${archivePath}: ${getErrorMessage(e)}`
    );
  }
  return result;
@@ -125641,17 +125656,18 @@ async function scanFile(fullPath, relativePath, extractDir, logger, depth = 0) {
    scannedFiles: 1,
    findings: []
  };
-  const ext = path11.extname(fullPath).toLowerCase();
-  if (ext === ".zip") {
-    const zipResult = await scanZipFile(
+  const fileName = path11.basename(fullPath).toLowerCase();
+  const isArchive = fileName.endsWith(".zip") || fileName.endsWith(".tar.gz") || fileName.endsWith(".tgz") || fileName.endsWith(".gz");
+  if (isArchive) {
+    const archiveResult = await scanArchiveFile(
      fullPath,
      relativePath,
      extractDir,
      logger,
      depth
    );
-    result.scannedFiles += zipResult.scannedFiles;
-    result.findings.push(...zipResult.findings);
+    result.scannedFiles += archiveResult.scannedFiles;
+    result.findings.push(...archiveResult.findings);
  }
  const fileFindings = scanFileForTokens(fullPath, relativePath, logger);
  result.findings.push(...fileFindings);
@@ -75691,7 +75691,7 @@ var require_graceful_fs = __commonJS({
      polyfills(fs4);
      fs4.gracefulify = patch;
      fs4.createReadStream = createReadStream;
-      fs4.createWriteStream = createWriteStream2;
+      fs4.createWriteStream = createWriteStream3;
      var fs$readFile = fs4.readFile;
      fs4.readFile = readFile;
      function readFile(path3, options, cb) {
@@ -75903,7 +75903,7 @@ var require_graceful_fs = __commonJS({
      function createReadStream(path3, options) {
        return new fs4.ReadStream(path3, options);
      }
-      function createWriteStream2(path3, options) {
+      function createWriteStream3(path3, options) {
        return new fs4.WriteStream(path3, options);
      }
      var fs$open = fs4.open;
@@ -119896,11 +119896,11 @@ function scanFileForTokens(filePath, relativePath, logger) {
    return [];
  }
 }
-async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth = 0) {
+async function scanArchiveFile(archivePath, relativeArchivePath, extractDir, logger, depth = 0) {
  const MAX_DEPTH = 10;
  if (depth > MAX_DEPTH) {
    throw new Error(
-      `Maximum zip extraction depth (${MAX_DEPTH}) reached for ${zipPath}`
+      `Maximum archive extraction depth (${MAX_DEPTH}) reached for ${archivePath}`
    );
  }
  const result = {
@@ -119908,14 +119908,29 @@ async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth =
    findings: []
  };
  try {
-    logger.debug(`Extracting zip file: ${zipPath}`);
    const tempExtractDir = fs.mkdtempSync(
      path.join(extractDir, `extract-${depth}-`)
    );
-    await exec.exec("unzip", ["-q", "-o", zipPath, "-d", tempExtractDir]);
+    const fileName = path.basename(archivePath).toLowerCase();
+    if (fileName.endsWith(".tar.gz") || fileName.endsWith(".tgz")) {
+      logger.debug(`Extracting tar.gz file: ${archivePath}`);
+      await exec.exec("tar", ["-xzf", archivePath, "-C", tempExtractDir]);
+    } else if (fileName.endsWith(".gz")) {
+      logger.debug(`Extracting gz file: ${archivePath}`);
+      const outputFile = path.join(
+        tempExtractDir,
+        path.basename(archivePath, ".gz")
+      );
+      await exec.exec("gunzip", ["-c", archivePath], {
+        outStream: fs.createWriteStream(outputFile)
+      });
+    } else if (fileName.endsWith(".zip")) {
+      logger.debug(`Extracting zip file: ${archivePath}`);
+      await exec.exec("unzip", ["-q", "-o", archivePath, "-d", tempExtractDir]);
+    }
    const scanResult = await scanDirectory(
      tempExtractDir,
-      relativeZipPath,
+      relativeArchivePath,
      logger,
      depth + 1
    );
@@ -119924,7 +119939,7 @@ async function scanZipFile(zipPath, relativeZipPath, extractDir, logger, depth =
    fs.rmSync(tempExtractDir, { recursive: true, force: true });
  } catch (e) {
    logger.debug(
-      `Could not extract or scan zip file ${zipPath}: ${getErrorMessage(e)}`
+      `Could not extract or scan archive file ${archivePath}: ${getErrorMessage(e)}`
    );
  }
  return result;
@@ -119934,17 +119949,18 @@ async function scanFile(fullPath, relativePath, extractDir, logger, depth = 0) {
    scannedFiles: 1,
    findings: []
  };
-  const ext = path.extname(fullPath).toLowerCase();
-  if (ext === ".zip") {
-    const zipResult = await scanZipFile(
+  const fileName = path.basename(fullPath).toLowerCase();
+  const isArchive = fileName.endsWith(".zip") || fileName.endsWith(".tar.gz") || fileName.endsWith(".tgz") || fileName.endsWith(".gz");
+  if (isArchive) {
+    const archiveResult = await scanArchiveFile(
      fullPath,
      relativePath,
      extractDir,
      logger,
      depth
    );
-    result.scannedFiles += zipResult.scannedFiles;
-    result.findings.push(...zipResult.findings);
+    result.scannedFiles += archiveResult.scannedFiles;
+    result.findings.push(...archiveResult.findings);
  }
  const fileFindings = scanFileForTokens(fullPath, relativePath, logger);
  result.findings.push(...fileFindings);