From b0c036c0736e7624dec440e4b07de6f75b179dd4 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 5 Oct 2025 13:00:47 +0000 Subject: [PATCH 1/2] Initial plan From 93f550cca0ef01c545183b56c784c6910b098cda Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 5 Oct 2025 13:04:50 +0000 Subject: [PATCH 2/2] Add comparison to Commons Compress in README Co-authored-by: slachiewicz <6705942+slachiewicz@users.noreply.github.com> --- README.md | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/README.md b/README.md index 82089294..f37bfc70 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,59 @@ Plexus-archiver The current master is now at https://github.com/codehaus-plexus/plexus-archiver +## What is Plexus Archiver? + +Plexus Archiver is a high-level Java API for creating and extracting archives (ZIP, JAR, TAR, etc.). It provides a simple, unified interface for working with various archive formats, abstracting away the low-level details of archive manipulation. + +## Comparison to Apache Commons Compress + +Plexus Archiver builds on top of [Apache Commons Compress](https://commons.apache.org/proper/commons-compress/) (since version 2.5) and provides additional capabilities: + +### Apache Commons Compress + +Commons Compress is a low-level library that provides: +- Direct access to archive formats and compression algorithms +- Fine-grained control over archive entries and their attributes +- Support for a wide range of archive formats (ZIP, TAR, AR, CPIO, etc.) +- Streaming API for memory-efficient processing + +### Plexus Archiver + +Plexus Archiver is a higher-level abstraction layer that adds: + +**Simplified API**: Easy-to-use builder-style interface for common archiving tasks without dealing with low-level stream handling. + +**Advanced Features**: +- File selectors and filtering capabilities +- Automatic handling of file permissions and attributes +- Built-in support for directory scanning with includes/excludes patterns +- Reproducible builds support (configurable timestamps and ordering) +- Duplicate handling strategies +- File mappers for transforming entry names during archiving/unarchiving +- Protection against ZIP bombs (configurable output size limits) + +**Build Tool Integration**: Designed for integration with build tools like Maven, with support for: +- Modular JAR creation (Java 9+ modules) +- Manifest generation and customization +- Archive finalizers for post-processing + +**Dependency Injection Ready**: Includes JSR-330 annotations for easy integration with dependency injection frameworks. + +### When to Use Which? + +**Use Apache Commons Compress when:** +- You need fine-grained control over archive format details +- You're working with streaming data or large archives +- You need to support specialized or uncommon archive formats +- Memory efficiency is critical + +**Use Plexus Archiver when:** +- You want a simple, declarative API for common archiving tasks +- You're building a Maven plugin or similar build tool +- You need reproducible builds with consistent archive ordering +- You want built-in file filtering and selection capabilities +- You need to create modular JARs or other specialized Java archives + ## Important Hint Based on a hint of snyk.io security team they have found a possible security issue.