ZIP → TAR.GZ in Developer Workflows

Triage a PR's release artifact without cloning

A PR attaches build.zip. Convert and list to sanity-check the contents before approving.

Drop build.zip → build.tar.gz

$ tar -tzf build.tar.gz
  dist/index.js
  dist/index.js.map
  package.json
# looks right — no node_modules accidentally bundled

Discover the (empty) schema before scripting

Confirm there are no options to pass — the payload is just the file.

$ curl -H 'Authorization: Bearer $KEY' \
    https://jadapps…/api/v1/tools/zip-to-tar-gz
{
  "slug": "zip-to-tar-gz",
  "options": []        // no parameters for this tool
}

Local runner call in a script (no upload)

Drive the conversion from a shell via the loopback runner on a paid tier; the artifact stays on disk.

# runner bound at 127.0.0.1:9789
curl -s -X POST \
  http://127.0.0.1:9789/v1/tools/zip-to-tar-gz \
  -F file=@build.zip
# → { outputPath: "…/build.tar.gz", sizeBytes: … }
# file never left the machine

Normalise mixed artifacts to TAR.GZ

A stage receives .zip and .7z; emit uniform tarballs for the next step.

for f in incoming/*; do
  curl -s -X POST \
    http://127.0.0.1:9789/v1/tools/zip-to-tar-gz \
    -F file=@"$f"
done
# all become *.tar.gz (7z read via WASM in the runner)

Why NOT to use it for reproducible builds

Two conversions of the same ZIP produce different hashes. Use the CLI when bytes must be stable.

convert build.zip twice → two different sha256
  (TAR mtime = Date.now() each run)

Reproducible alternative (CLI):
  unzip -q build.zip -d /tmp/x
  tar --sort=name --mtime='1970-01-01' \
      --owner=0 --group=0 --numeric-owner \
      -czf build.tar.gz -C /tmp/x .  # stable hash

The TAR mtime is set to the current time on each conversion, so byte output and any checksum change between runs. Don't gate a CI cache on the converted hash, and don't re-derive an attestation by re-converting. For stable output, use the CLI with pinned --mtime/owner flags.

GET /api/v1/tools/zip-to-tar-gz returns no options — this converter is parameterless. The OptionsPanel renders nothing in the UI and the runner ignores any options you send. If you need a compression level or path-strip, those live on other tools, not here.

An encrypted archive fails with Archive contains encrypted entries… Provide a password to extract. There's no password parameter to pass via the runner, so the job errors. Branch on this message and route encrypted inputs to a password-capable tool first.

If the @jadapps/runner isn't reachable on 127.0.0.1:9789 (or the legacy 49217), paid-tier jobs fall back to in-browser processing. For a headless script that relies on the runner, check GET /v1/health first and fail fast if it's down.

Output entries are mode 0644, so any executable produced upstream loses its +x bit through the conversion. Add a chmod +x after extraction in the consuming job, or skip the conversion and tar on the CLI where permissions survive.

Size is checked before processing — 50 MB free, 500 MB Pro, 2 GB top tiers. An over-cap artifact errors with the tier message. In CI, ensure the running account's tier matches the largest artifact you convert, or pre-split.

The converter drops empty directories and bare directory entries, so tar -tzf on its output won't list ./ or empty folders the way a CLI tar czf . does. If a downstream check compares manifests exactly, account for this difference.

The runner uses the same engines as the browser, so 7z/RAR/XZ/BZ2/ISO inputs convert via the WASM reader. Handy for normalising release assets that arrive in non-ZIP formats without installing unpackers on the build box.

When falling back to in-browser processing (no runner), a large or highly-expanding archive can exhaust the tab. The runner path on a server-class machine, or the CLI, is more robust for big inputs.

To compare what changed between two builds, don't diff converted tarball hashes (they drift on mtime). Use the archive diff tool, which compares entries and contents between two archives directly.