Fix tarballs missing the tar end-of-archive marker (ERR_PNPM_TARBALL_EXTRACT)#51
Merged
Merged
Conversation
…EXTRACT) buildPreviewTarball repacks upstream tarballs with nanotar's createTarGzip. nanotar rounds the archive up to a full 10240-byte record and relies on the zero slack to form the mandatory end-of-archive marker (two 512-byte zero blocks), but emits NO slack when the packed size is already an exact multiple of 10240 (and only a single block when it is 512 short). Lenient readers (BSD/GNU tar, gzip -t) tolerate the omission, but pnpm's strict extractor then reads a header past EOF and fails: ERR_PNPM_TARBALL_EXTRACT Invalid checksum for TAR header at offset N. Expected 0, got NaN This bit @voidzero-dev/vite-plus-core@0.0.0-commit.14f13284, whose repacked content sums to exactly 5038080 = 492 * 10240 bytes, breaking `vp` installs. Build the raw tar, guarantee the marker (append two zero blocks whenever the last 1024 bytes are not already zero), then gzip. It is a no-op for normal archives, so every already-correct tarball's bytes and integrity are unchanged; only boundary cases are corrected. Rebuilt the publish-preview action bundle, which packs via the same buildPreviewTarball.
fengmk2
added a commit
to voidzero-dev/vite-plus
that referenced
this pull request
Jul 1, 2026
Picks up voidzero-dev/pkg-pr-registry-bridge#51, which fixes preview tarballs missing the tar end-of-archive marker (ERR_PNPM_TARBALL_EXTRACT: "Invalid checksum for TAR header") when the packed size is an exact multiple of 10240. Claude-Session: https://claude.ai/code/session_01DQhS6o1fyQd1yjiee6W8jR
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
vpinstalls of some preview builds fail in pnpm:Root cause
buildPreviewTarballrepacks upstream tarballs with nanotar'screateTarGzip. nanotar rounds the archive up to a full 10240-byte record and relies on the zero slack to form the mandatory end-of-archive marker (two 512-byte zero blocks). When the packed size is already an exact multiple of 10240, it adds no slack and emits no marker (and only a single block when the size is 512 short of a record).Lenient readers (BSD/GNU
tar,gzip -t) tolerate the omission; pnpm's strict extractor reads a header past EOF and fails withExpected 0, got NaN.@voidzero-dev/vite-plus-core@0.0.0-commit.14f13284repacks to exactly5038080 = 492 * 10240bytes, hitting the boundary.This is unrelated to #49 (which only touched the download path); reverting it could not have helped.
Fix
Build the raw tar, guarantee the marker (append two zero blocks whenever the last 1024 bytes are not already zero), then gzip. A no-op for normal archives, so every already-correct tarball's bytes and integrity are byte-identical; only boundary cases change. Rebuilt the
publish-previewaction bundle, which packs via the samebuildPreviewTarball.Test plan
main, passes here.pnpm typecheck,pnpm test(78/78)tar.Follow-up (post-merge)
The already-corrupted object in R2 for
vite-plus-core@0.0.0-commit.14f13284must be purged/rebuilt so live installs recover; deploying the Worker alone won't rewrite existing bytes.