Replace `archiver` with lighter alternative

[benmccann]

archiver has 64 dependencies and weighs over 7mb:
https://npmgraph.js.org/?q=archiver
https://pkg-size.dev/archiver

Some of those dependencies were just compromised: https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack. It's also responsible for about half the dependencies in this project

Perhaps it could be replaced with a lighter alternative like https://github.com/ayuhito/modern-tar? Or alternatively, tar or tar-stream (which is what archiver uses internally)?

[cristianrgreco]

Makes sense, PR welcome!

This issue is stale because it has been open for 90 days with no activity.

[santialbo]

not stale

[cristianrgreco]

I am not sure that use of the archiver package merits a never-stale issue.

Archiver makes up 0.14% of the testcontainers bundle. A PR is welcome if someone wishes to replace it with something more lightweight, as long as it is well established and tested, doesn't introduce complexity, performance degradations, etc, but I see no need for there being an open issue tracking it.

[theoludwig]

Archiver makes up 0.14% of the testcontainers bundle

More than 1/10 of the bundle is a lot IMO + it has deprecated dependencies and is not maintained properly.
Now I agree, we can close this issue, if no one is willing to do the work, and it's true that's it's not a "critical"/"important" issue, as it works no problem.

Might be worth looking: @archiver/archiver, it seems to be a drop in replacement, and should work pretty much the same, but with a massive install size gain.
https://github.com/node-archiver/archiver/blob/main/docs/MIGRATION.md

I might look into it and open a PR. 😄

[cristianrgreco]

More than 1/10 of the bundle is a lot IMO

But it isn't 1/10, it's about 1/700. I also see archiver just released 8.0.0 so I'm not sure I agree that it isn't maintained properly.

Regardless, I'm more than happy to receive PRs which improve things 🙂

[theoludwig]

But it isn't 1/10, it's about 1/700.

Oh Indeed, I'm dumb, I don't know how, but I misread 0.14% as 14%. 😆

Regardless, I'm more than happy to receive PRs which improve things 🙂

Alright will do! Thanks for you work

[gameroman]

archiver had a new version release recently, just upgrading it would already be good