update deps & remvoe archiver in favour of yazl

packages/safe-chain/package.json

@@ -38,18 +38,17 @@
   "license": "AGPL-3.0-or-later",
   "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), and [pip](https://pip.pypa.io/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, bunx, uv, or pip/pip3 from downloading or running the malware.",
   "dependencies": {
-    "archiver": "^7.0.1",
     "certifi": "14.5.15",
-    "chalk": "5.4.1",
+    "chalk": "5.6.2",
     "https-proxy-agent": "7.0.6",
     "ini": "6.0.0",
-    "make-fetch-happen": "15.0.3",
-    "node-forge": "1.3.2",
+    "make-fetch-happen": "15.0.5",
+    "node-forge": "1.4.0",
     "npm-registry-fetch": "19.1.1",
-    "semver": "7.7.2"
+    "semver": "7.7.4",
+    "yazl": "3.3.1"
   },
   "devDependencies": {
-    "@types/archiver": "^7.0.0",
     "@types/ini": "^4.1.1",
     "@types/make-fetch-happen": "^10.0.4",
     "@types/node": "^18.19.130",

packages/safe-chain/src/ultimate/ultimateTroubleshooting.js

@@ -2,9 +2,9 @@ import { platform } from 'os';
 import { ui } from "../environment/userInteraction.js";
 import { readFileSync, existsSync } from "node:fs";
 import {randomUUID} from "node:crypto";
-import {createWriteStream} from "fs";
-import archiver from 'archiver';
+import {createWriteStream, readdirSync, statSync} from "fs";
 import path from "node:path";
+import yazl from "yazl";
 
 export async function printUltimateLogs() {
   const { proxyLogPath, ultimateLogPath, proxyErrLogPath, ultimateErrLogPath } = getPathsPerPlatform();
@@ -34,22 +34,28 @@ export async function troubleshootingExport() {
     const date = new Date().toISOString().split('T')[0];
     const uuid = randomUUID();
     const zipFileName = `safechain-ultimate-${date}-${uuid}.zip`;
+    const zipfile = new yazl.ZipFile();
+    const entries = readdirSync(logDir);
+    for (const entry of entries) {
+      const fullPath = path.join(logDir, entry);
+      if (statSync(fullPath).isFile()) {
+        zipfile.addFile(fullPath, entry);
+      }
+    }
+    zipfile.end();
+
     const output = createWriteStream(zipFileName);
-    const archive = archiver('zip', { zlib: { level: 9 } });
+    zipfile.outputStream.pipe(output);
 
     output.on('close', () => {
       ui.writeInformation(`Logs collected and zipped as: ${path.resolve(zipFileName)}`);
       resolve(zipFileName);
     });
 
-    archive.on('error', (/** @type {Error} */ err) => {
+    output.on('error', (/** @type {Error} */ err) => {
       ui.writeError(`Failed to zip logs: ${err.message}`);
       reject(err);
     });
-
-    archive.pipe(output);
-    archive.directory(logDir, false);
-    archive.finalize();
   });
 }