Z-Manager CLI is a versatile archive utility designed for efficient extraction of diverse archive formats and creation of modern, practical archives. It supports a wide range of file types, including ZIP, TAR.ZST, 7z, RAR, ISO, and more, while ensuring safe handling through robust security checks.
Key Features:
Broad Extraction Support: Safely extracts almost any archive format without prior knowledge of its type.
Modern Archive Creation: Creates new archives using focused formats like ZIP, TAR.ZST, TZAP (encrypted), and 7z with AES-256 encryption for enhanced security.
Security Measures: Default protection against path traversal, symlink escapes, duplicate paths, case collisions, and accidental overwrites.
Password Management: Supports encrypted workflows via stdin or prompts to protect sensitive data.
Audience & Benefit:
Ideal for developers, system administrators, and anyone requiring robust archive management. It streamlines workflow automation, enhances security in handling archives, and ensures compatibility across platforms while maintaining modern standards for compression and encryption.
README
ZManager CLI
zm is a universal file archiver for macOS, Linux, and Windows, built for
high-performance compression, safe extraction, and seamless handling of
virtually any archive format.
The CLI is the open-source part of ZManager. It shares the Rust archive engine
with the desktop GUI app, but it is useful on its own: create clean project
archives, extract a broad set of formats safely, inspect archive contents, and
script archive workflows without opening a GUI.
Extracts a broad range of archive, package, disk-image, and raw compression
formats with safety checks enabled by default.
Creates modern .zip, .tzst (.tar.zst), .tzap, and .7z archives
with focused defaults.
Opens common desktop, developer, package, and mobile archive formats by name:
ZIP, ZIPX, JAR, WAR, IPA, APK, APPX, XPI, 7z, TAR, compressed TAR, RAR,
CPIO, CPGZ, ISO, XAR, CAB, AR, DEB, RPM, SPK-style tar packages, and raw
compressed files.
Supports passworded ZIP, 7z, TZAP, and RAR workflows through stdin or
prompts; new encrypted ZIP, TZAP, and 7z archives use AES-256 encryption
paths.
Protects extraction by default against path traversal, unsafe links,
duplicate normalized paths, case collisions, and accidental overwrite traps.
Provides both classic archive flags and readable subcommands.
Why ZManager
ZManager treats extraction and creation differently:
Extract broadly. Open old, obscure, downloaded, package, mobile, and
developer archives without knowing which backend normally handles them.
Create deliberately. New archives should use practical modern formats:
ZIP for universal sharing, TZST (.tar.zst) for fast compression, TZAP for
encrypted recoverable archives, and 7z for high-compression encrypted
archives.
Avoid legacy creation paths. Old compression methods matter for reading
existing files, but new archives should use safer and faster defaults.
Use strong password protection. Encrypted ZIP, TZAP, and 7z creation use
AES-256 paths, and passwords are read through prompts or stdin rather than
command arguments.
Safety Model
Archive extraction is hostile-input handling. zm rejects or guards against:
absolute paths and .. traversal;
symlink and hardlink escapes;
duplicate normalized output paths;
Unicode/case-insensitive path collisions;
unsafe special files by default;
excessive expanded-size and compression-ratio cases;
accidental overwrites unless the requested overwrite mode allows them.
Passwords are not accepted as command arguments. Use the prompt or
--password-stdin so secrets do not appear in shell history or process listings.
Format Support
Workflow
Formats
Create modern archives
.zip with Deflate/store and AES-256 encryption, .tzst (.tar.zst) with Zstandard, .tzap with Zstandard plus encryption/recovery metadata, .7z with LZMA2 and AES-256 encryption
ZIP, 7z, TZAP, and RAR list/test/extract through prompt or --password-stdin
Creation is intentionally focused on formats people should use today. Extraction
is intentionally broad, so zm can be the one command you try first when
someone sends you an archive.
Shell Completions
Packages install bash, zsh, and fish completions where the package manager
supports it. The CLI can also print a PowerShell argument completer for manual
Windows setup. For manual setup or troubleshooting, print the script for your
shell:
Human-readable output uses --color auto by default: color is shown only on
terminal streams, and NO_COLOR disables automatic color. Use
--color always to force color or --color never to disable it. JSON output
and raw archive payloads from --to-stdout are never colorized.
cargo fmt --check
cargo clippy --workspace --all-targets
cargo test --workspace
Some compatibility tests use optional external archive tools when installed, but
the core suite is deterministic and should pass without network access.
crates/zmanager-ffi: C ABI consumed by the desktop GUI app.
crates/zmanager-unrar: bundled extraction-only UnRAR bridge for passworded
RAR extraction.
fixtures/: committed compatibility fixtures used by integration tests.
fuzz/: cargo-fuzz targets for hostile archive and parser surfaces.
packaging/: Homebrew and WinGet metadata templates.
scripts/: release packaging helpers.
.github/workflows/: CI and release automation.
License
This workspace is released under the Apache License 2.0. The bundled UnRAR
source has its own extraction-only license; see
THIRD_PARTY_NOTICES.md and
vendor/unrar/license.txt.
