tar

I was able to confirm that os.Create() will happily follow symlinks.

Although standard tools like tar will not likely allow you to add two files with the same name to an archive file, it's certainly easy enough to do in code. This means that we need to add an additional check before writing to a destination to make sure that it's not a symlink outside of the destination.

The vulnerab

Do you plan on generating declaration files for supporting Typescript?
You could either have them as part of the repo or contribute to https://github.com/DefinitelyTyped/DefinitelyTyped/

Thanks in advance!

I've compiled this successfully on my Mac, and it seems to work perfectly. I wondered if you could make it available via brew (https://brew.sh/).

There was just one compilation warning:

`warning: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: archive library: libcompat.a the table of contents is empty (no object file members in the library def

Suggestions:

1. Should change word "bundle" to "archive".
2. When the destination is '.', output current directory instead.
3. Maybe remove the periods, they are pointless here, syntax feels weird after single quotes: './file'. .
4. The command is called decompress, but