Bug report: I just tried to install version 3.1-1 and all files extracted into the current directory.
Calling it a tar bomb made the softeng in charge a little grumpy But you're correct that it's not the desired behavior. It's fairly low priority, to be honest, but we'll fix this in a future release.
Hi there, I just tested the download and it's fine (no tar bomb). Can you tell me how you extracted the files? Was it via command line?
$ tar -jxvf ../GenomeAnalysisTK-3.1-1.tar.bz2
$ tar -jxvf /programinstallers/GenomeAnalysisTK-2.5-2.tar.bz2
Perhaps tar bomb was harsh. Still, more than one file in the current directory, and behavior is different than previously.
Perhaps the distribution could consist of just a (versioned) jar file, with a separate download of a resources tarball? I definitely agree with the sentiment that expanding a tar shouldn't endanger my existing files, and it seems like the resources are only likely to be used (once) by brand new users. Without the resources, there's only one file to distribute, which means no surprises when it's used. And since jars are (usually) compressed, there's no need to manipulate the file at all for download.
I may be an edge case, but I must have at least a dozen copies of that resources dir in my various GenomeAnalysisTK-x.y-z directories.
As an aside - the search bar at the top of the page might have sensitivity issues. I searched for the very memorable and likely unique phrase "tar bomb", and got no results. I ended up having to scroll down the list manually to find this thread
You know, I kind of hate that resources directory myself. The contents are of extremely limited utility (and in some cases, misleading). If this is a common sentiment, I'm more than happy to lobby for getting rid of it altogether.