fs-extra
Drop-in replacement for Node.js's built-in fs module with extra operations like recursive directory copy, move, ensure directory/file exists, and JSON read/write. fs-extra adds methods missing from the standard fs module — copy(), move(), ensureDir(), outputFile(), readJson(), writeJson() — all with Promise support. The most widely used Node.js file system utility library.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Local filesystem library — no network calls. Path traversal risks if user-supplied paths are used without validation — always sanitize paths in agent file operations.
⚡ Reliability
Best When
You need file system operations that go beyond Node.js's built-in fs module — recursive copy, atomic move, ensureDir, or JSON read/write in agent tooling.
Avoid When
You only need basic file read/write — Node.js fs.promises is sufficient without the extra dependency.
Use Cases
- • Recursively copy agent workspace directories (copy()) for sandboxed execution without shell commands like cp -r
- • Ensure parent directories exist before writing agent output files with ensureDir() or outputFile() — no more ENOENT on nested paths
- • Atomically move agent generated files with move() — works across filesystems, unlike fs.rename() which fails cross-device
- • Read and write JSON configuration files for agent workflows with readJson()/writeJson() — handles parsing errors gracefully
- • Remove entire directory trees with remove() for agent workspace cleanup — the safe recursive rmdir equivalent
Not For
- • Large file streaming operations — use Node.js streams or native fs.createReadStream() for memory-efficient large file handling
- • Filesystem watching — use chokidar for file change detection; fs-extra is for manipulation, not watching
- • Cross-platform path handling — use path module for path normalization; fs-extra handles operations, not paths
Interface
Authentication
Local filesystem library — no external auth or network calls.
Pricing
MIT-licensed open source npm package.
Agent Metadata
Known Gotchas
- ⚠ copy() follows symlinks by default — use { dereference: false } option to preserve symlinks; following symlinks can cause infinite loops or unexpected large copies in agent workspaces
- ⚠ move() uses rename() when source and destination are on the same filesystem, and copy+delete when cross-device — cross-device moves are not atomic; handle partial failures in agent cleanup code
- ⚠ writeJson() truncates the file before writing — if the write fails midway, the file is corrupted; use a temp file + rename pattern for critical agent config files
- ⚠ outputFile() creates parent directories automatically — useful for agent output, but may silently create unexpected directory structures if paths have typos
- ⚠ remove() on a non-existent path does NOT throw — agent code relying on remove() errors for existence checks will be silently wrong; use pathExists() first
- ⚠ copy() preserves timestamps by default — if your agent needs new timestamps for cache invalidation, use { preserveTimestamps: false } option
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for fs-extra.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-07.