@uploadista/flow-security-clamscan 0.0.18-beta.9 → 0.0.19

package/.turbo/turbo-build.log

@@ -1,6 +1,6 @@
 
 
-> @uploadista/flow-security-clamscan@0.0.18-beta.8 build /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan
+> @uploadista/flow-security-clamscan@0.0.18 build /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan
 > tsdown
 
 ℹ tsdown v0.16.8 powered by rolldown v1.0.0-beta.52
@@ -9,14 +9,14 @@
 ℹ tsconfig: tsconfig.json
 ℹ Build start
 ℹ Cleaning 7 files
-ℹ [CJS] dist/index.cjs  2.84 kB │ gzip: 1.17 kB
-ℹ [CJS] 1 files, total: 2.84 kB
+ℹ [CJS] dist/index.cjs  2.89 kB │ gzip: 1.22 kB
+ℹ [CJS] 1 files, total: 2.89 kB
+ℹ [ESM] dist/index.mjs        2.27 kB │ gzip: 0.98 kB
+ℹ [ESM] dist/index.mjs.map    9.40 kB │ gzip: 2.93 kB
+ℹ [ESM] dist/index.d.mts.map  0.25 kB │ gzip: 0.17 kB
+ℹ [ESM] dist/index.d.mts      1.65 kB │ gzip: 0.73 kB
+ℹ [ESM] 4 files, total: 13.57 kB
 ℹ [CJS] dist/index.d.cts.map  0.25 kB │ gzip: 0.17 kB
 ℹ [CJS] dist/index.d.cts      1.65 kB │ gzip: 0.73 kB
 ℹ [CJS] 2 files, total: 1.90 kB
-ℹ [ESM] dist/index.mjs        2.25 kB │ gzip: 0.92 kB
-ℹ [ESM] dist/index.mjs.map    9.32 kB │ gzip: 2.88 kB
-ℹ [ESM] dist/index.d.mts.map  0.25 kB │ gzip: 0.17 kB
-ℹ [ESM] dist/index.d.mts      1.65 kB │ gzip: 0.73 kB
-ℹ [ESM] 4 files, total: 13.46 kB
-✔ Build complete in 6223ms
+✔ Build complete in 4330ms

package/dist/index.cjs

@@ -1 +1 @@
-var e=Object.create,t=Object.defineProperty,n=Object.getOwnPropertyDescriptor,r=Object.getOwnPropertyNames,i=Object.getPrototypeOf,a=Object.prototype.hasOwnProperty,o=(e,i,o,s)=>{if(i&&typeof i==`object`||typeof i==`function`)for(var c=r(i),l=0,u=c.length,d;l<u;l++)d=c[l],!a.call(e,d)&&d!==o&&t(e,d,{get:(e=>i[e]).bind(null,d),enumerable:!(s=n(i,d))||s.enumerable});return e},s=(n,r,a)=>(a=n==null?{}:e(i(n)),o(r||!n||!n.__esModule?t(a,`default`,{value:n,enumerable:!0}):a,n));let c=require(`node:crypto`),l=require(`node:fs/promises`);l=s(l);let u=require(`node:os`);u=s(u);let d=require(`node:path`);d=s(d);let f=require(`@uploadista/core/errors`),p=require(`@uploadista/core/flow`),m=require(`clamscan`);m=s(m);let h=require(`effect`);var g=class{clamscan=null;constructor(e={}){this.config=e}async initScanner(){if(this.clamscan)return this.clamscan;try{let e=await new m.default().init({preference:this.config.preference??`clamdscan`,remove_infected:this.config.remove_infected??!1,debug_mode:this.config.debug_mode??!1,clamdscan:{socket:this.config.clamdscan_socket,host:this.config.clamdscan_host,port:this.config.clamdscan_port??3310,timeout:6e4,local_fallback:!0},clamscan:{path:`/usr/bin/clamscan`,scan_archives:!0,active:!0}});return this.clamscan=e,e}catch(e){throw Error(`ClamAV initialization failed: ${e instanceof Error?e.message:String(e)}`)}}scan(e){return h.Effect.gen(function*(){let t=yield*h.Effect.tryPromise({try:()=>this.initScanner(),catch:e=>f.UploadistaError.fromCode(`CLAMAV_NOT_INSTALLED`,{body:e instanceof Error?e.message:`ClamAV is not installed or not available`,details:{error:e}})}),n=u.tmpdir(),r=`uploadista-scan-${(0,c.randomUUID)()}`,i=d.join(n,r);return yield*h.Effect.tryPromise({try:()=>l.writeFile(i,e),catch:e=>f.UploadistaError.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to create temporary file for scanning`,details:{error:e}})}),yield*h.Effect.tryPromise({try:()=>t.isInfected(i),catch:e=>f.UploadistaError.fromCode(`VIRUS_SCAN_FAILED`,{body:`Virus scan failed: ${e instanceof Error?e.message:String(e)}`,details:{error:e}})}).pipe(h.Effect.map(e=>({isClean:!e.isInfected,detectedViruses:e.viruses||[]})),h.Effect.ensuring(h.Effect.tryPromise({try:()=>l.unlink(i),catch:()=>void 0}).pipe(h.Effect.ignore)))}.bind(this))}getVersion(){return h.Effect.gen(function*(){let e=yield*h.Effect.tryPromise({try:()=>this.initScanner(),catch:e=>f.UploadistaError.fromCode(`CLAMAV_NOT_INSTALLED`,{body:e instanceof Error?e.message:`ClamAV is not installed or not available`,details:{error:e}})});return(yield*h.Effect.tryPromise({try:()=>e.getVersion(),catch:e=>f.UploadistaError.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to get ClamAV version`,details:{error:e}})})).version||`Unknown`}.bind(this))}};function _(e={}){return h.Layer.succeed(p.VirusScanPlugin,new g(e))}exports.ClamScanPluginLayer=_;
+var e=Object.create,t=Object.defineProperty,n=Object.getOwnPropertyDescriptor,r=Object.getOwnPropertyNames,i=Object.getPrototypeOf,a=Object.prototype.hasOwnProperty,o=(e,i,o,s)=>{if(i&&typeof i==`object`||typeof i==`function`)for(var c=r(i),l=0,u=c.length,d;l<u;l++)d=c[l],!a.call(e,d)&&d!==o&&t(e,d,{get:(e=>i[e]).bind(null,d),enumerable:!(s=n(i,d))||s.enumerable});return e},s=(n,r,a)=>(a=n==null?{}:e(i(n)),o(r||!n||!n.__esModule?t(a,`default`,{value:n,enumerable:!0}):a,n));let c=require(`node:crypto`),l=require(`node:fs/promises`);l=s(l);let u=require(`node:os`);u=s(u);let d=require(`node:path`);d=s(d);let f=require(`@uploadista/core/errors`),p=require(`@uploadista/core/flow`),m=require(`@uploadista/observability`),h=require(`clamscan`);h=s(h);let g=require(`effect`);var _=class{clamscan=null;constructor(e={}){this.config=e}initScanner(){return g.Effect.gen(function*(){if(this.clamscan)return this.clamscan;let e=yield*g.Effect.tryPromise({try:async()=>await new h.default().init({preference:this.config.preference??`clamdscan`,remove_infected:this.config.remove_infected??!1,debug_mode:this.config.debug_mode??!1,clamdscan:{socket:this.config.clamdscan_socket,host:this.config.clamdscan_host,port:this.config.clamdscan_port??3310,timeout:6e4,local_fallback:!0},clamscan:{path:`/usr/bin/clamscan`,scan_archives:!0,active:!0}}),catch:e=>f.UploadistaError.fromCode(`CLAMAV_NOT_INSTALLED`,{body:`ClamAV initialization failed: ${e instanceof Error?e.message:String(e)}`,details:{error:e}})});return this.clamscan=e,e}.bind(this)).pipe((0,m.withOperationSpan)(`virus-scan`,`init`,{"scan.preference":this.config.preference??`clamdscan`}))}scan(e){return g.Effect.gen(function*(){let t=yield*this.initScanner(),n=u.tmpdir(),r=`uploadista-scan-${(0,c.randomUUID)()}`,i=d.join(n,r);return yield*g.Effect.tryPromise({try:()=>l.writeFile(i,e),catch:e=>f.UploadistaError.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to create temporary file for scanning`,details:{error:e}})}),yield*g.Effect.tryPromise({try:()=>t.isInfected(i),catch:e=>f.UploadistaError.fromCode(`VIRUS_SCAN_FAILED`,{body:`Virus scan failed: ${e instanceof Error?e.message:String(e)}`,details:{error:e}})}).pipe(g.Effect.map(e=>({isClean:!e.isInfected,detectedViruses:e.viruses||[]})),g.Effect.ensuring(g.Effect.tryPromise({try:()=>l.unlink(i),catch:()=>void 0}).pipe(g.Effect.ignore)))}.bind(this)).pipe((0,m.withOperationSpan)(`virus-scan`,`scan`,{"scan.file_size":e.byteLength}))}getVersion(){return g.Effect.gen(function*(){let e=yield*this.initScanner();return(yield*g.Effect.tryPromise({try:()=>e.getVersion(),catch:e=>f.UploadistaError.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to get ClamAV version`,details:{error:e}})})).version||`Unknown`}.bind(this)).pipe((0,m.withOperationSpan)(`virus-scan`,`get-version`,{}))}};function v(e={}){return g.Layer.succeed(p.VirusScanPlugin,new _(e))}exports.ClamScanPluginLayer=v;

package/dist/index.d.cts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.cts","names":[],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":[],"mappings":";;;;;;;AAaA;AA2NgB,UA3NC,cAAA,CA2NkB;EACzB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBADM,mBAAA,UACN,iBACP,KAAA,CAAM,MAAM"}
+{"version":3,"file":"index.d.cts","names":[],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":[],"mappings":";;;;;;;AAcA;AAqNgB,UArNC,cAAA,CAqNkB;EACzB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBADM,mBAAA,UACN,iBACP,KAAA,CAAM,MAAM"}

package/dist/index.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.mts","names":[],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":[],"mappings":";;;;;;;AAaA;AA2NgB,UA3NC,cAAA,CA2NkB;EACzB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBADM,mBAAA,UACN,iBACP,KAAA,CAAM,MAAM"}
+{"version":3,"file":"index.d.mts","names":[],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":[],"mappings":";;;;;;;AAcA;AAqNgB,UArNC,cAAA,CAqNkB;EACzB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBADM,mBAAA,UACN,iBACP,KAAA,CAAM,MAAM"}

package/dist/index.mjs

@@ -1,2 +1,2 @@
-import{randomUUID as e}from"node:crypto";import*as t from"node:fs/promises";import*as n from"node:os";import*as r from"node:path";import{UploadistaError as i}from"@uploadista/core/errors";import{VirusScanPlugin as a}from"@uploadista/core/flow";import o from"clamscan";import{Effect as s,Layer as c}from"effect";var l=class{clamscan=null;constructor(e={}){this.config=e}async initScanner(){if(this.clamscan)return this.clamscan;try{let e=await new o().init({preference:this.config.preference??`clamdscan`,remove_infected:this.config.remove_infected??!1,debug_mode:this.config.debug_mode??!1,clamdscan:{socket:this.config.clamdscan_socket,host:this.config.clamdscan_host,port:this.config.clamdscan_port??3310,timeout:6e4,local_fallback:!0},clamscan:{path:`/usr/bin/clamscan`,scan_archives:!0,active:!0}});return this.clamscan=e,e}catch(e){throw Error(`ClamAV initialization failed: ${e instanceof Error?e.message:String(e)}`)}}scan(a){return s.gen(function*(){let o=yield*s.tryPromise({try:()=>this.initScanner(),catch:e=>i.fromCode(`CLAMAV_NOT_INSTALLED`,{body:e instanceof Error?e.message:`ClamAV is not installed or not available`,details:{error:e}})}),c=n.tmpdir(),l=`uploadista-scan-${e()}`,u=r.join(c,l);return yield*s.tryPromise({try:()=>t.writeFile(u,a),catch:e=>i.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to create temporary file for scanning`,details:{error:e}})}),yield*s.tryPromise({try:()=>o.isInfected(u),catch:e=>i.fromCode(`VIRUS_SCAN_FAILED`,{body:`Virus scan failed: ${e instanceof Error?e.message:String(e)}`,details:{error:e}})}).pipe(s.map(e=>({isClean:!e.isInfected,detectedViruses:e.viruses||[]})),s.ensuring(s.tryPromise({try:()=>t.unlink(u),catch:()=>void 0}).pipe(s.ignore)))}.bind(this))}getVersion(){return s.gen(function*(){let e=yield*s.tryPromise({try:()=>this.initScanner(),catch:e=>i.fromCode(`CLAMAV_NOT_INSTALLED`,{body:e instanceof Error?e.message:`ClamAV is not installed or not available`,details:{error:e}})});return(yield*s.tryPromise({try:()=>e.getVersion(),catch:e=>i.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to get ClamAV version`,details:{error:e}})})).version||`Unknown`}.bind(this))}};function u(e={}){return c.succeed(a,new l(e))}export{u as ClamScanPluginLayer};
+import{randomUUID as e}from"node:crypto";import*as t from"node:fs/promises";import*as n from"node:os";import*as r from"node:path";import{UploadistaError as i}from"@uploadista/core/errors";import{VirusScanPlugin as a}from"@uploadista/core/flow";import{withOperationSpan as o}from"@uploadista/observability";import s from"clamscan";import{Effect as c,Layer as l}from"effect";var u=class{clamscan=null;constructor(e={}){this.config=e}initScanner(){return c.gen(function*(){if(this.clamscan)return this.clamscan;let e=yield*c.tryPromise({try:async()=>await new s().init({preference:this.config.preference??`clamdscan`,remove_infected:this.config.remove_infected??!1,debug_mode:this.config.debug_mode??!1,clamdscan:{socket:this.config.clamdscan_socket,host:this.config.clamdscan_host,port:this.config.clamdscan_port??3310,timeout:6e4,local_fallback:!0},clamscan:{path:`/usr/bin/clamscan`,scan_archives:!0,active:!0}}),catch:e=>i.fromCode(`CLAMAV_NOT_INSTALLED`,{body:`ClamAV initialization failed: ${e instanceof Error?e.message:String(e)}`,details:{error:e}})});return this.clamscan=e,e}.bind(this)).pipe(o(`virus-scan`,`init`,{"scan.preference":this.config.preference??`clamdscan`}))}scan(a){return c.gen(function*(){let o=yield*this.initScanner(),s=n.tmpdir(),l=`uploadista-scan-${e()}`,u=r.join(s,l);return yield*c.tryPromise({try:()=>t.writeFile(u,a),catch:e=>i.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to create temporary file for scanning`,details:{error:e}})}),yield*c.tryPromise({try:()=>o.isInfected(u),catch:e=>i.fromCode(`VIRUS_SCAN_FAILED`,{body:`Virus scan failed: ${e instanceof Error?e.message:String(e)}`,details:{error:e}})}).pipe(c.map(e=>({isClean:!e.isInfected,detectedViruses:e.viruses||[]})),c.ensuring(c.tryPromise({try:()=>t.unlink(u),catch:()=>void 0}).pipe(c.ignore)))}.bind(this)).pipe(o(`virus-scan`,`scan`,{"scan.file_size":a.byteLength}))}getVersion(){return c.gen(function*(){let e=yield*this.initScanner();return(yield*c.tryPromise({try:()=>e.getVersion(),catch:e=>i.fromCode(`VIRUS_SCAN_FAILED`,{body:`Failed to get ClamAV version`,details:{error:e}})})).version||`Unknown`}.bind(this)).pipe(o(`virus-scan`,`get-version`,{}))}};function d(e={}){return l.succeed(a,new u(e))}export{d as ClamScanPluginLayer};
 //# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":["config: ClamScanConfig"],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":["import { randomUUID } from \"node:crypto\";\nimport * as fs from \"node:fs/promises\";\nimport * as os from \"node:os\";\nimport * as path from \"node:path\";\nimport { UploadistaError } from \"@uploadista/core/errors\";\nimport type { ScanResult, VirusScanPluginShape } from \"@uploadista/core/flow\";\nimport { VirusScanPlugin } from \"@uploadista/core/flow\";\nimport NodeClam from \"clamscan\";\nimport { Effect, Layer } from \"effect\";\n\n/**\n * Configuration options for the ClamAV plugin\n */\nexport interface ClamScanConfig {\n  /**\n   * Preference for scanning method\n   * - \"clamdscan\": Use clamd daemon (faster, recommended)\n   * - \"clamscan\": Use command-line binary\n   */\n  preference?: \"clamdscan\" | \"clamscan\";\n\n  /**\n   * Path to clamd socket (for daemon mode)\n   * Default: /var/run/clamd.scan/clamd.sock\n   */\n  clamdscan_socket?: string;\n\n  /**\n   * TCP host for clamd (alternative to socket)\n   */\n  clamdscan_host?: string;\n\n  /**\n   * TCP port for clamd\n   * Default: 3310\n   */\n  clamdscan_port?: number;\n\n  /**\n   * Whether to remove infected files automatically\n   * Default: false (not recommended in flow context)\n   */\n  remove_infected?: boolean;\n\n  /**\n   * Debug mode for clamscan library\n   * Default: false\n   */\n  debug_mode?: boolean;\n}\n\n/**\n * ClamAV implementation of the VirusScanPlugin\n *\n * This plugin uses the `clamscan` npm package to scan files for viruses\n * using ClamAV antivirus engine. It supports both clamd daemon mode (fast)\n * and binary mode (slower but more portable).\n *\n * @example\n * ```typescript\n * import { ClamScanPluginLayer } from \"@uploadista/flow-security-clamscan\";\n *\n * const program = Effect.gen(function* () {\n *   const virusScan = yield* VirusScanPlugin;\n *   const result = yield* virusScan.scan(fileBytes);\n *   console.log(result.isClean ? \"Clean\" : \"Infected\");\n * }).pipe(Effect.provide(ClamScanPluginLayer));\n * ```\n */\nclass ClamScanPluginImpl implements VirusScanPluginShape {\n  private clamscan: NodeClam | null = null;\n\n  constructor(private config: ClamScanConfig = {}) {}\n\n  /**\n   * Initialize the ClamAV scanner\n   * This is called lazily on first use\n   */\n  private async initScanner(): Promise<NodeClam> {\n    if (this.clamscan) {\n      return this.clamscan;\n    }\n\n    try {\n      // Initialize clamscan with configuration\n      const scanner = await new NodeClam().init({\n        preference: this.config.preference ?? \"clamdscan\",\n        remove_infected: this.config.remove_infected ?? false,\n        debug_mode: this.config.debug_mode ?? false,\n        clamdscan: {\n          socket: this.config.clamdscan_socket,\n          host: this.config.clamdscan_host,\n          port: this.config.clamdscan_port ?? 3310,\n          timeout: 60000,\n          local_fallback: true, // Fall back to binary if daemon unavailable\n        },\n        clamscan: {\n          path: \"/usr/bin/clamscan\", // Standard path\n          scan_archives: true,\n          active: true,\n        },\n      });\n\n      this.clamscan = scanner;\n      return scanner;\n    } catch (error) {\n      // ClamAV not installed or not available\n      throw new Error(\n        `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,\n      );\n    }\n  }\n\n  /**\n   * Scans a file for viruses using ClamAV\n   *\n   * @param input - File contents as Uint8Array\n   * @returns Effect with scan results\n   */\n  scan(input: Uint8Array): Effect.Effect<ScanResult, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* Effect.tryPromise({\n          try: () => this.initScanner(),\n          catch: (error) =>\n            UploadistaError.fromCode(\"CLAMAV_NOT_INSTALLED\", {\n              body:\n                error instanceof Error\n                  ? error.message\n                  : \"ClamAV is not installed or not available\",\n              details: { error },\n            }),\n        });\n\n        // Create temporary file path for scanning\n        const tmpDir = os.tmpdir();\n        const fileName = `uploadista-scan-${randomUUID()}`;\n        const tempFilePath = path.join(tmpDir, fileName);\n\n        // Write file data to temp file\n        yield* Effect.tryPromise({\n          try: () => fs.writeFile(tempFilePath, input),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to create temporary file for scanning\",\n              details: { error },\n            }),\n        });\n\n        // Scan the file and ensure cleanup\n        const result = yield* Effect.tryPromise({\n          try: () => scanner.isInfected(tempFilePath),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: `Virus scan failed: ${error instanceof Error ? error.message : String(error)}`,\n              details: { error },\n            }),\n        }).pipe(\n          Effect.map((scanResult) => ({\n            isClean: !scanResult.isInfected,\n            detectedViruses: scanResult.viruses || [],\n          })),\n          Effect.ensuring(\n            // Clean up temporary file (ignore errors)\n            Effect.tryPromise({\n              try: () => fs.unlink(tempFilePath),\n              catch: () => undefined,\n            }).pipe(Effect.ignore),\n          ),\n        );\n\n        return result;\n      }.bind(this),\n    );\n  }\n\n  /**\n   * Gets the ClamAV engine version\n   *\n   * @returns Effect with version string\n   */\n  getVersion(): Effect.Effect<string, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* Effect.tryPromise({\n          try: () => this.initScanner(),\n          catch: (error) =>\n            UploadistaError.fromCode(\"CLAMAV_NOT_INSTALLED\", {\n              body:\n                error instanceof Error\n                  ? error.message\n                  : \"ClamAV is not installed or not available\",\n              details: { error },\n            }),\n        });\n\n        // Get version from ClamAV\n        const versionResult = yield* Effect.tryPromise({\n          try: () => scanner.getVersion(),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to get ClamAV version\",\n              details: { error },\n            }),\n        });\n\n        return versionResult.version || \"Unknown\";\n      }.bind(this),\n    );\n  }\n}\n\n/**\n * Creates a VirusScanPlugin layer using ClamAV\n *\n * @param config - Optional ClamAV configuration\n * @returns Layer providing VirusScanPlugin\n *\n * @example\n * ```typescript\n * // Use with default configuration\n * const layer = ClamScanPluginLayer();\n *\n * // Use with custom configuration\n * const customLayer = ClamScanPluginLayer({\n *   preference: \"clamdscan\",\n *   clamdscan_socket: \"/var/run/clamav/clamd.ctl\"\n * });\n * ```\n */\nexport function ClamScanPluginLayer(\n  config: ClamScanConfig = {},\n): Layer.Layer<VirusScanPlugin, never, never> {\n  return Layer.succeed(VirusScanPlugin, new ClamScanPluginImpl(config));\n}\n"],"mappings":"uTAqEA,IAAM,EAAN,KAAyD,CACvD,SAAoC,KAEpC,YAAY,EAAiC,EAAE,CAAE,CAA7B,KAAA,OAAA,EAMpB,MAAc,aAAiC,CAC7C,GAAI,KAAK,SACP,OAAO,KAAK,SAGd,GAAI,CAEF,IAAM,EAAU,MAAM,IAAI,GAAU,CAAC,KAAK,CACxC,WAAY,KAAK,OAAO,YAAc,YACtC,gBAAiB,KAAK,OAAO,iBAAmB,GAChD,WAAY,KAAK,OAAO,YAAc,GACtC,UAAW,CACT,OAAQ,KAAK,OAAO,iBACpB,KAAM,KAAK,OAAO,eAClB,KAAM,KAAK,OAAO,gBAAkB,KACpC,QAAS,IACT,eAAgB,GACjB,CACD,SAAU,CACR,KAAM,oBACN,cAAe,GACf,OAAQ,GACT,CACF,CAAC,CAGF,MADA,MAAK,SAAW,EACT,QACA,EAAO,CAEd,MAAU,MACR,iCAAiC,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GACxF,EAUL,KAAK,EAA+D,CAClE,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,EAAO,WAAW,CACvC,QAAW,KAAK,aAAa,CAC7B,MAAQ,GACN,EAAgB,SAAS,uBAAwB,CAC/C,KACE,aAAiB,MACb,EAAM,QACN,2CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGI,EAAS,EAAG,QAAQ,CACpB,EAAW,mBAAmB,GAAY,GAC1C,EAAe,EAAK,KAAK,EAAQ,EAAS,CAkChD,OA/BA,MAAO,EAAO,WAAW,CACvB,QAAW,EAAG,UAAU,EAAc,EAAM,CAC5C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGa,MAAO,EAAO,WAAW,CACtC,QAAW,EAAQ,WAAW,EAAa,CAC3C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,sBAAsB,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAClF,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAAC,KACD,EAAO,IAAK,IAAgB,CAC1B,QAAS,CAAC,EAAW,WACrB,gBAAiB,EAAW,SAAW,EAAE,CAC1C,EAAE,CACH,EAAO,SAEL,EAAO,WAAW,CAChB,QAAW,EAAG,OAAO,EAAa,CAClC,UAAa,IAAA,GACd,CAAC,CAAC,KAAK,EAAO,OAAO,CACvB,CACF,EAGD,KAAK,KAAK,CACb,CAQH,YAAqD,CACnD,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,EAAO,WAAW,CACvC,QAAW,KAAK,aAAa,CAC7B,MAAQ,GACN,EAAgB,SAAS,uBAAwB,CAC/C,KACE,aAAiB,MACb,EAAM,QACN,2CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAYF,OATsB,MAAO,EAAO,WAAW,CAC7C,QAAW,EAAQ,YAAY,CAC/B,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+BACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,EAEmB,SAAW,WAChC,KAAK,KAAK,CACb,GAsBL,SAAgB,EACd,EAAyB,EAAE,CACiB,CAC5C,OAAO,EAAM,QAAQ,EAAiB,IAAI,EAAmB,EAAO,CAAC"}
+{"version":3,"file":"index.mjs","names":["config: ClamScanConfig"],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":["import { randomUUID } from \"node:crypto\";\nimport * as fs from \"node:fs/promises\";\nimport * as os from \"node:os\";\nimport * as path from \"node:path\";\nimport { UploadistaError } from \"@uploadista/core/errors\";\nimport type { ScanResult, VirusScanPluginShape } from \"@uploadista/core/flow\";\nimport { VirusScanPlugin } from \"@uploadista/core/flow\";\nimport { withOperationSpan } from \"@uploadista/observability\";\nimport NodeClam from \"clamscan\";\nimport { Effect, Layer } from \"effect\";\n\n/**\n * Configuration options for the ClamAV plugin\n */\nexport interface ClamScanConfig {\n  /**\n   * Preference for scanning method\n   * - \"clamdscan\": Use clamd daemon (faster, recommended)\n   * - \"clamscan\": Use command-line binary\n   */\n  preference?: \"clamdscan\" | \"clamscan\";\n\n  /**\n   * Path to clamd socket (for daemon mode)\n   * Default: /var/run/clamd.scan/clamd.sock\n   */\n  clamdscan_socket?: string;\n\n  /**\n   * TCP host for clamd (alternative to socket)\n   */\n  clamdscan_host?: string;\n\n  /**\n   * TCP port for clamd\n   * Default: 3310\n   */\n  clamdscan_port?: number;\n\n  /**\n   * Whether to remove infected files automatically\n   * Default: false (not recommended in flow context)\n   */\n  remove_infected?: boolean;\n\n  /**\n   * Debug mode for clamscan library\n   * Default: false\n   */\n  debug_mode?: boolean;\n}\n\n/**\n * ClamAV implementation of the VirusScanPlugin\n *\n * This plugin uses the `clamscan` npm package to scan files for viruses\n * using ClamAV antivirus engine. It supports both clamd daemon mode (fast)\n * and binary mode (slower but more portable).\n *\n * @example\n * ```typescript\n * import { ClamScanPluginLayer } from \"@uploadista/flow-security-clamscan\";\n *\n * const program = Effect.gen(function* () {\n *   const virusScan = yield* VirusScanPlugin;\n *   const result = yield* virusScan.scan(fileBytes);\n *   console.log(result.isClean ? \"Clean\" : \"Infected\");\n * }).pipe(Effect.provide(ClamScanPluginLayer));\n * ```\n */\nclass ClamScanPluginImpl implements VirusScanPluginShape {\n  private clamscan: NodeClam | null = null;\n\n  constructor(private config: ClamScanConfig = {}) {}\n\n  /**\n   * Initialize the ClamAV scanner\n   * This is called lazily on first use\n   */\n  private initScanner(): Effect.Effect<NodeClam, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        if (this.clamscan) {\n          return this.clamscan;\n        }\n\n        const scanner = yield* Effect.tryPromise({\n          try: async () => {\n            // Initialize clamscan with configuration\n            return await new NodeClam().init({\n              preference: this.config.preference ?? \"clamdscan\",\n              remove_infected: this.config.remove_infected ?? false,\n              debug_mode: this.config.debug_mode ?? false,\n              clamdscan: {\n                socket: this.config.clamdscan_socket,\n                host: this.config.clamdscan_host,\n                port: this.config.clamdscan_port ?? 3310,\n                timeout: 60000,\n                local_fallback: true, // Fall back to binary if daemon unavailable\n              },\n              clamscan: {\n                path: \"/usr/bin/clamscan\", // Standard path\n                scan_archives: true,\n                active: true,\n              },\n            });\n          },\n          catch: (error) =>\n            UploadistaError.fromCode(\"CLAMAV_NOT_INSTALLED\", {\n              body: `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,\n              details: { error },\n            }),\n        });\n\n        this.clamscan = scanner;\n        return scanner;\n      }.bind(this),\n    ).pipe(\n      withOperationSpan(\"virus-scan\", \"init\", {\n        \"scan.preference\": this.config.preference ?? \"clamdscan\",\n      }),\n    );\n  }\n\n  /**\n   * Scans a file for viruses using ClamAV\n   *\n   * @param input - File contents as Uint8Array\n   * @returns Effect with scan results\n   */\n  scan(input: Uint8Array): Effect.Effect<ScanResult, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* this.initScanner();\n\n        // Create temporary file path for scanning\n        const tmpDir = os.tmpdir();\n        const fileName = `uploadista-scan-${randomUUID()}`;\n        const tempFilePath = path.join(tmpDir, fileName);\n\n        // Write file data to temp file\n        yield* Effect.tryPromise({\n          try: () => fs.writeFile(tempFilePath, input),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to create temporary file for scanning\",\n              details: { error },\n            }),\n        });\n\n        // Scan the file and ensure cleanup\n        const result = yield* Effect.tryPromise({\n          try: () => scanner.isInfected(tempFilePath),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: `Virus scan failed: ${error instanceof Error ? error.message : String(error)}`,\n              details: { error },\n            }),\n        }).pipe(\n          Effect.map((scanResult) => ({\n            isClean: !scanResult.isInfected,\n            detectedViruses: scanResult.viruses || [],\n          })),\n          Effect.ensuring(\n            // Clean up temporary file (ignore errors)\n            Effect.tryPromise({\n              try: () => fs.unlink(tempFilePath),\n              catch: () => undefined,\n            }).pipe(Effect.ignore),\n          ),\n        );\n\n        return result;\n      }.bind(this),\n    ).pipe(\n      withOperationSpan(\"virus-scan\", \"scan\", {\n        \"scan.file_size\": input.byteLength,\n      }),\n    );\n  }\n\n  /**\n   * Gets the ClamAV engine version\n   *\n   * @returns Effect with version string\n   */\n  getVersion(): Effect.Effect<string, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* this.initScanner();\n\n        // Get version from ClamAV\n        const versionResult = yield* Effect.tryPromise({\n          try: () => scanner.getVersion(),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to get ClamAV version\",\n              details: { error },\n            }),\n        });\n\n        return versionResult.version || \"Unknown\";\n      }.bind(this),\n    ).pipe(withOperationSpan(\"virus-scan\", \"get-version\", {}));\n  }\n}\n\n/**\n * Creates a VirusScanPlugin layer using ClamAV\n *\n * @param config - Optional ClamAV configuration\n * @returns Layer providing VirusScanPlugin\n *\n * @example\n * ```typescript\n * // Use with default configuration\n * const layer = ClamScanPluginLayer();\n *\n * // Use with custom configuration\n * const customLayer = ClamScanPluginLayer({\n *   preference: \"clamdscan\",\n *   clamdscan_socket: \"/var/run/clamav/clamd.ctl\"\n * });\n * ```\n */\nexport function ClamScanPluginLayer(\n  config: ClamScanConfig = {},\n): Layer.Layer<VirusScanPlugin, never, never> {\n  return Layer.succeed(VirusScanPlugin, new ClamScanPluginImpl(config));\n}\n"],"mappings":"qXAsEA,IAAM,EAAN,KAAyD,CACvD,SAAoC,KAEpC,YAAY,EAAiC,EAAE,CAAE,CAA7B,KAAA,OAAA,EAMpB,aAAgE,CAC9D,OAAO,EAAO,IACZ,WAAqC,CACnC,GAAI,KAAK,SACP,OAAO,KAAK,SAGd,IAAM,EAAU,MAAO,EAAO,WAAW,CACvC,IAAK,SAEI,MAAM,IAAI,GAAU,CAAC,KAAK,CAC/B,WAAY,KAAK,OAAO,YAAc,YACtC,gBAAiB,KAAK,OAAO,iBAAmB,GAChD,WAAY,KAAK,OAAO,YAAc,GACtC,UAAW,CACT,OAAQ,KAAK,OAAO,iBACpB,KAAM,KAAK,OAAO,eAClB,KAAM,KAAK,OAAO,gBAAkB,KACpC,QAAS,IACT,eAAgB,GACjB,CACD,SAAU,CACR,KAAM,oBACN,cAAe,GACf,OAAQ,GACT,CACF,CAAC,CAEJ,MAAQ,GACN,EAAgB,SAAS,uBAAwB,CAC/C,KAAM,iCAAiC,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAC7F,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGF,MADA,MAAK,SAAW,EACT,GACP,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,kBAAmB,KAAK,OAAO,YAAc,YAC9C,CAAC,CACH,CASH,KAAK,EAA+D,CAClE,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAGnC,EAAS,EAAG,QAAQ,CACpB,EAAW,mBAAmB,GAAY,GAC1C,EAAe,EAAK,KAAK,EAAQ,EAAS,CAkChD,OA/BA,MAAO,EAAO,WAAW,CACvB,QAAW,EAAG,UAAU,EAAc,EAAM,CAC5C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGa,MAAO,EAAO,WAAW,CACtC,QAAW,EAAQ,WAAW,EAAa,CAC3C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,sBAAsB,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAClF,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAAC,KACD,EAAO,IAAK,IAAgB,CAC1B,QAAS,CAAC,EAAW,WACrB,gBAAiB,EAAW,SAAW,EAAE,CAC1C,EAAE,CACH,EAAO,SAEL,EAAO,WAAW,CAChB,QAAW,EAAG,OAAO,EAAa,CAClC,UAAa,IAAA,GACd,CAAC,CAAC,KAAK,EAAO,OAAO,CACvB,CACF,EAGD,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,iBAAkB,EAAM,WACzB,CAAC,CACH,CAQH,YAAqD,CACnD,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAYzC,OATsB,MAAO,EAAO,WAAW,CAC7C,QAAW,EAAQ,YAAY,CAC/B,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+BACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,EAEmB,SAAW,WAChC,KAAK,KAAK,CACb,CAAC,KAAK,EAAkB,aAAc,cAAe,EAAE,CAAC,CAAC,GAsB9D,SAAgB,EACd,EAAyB,EAAE,CACiB,CAC5C,OAAO,EAAM,QAAQ,EAAiB,IAAI,EAAmB,EAAO,CAAC"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@uploadista/flow-security-clamscan",
   "type": "module",
-  "version": "0.0.18-beta.9",
+  "version": "0.0.19",
   "description": "ClamAV virus scanning plugin for Uploadista Flow",
   "license": "MIT",
   "author": "Uploadista",
@@ -15,7 +15,8 @@
   },
   "dependencies": {
     "clamscan": "^2.3.3",
-    "@uploadista/core": "0.0.18-beta.9"
+    "@uploadista/core": "0.0.19",
+    "@uploadista/observability": "0.0.19"
   },
   "peerDependencies": {
     "effect": "^3.0.0",
@@ -26,9 +27,9 @@
     "@types/node": "24.10.1",
     "effect": "3.19.8",
     "tsdown": "0.16.8",
-    "vitest": "4.0.14",
+    "vitest": "4.0.15",
     "zod": "4.1.13",
-    "@uploadista/typescript-config": "0.0.18-beta.9"
+    "@uploadista/typescript-config": "0.0.19"
   },
   "scripts": {
     "build": "tsdown",

package/src/clamscan-plugin.ts

@@ -5,6 +5,7 @@ import * as path from "node:path";
 import { UploadistaError } from "@uploadista/core/errors";
 import type { ScanResult, VirusScanPluginShape } from "@uploadista/core/flow";
 import { VirusScanPlugin } from "@uploadista/core/flow";
+import { withOperationSpan } from "@uploadista/observability";
 import NodeClam from "clamscan";
 import { Effect, Layer } from "effect";
 
@@ -76,39 +77,49 @@ class ClamScanPluginImpl implements VirusScanPluginShape {
    * Initialize the ClamAV scanner
    * This is called lazily on first use
    */
-  private async initScanner(): Promise<NodeClam> {
-    if (this.clamscan) {
-      return this.clamscan;
-    }
-
-    try {
-      // Initialize clamscan with configuration
-      const scanner = await new NodeClam().init({
-        preference: this.config.preference ?? "clamdscan",
-        remove_infected: this.config.remove_infected ?? false,
-        debug_mode: this.config.debug_mode ?? false,
-        clamdscan: {
-          socket: this.config.clamdscan_socket,
-          host: this.config.clamdscan_host,
-          port: this.config.clamdscan_port ?? 3310,
-          timeout: 60000,
-          local_fallback: true, // Fall back to binary if daemon unavailable
-        },
-        clamscan: {
-          path: "/usr/bin/clamscan", // Standard path
-          scan_archives: true,
-          active: true,
-        },
-      });
-
-      this.clamscan = scanner;
-      return scanner;
-    } catch (error) {
-      // ClamAV not installed or not available
-      throw new Error(
-        `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,
-      );
-    }
+  private initScanner(): Effect.Effect<NodeClam, UploadistaError> {
+    return Effect.gen(
+      function* (this: ClamScanPluginImpl) {
+        if (this.clamscan) {
+          return this.clamscan;
+        }
+
+        const scanner = yield* Effect.tryPromise({
+          try: async () => {
+            // Initialize clamscan with configuration
+            return await new NodeClam().init({
+              preference: this.config.preference ?? "clamdscan",
+              remove_infected: this.config.remove_infected ?? false,
+              debug_mode: this.config.debug_mode ?? false,
+              clamdscan: {
+                socket: this.config.clamdscan_socket,
+                host: this.config.clamdscan_host,
+                port: this.config.clamdscan_port ?? 3310,
+                timeout: 60000,
+                local_fallback: true, // Fall back to binary if daemon unavailable
+              },
+              clamscan: {
+                path: "/usr/bin/clamscan", // Standard path
+                scan_archives: true,
+                active: true,
+              },
+            });
+          },
+          catch: (error) =>
+            UploadistaError.fromCode("CLAMAV_NOT_INSTALLED", {
+              body: `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,
+              details: { error },
+            }),
+        });
+
+        this.clamscan = scanner;
+        return scanner;
+      }.bind(this),
+    ).pipe(
+      withOperationSpan("virus-scan", "init", {
+        "scan.preference": this.config.preference ?? "clamdscan",
+      }),
+    );
   }
 
   /**
@@ -121,17 +132,7 @@ class ClamScanPluginImpl implements VirusScanPluginShape {
     return Effect.gen(
       function* (this: ClamScanPluginImpl) {
         // Initialize scanner (lazy initialization)
-        const scanner = yield* Effect.tryPromise({
-          try: () => this.initScanner(),
-          catch: (error) =>
-            UploadistaError.fromCode("CLAMAV_NOT_INSTALLED", {
-              body:
-                error instanceof Error
-                  ? error.message
-                  : "ClamAV is not installed or not available",
-              details: { error },
-            }),
-        });
+        const scanner = yield* this.initScanner();
 
         // Create temporary file path for scanning
         const tmpDir = os.tmpdir();
@@ -172,6 +173,10 @@ class ClamScanPluginImpl implements VirusScanPluginShape {
 
         return result;
       }.bind(this),
+    ).pipe(
+      withOperationSpan("virus-scan", "scan", {
+        "scan.file_size": input.byteLength,
+      }),
     );
   }
 
@@ -184,17 +189,7 @@ class ClamScanPluginImpl implements VirusScanPluginShape {
     return Effect.gen(
       function* (this: ClamScanPluginImpl) {
         // Initialize scanner (lazy initialization)
-        const scanner = yield* Effect.tryPromise({
-          try: () => this.initScanner(),
-          catch: (error) =>
-            UploadistaError.fromCode("CLAMAV_NOT_INSTALLED", {
-              body:
-                error instanceof Error
-                  ? error.message
-                  : "ClamAV is not installed or not available",
-              details: { error },
-            }),
-        });
+        const scanner = yield* this.initScanner();
 
         // Get version from ClamAV
         const versionResult = yield* Effect.tryPromise({
@@ -208,7 +203,7 @@ class ClamScanPluginImpl implements VirusScanPluginShape {
 
         return versionResult.version || "Unknown";
       }.bind(this),
-    );
+    ).pipe(withOperationSpan("virus-scan", "get-version", {}));
   }
 }