npm - @uploadista/flow-security-clamscan - Versions diffs - 0.0.20 → 0.1.0-beta.5 - Mend

@uploadista/flow-security-clamscan 0.0.20 → 0.1.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/.turbo/turbo-build.log +23 -22
package/.turbo/turbo-check.log +6 -0
package/.turbo/turbo-test.log +136 -0
package/dist/index.mjs.map +1 -1
package/package.json +10 -10
package/tests/clamscan-plugin.test.ts +435 -0

package/.turbo/turbo-build.log CHANGED Viewed

@@ -1,22 +1,23 @@
-> @uploadista/flow-security-clamscan@0.0.20-beta.9 build /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan
-> tsc --noEmit && tsdown
-[34mℹ[39m tsdown [2mv0.18.0[22m powered by rolldown [2mv1.0.0-beta.53[22m
-[34mℹ[39m config file: [4m/Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan/tsdown.config.ts[24m
-[34mℹ[39m entry: [34msrc/index.ts[39m
-[34mℹ[39m tsconfig: [34mtsconfig.json[39m
-[34mℹ[39m Build start
-[34mℹ[39m Cleaning 7 files
-[34mℹ[39m [33m[CJS][39m [2mdist/[22m[1mindex.cjs[22m  [2m2.89 kB[22m [2m│ gzip: 1.22 kB[22m
-[34mℹ[39m [33m[CJS][39m 1 files, total: 2.89 kB
-[34mℹ[39m [34m[ESM][39m [2mdist/[22m[1mindex.mjs[22m        [2m2.27 kB[22m [2m│ gzip: 0.97 kB[22m
-[34mℹ[39m [34m[ESM][39m [2mdist/[22mindex.mjs.map    [2m9.43 kB[22m [2m│ gzip: 2.94 kB[22m
-[34mℹ[39m [34m[ESM][39m [2mdist/[22mindex.d.mts.map  [2m0.25 kB[22m [2m│ gzip: 0.17 kB[22m
-[34mℹ[39m [34m[ESM][39m [2mdist/[22m[32m[1mindex.d.mts[22m[39m      [2m1.68 kB[22m [2m│ gzip: 0.73 kB[22m
-[34mℹ[39m [34m[ESM][39m 4 files, total: 13.62 kB
-[32m✔[39m Build complete in [32m7684ms[39m
-[34mℹ[39m [33m[CJS][39m [2mdist/[22mindex.d.cts.map  [2m0.25 kB[22m [2m│ gzip: 0.17 kB[22m
-[34mℹ[39m [33m[CJS][39m [2mdist/[22m[32m[1mindex.d.cts[22m[39m      [2m1.68 kB[22m [2m│ gzip: 0.73 kB[22m
-[34mℹ[39m [33m[CJS][39m 2 files, total: 1.92 kB
-[32m✔[39m Build complete in [32m7697ms[39m
+> @uploadista/flow-security-clamscan@0.1.0-beta.4 build /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan
+> tsc --noEmit && tsdown
+[34mℹ[39m tsdown [2mv0.19.0[22m powered by rolldown [2mv1.0.0-beta.59[22m
+[34mℹ[39m config file: [4m/Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan/tsdown.config.ts[24m
+[34mℹ[39m entry: [34msrc/index.ts[39m
+[34mℹ[39m tsconfig: [34mtsconfig.json[39m
+[34mℹ[39m Build start
+[34mℹ[39m Cleaning 7 files
+[34mℹ[39m [33m[CJS][39m [2mdist/[22m[1mindex.cjs[22m  [2m2.89 kB[22m [2m│ gzip: 1.22 kB[22m
+[34mℹ[39m [33m[CJS][39m 1 files, total: 2.89 kB
+[34mℹ[39m [33m[CJS][39m [2mdist/[22mindex.d.cts.map  [2m0.25 kB[22m [2m│ gzip: 0.17 kB[22m
+[34mℹ[39m [33m[CJS][39m [2mdist/[22m[32m[1mindex.d.cts[22m[39m      [2m1.68 kB[22m [2m│ gzip: 0.73 kB[22m
+[34mℹ[39m [33m[CJS][39m 2 files, total: 1.92 kB
+[32m✔[39m Build complete in [32m6173ms[39m
+[34mℹ[39m [34m[ESM][39m [2mdist/[22m[1mindex.mjs[22m        [2m2.27 kB[22m [2m│ gzip: 0.97 kB[22m
+[34mℹ[39m [34m[ESM][39m [2mdist/[22mindex.mjs.map    [2m9.40 kB[22m [2m│ gzip: 2.93 kB[22m
+[34mℹ[39m [34m[ESM][39m [2mdist/[22mindex.d.mts.map  [2m0.25 kB[22m [2m│ gzip: 0.17 kB[22m
+[34mℹ[39m [34m[ESM][39m [2mdist/[22m[32m[1mindex.d.mts[22m[39m      [2m1.68 kB[22m [2m│ gzip: 0.73 kB[22m
+[34mℹ[39m [34m[ESM][39m 4 files, total: 13.59 kB
+[32m✔[39m Build complete in [32m6202ms[39m

package/.turbo/turbo-check.log ADDED Viewed

@@ -0,0 +1,6 @@
+> @uploadista/flow-security-clamscan@0.1.0-beta.2 check /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan
+> biome check --write ./src
+[0m[34mChecked [0m[0m[34m3[0m[0m[34m [0m[0m[34mfiles[0m[0m[34m in [0m[0m[34m57[0m[0m[2m[34mms[0m[0m[34m.[0m[0m[34m No fixes applied.[0m

package/.turbo/turbo-test.log ADDED Viewed

@@ -0,0 +1,136 @@
+> @uploadista/flow-security-clamscan@0.1.0-beta.2 test /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan
+> vitest run
+[?25l
+[1m[46m RUN [49m[22m [36mv4.0.17 [39m[90m/Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan[39m
+[?2026h
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m [queued][22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m0 passed[39m[22m[90m (0)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m424ms
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m [queued][22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m0 passed[39m[22m[90m (0)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m954ms
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m [queued][22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m0 passed[39m[22m[90m (0)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m2.14s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m [queued][22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m0 passed[39m[22m[90m (0)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m3.10s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m [queued][22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m0 passed[39m[22m[90m (0)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m4.07s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m [queued][22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m0 passed[39m[22m[90m (0)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m5.11s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m 0/25[22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m0 passed[39m[22m[90m (25)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m5.64s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m 1/25[22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m1 passed[39m[22m[90m (25)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m5.84s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m 8/25[22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m8 passed[39m[22m[90m (25)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m6.05s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m 9/25[22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m9 passed[39m[22m[90m (25)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m6.16s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m 20/25[22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m20 passed[39m[22m[90m (25)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m6.26s
+[?2026l[?2026h[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K
+[1m[33m ❯ [39m[22mtests/clamscan-plugin.test.ts[2m 24/25[22m
+[2m Test Files [22m[1m[32m0 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m[1m[32m24 passed[39m[22m[90m (25)[39m
+[2m   Start at [22m16:59:24
+[2m   Duration [22m6.36s
+[?2026l[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K[1A[K [32m✓[39m tests/clamscan-plugin.test.ts [2m([22m[2m25 tests[22m[2m)[22m[33m 628[2mms[22m[39m
+   [32m✓[39m ClamScan Virus Plugin [2m(25)[22m
+     [32m✓[39m virusScanPlugin factory [2m(2)[22m
+       [32m✓[39m should create a plugin layer with default configuration[32m 9[2mms[22m[39m
+       [32m✓[39m should create a plugin layer with custom configuration[32m 6[2mms[22m[39m
+     [32m✓[39m scan method [2m(5)[22m
+       [32m✓[39m should return clean result for non-infected file[32m 87[2mms[22m[39m
+       [32m✓[39m should return infected result with virus names[32m 14[2mms[22m[39m
+       [32m✓[39m should handle null virus array for infected files[32m 15[2mms[22m[39m
+       [32m✓[39m should handle binary data correctly[32m 10[2mms[22m[39m
+       [32m✓[39m should handle large file data[32m 18[2mms[22m[39m
+     [32m✓[39m getVersion method [2m(3)[22m
+       [32m✓[39m should return ClamAV version string[32m 45[2mms[22m[39m
+       [32m✓[39m should return 'Unknown' when version is undefined[32m 5[2mms[22m[39m
+       [32m✓[39m should return 'Unknown' when version is empty[32m 3[2mms[22m[39m
+     [32m✓[39m error handling [2m(3)[22m
+       [32m✓[39m should fail with CLAMAV_NOT_INSTALLED when initialization fails[32m 24[2mms[22m[39m
+       [32m✓[39m should fail with VIRUS_SCAN_FAILED when scan fails[32m 48[2mms[22m[39m
+       [32m✓[39m should fail with VIRUS_SCAN_FAILED when getVersion fails[32m 1[2mms[22m[39m
+     [32m✓[39m configuration options [2m(6)[22m
+       [32m✓[39m should accept clamdscan preference[32m 0[2mms[22m[39m
+       [32m✓[39m should accept clamscan preference[32m 0[2mms[22m[39m
+       [32m✓[39m should accept socket configuration for clamd[32m 0[2mms[22m[39m
+       [32m✓[39m should accept TCP host and port for clamd[32m 0[2mms[22m[39m
+       [32m✓[39m should accept debug mode configuration[32m 0[2mms[22m[39m
+       [32m✓[39m should accept remove_infected configuration[32m 0[2mms[22m[39m
+     [32m✓[39m EICAR test file detection [2m(1)[22m
+       [32m✓[39m should detect EICAR test file as infected[32m 40[2mms[22m[39m
+     [32m✓[39m temporary file handling [2m(2)[22m
+       [32m✓[39m should clean up temporary files after successful scan[32m 18[2mms[22m[39m
+       [32m✓[39m should clean up temporary files even when scan fails[32m 27[2mms[22m[39m
+     [32m✓[39m lazy initialization [2m(1)[22m
+       [32m✓[39m should initialize scanner lazily on first use[32m 23[2mms[22m[39m
+     [32m✓[39m multiple virus detection [2m(1)[22m
+       [32m✓[39m should report multiple viruses when detected[32m 85[2mms[22m[39m
+     [32m✓[39m empty file handling [2m(1)[22m
+       [32m✓[39m should handle empty file input[32m 32[2mms[22m[39m
+[2m Test Files [22m [1m[32m1 passed[39m[22m[90m (1)[39m
+[2m      Tests [22m [1m[32m25 passed[39m[22m[90m (25)[39m
+[2m   Start at [22m 16:59:24
+[2m   Duration [22m 6.49s[2m (transform 1.52s, setup 0ms, import 5.22s, tests 628ms, environment 0ms)[22m
+[?25h

package/dist/index.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.mjs","names":[~~"config: VirusScanPluginConfig"~~],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":["import { randomUUID } from \"node:crypto\";\nimport * as fs from \"node:fs/promises\";\nimport * as os from \"node:os\";\nimport * as path from \"node:path\";\nimport { UploadistaError } from \"@uploadista/core/errors\";\nimport type { ScanResult, VirusScanPluginShape } from \"@uploadista/core/flow\";\nimport { VirusScanPlugin } from \"@uploadista/core/flow\";\nimport { withOperationSpan } from \"@uploadista/observability\";\nimport NodeClam from \"clamscan\";\nimport { Effect, Layer } from \"effect\";\n\n/*\n Configuration options for the ClamAV Virus Scan plugin\n /\nexport interface VirusScanPluginConfig {\n /\n Preference for scanning method\n * - \"clamdscan\": Use clamd daemon (faster, recommended)\n * - \"clamscan\": Use command-line binary\n /\n preference?: \"clamdscan\" \| \"clamscan\";\n\n /\n Path to clamd socket (for daemon mode)\n * Default: /var/run/clamd.scan/clamd.sock\n /\n clamdscan_socket?: string;\n\n /\n TCP host for clamd (alternative to socket)\n /\n clamdscan_host?: string;\n\n /\n TCP port for clamd\n * Default: 3310\n /\n clamdscan_port?: number;\n\n /\n Whether to remove infected files automatically\n * Default: false (not recommended in flow context)\n /\n remove_infected?: boolean;\n\n /\n Debug mode for clamscan library\n * Default: false\n /\n debug_mode?: boolean;\n}\n\n/\n ClamAV implementation of the VirusScanPlugin\n \n This plugin uses the `clamscan` npm package to scan files for viruses\n * using ClamAV antivirus engine. It supports both clamd daemon mode (fast)\n * and binary mode (slower but more portable).\n \n @example\n * ```typescript\n * import { ClamScanPluginLayer } from \"@uploadista/flow-security-clamscan\";\n \n const program = Effect.gen(function* () {\n * const virusScan = yield* VirusScanPlugin;\n * const result = yield* virusScan.scan(fileBytes);\n * console.log(result.isClean ? \"Clean\" : \"Infected\");\n * }).pipe(Effect.provide(ClamScanPluginLayer));\n * ```\n /\nclass ClamScanPluginImpl implements VirusScanPluginShape {\n private clamscan: NodeClam \| null = null;\n\n constructor(private config: VirusScanPluginConfig = {}) {}\n\n /\n Initialize the ClamAV scanner\n * This is called lazily on first use\n /\n private initScanner(): Effect.Effect<NodeClam, UploadistaError> {\n return Effect.gen(\n function (this: ClamScanPluginImpl) {\n if (this.clamscan) {\n return this.clamscan;\n }\n\n const scanner = yield* Effect.tryPromise({\n try: async () => {\n // Initialize clamscan with configuration\n return await new NodeClam().init({\n preference: this.config.preference ?? \"clamdscan\",\n remove_infected: this.config.remove_infected ?? false,\n debug_mode: this.config.debug_mode ?? false,\n clamdscan: {\n socket: this.config.clamdscan_socket,\n host: this.config.clamdscan_host,\n port: this.config.clamdscan_port ?? 3310,\n timeout: 60000,\n local_fallback: true, // Fall back to binary if daemon unavailable\n },\n clamscan: {\n path: \"/usr/bin/clamscan\", // Standard path\n scan_archives: true,\n active: true,\n },\n });\n },\n catch: (error) =>\n UploadistaError.fromCode(\"CLAMAV_NOT_INSTALLED\", {\n body: `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,\n details: { error },\n }),\n });\n\n this.clamscan = scanner;\n return scanner;\n }.bind(this),\n ).pipe(\n withOperationSpan(\"virus-scan\", \"init\", {\n \"scan.preference\": this.config.preference ?? \"clamdscan\",\n }),\n );\n }\n\n /*\n Scans a file for viruses using ClamAV\n \n @param input - File contents as Uint8Array\n * @returns Effect with scan results\n /\n scan(input: Uint8Array): Effect.Effect<ScanResult, UploadistaError> {\n return Effect.gen(\n function (this: ClamScanPluginImpl) {\n // Initialize scanner (lazy initialization)\n const scanner = yield* this.initScanner();\n\n // Create temporary file path for scanning\n const tmpDir = os.tmpdir();\n const fileName = `uploadista-scan-${randomUUID()}`;\n const tempFilePath = path.join(tmpDir, fileName);\n\n // Write file data to temp file\n yield* Effect.tryPromise({\n try: () => fs.writeFile(tempFilePath, input),\n catch: (error) =>\n UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n body: \"Failed to create temporary file for scanning\",\n details: { error },\n }),\n });\n\n // Scan the file and ensure cleanup\n const result = yield* Effect.tryPromise({\n try: () => scanner.isInfected(tempFilePath),\n catch: (error) =>\n UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n body: `Virus scan failed: ${error instanceof Error ? error.message : String(error)}`,\n details: { error },\n }),\n }).pipe(\n Effect.map((scanResult) => ({\n isClean: !scanResult.isInfected,\n detectedViruses: scanResult.viruses \|\| [],\n })),\n Effect.ensuring(\n // Clean up temporary file (ignore errors)\n Effect.tryPromise({\n try: () => fs.unlink(tempFilePath),\n catch: () => undefined,\n }).pipe(Effect.ignore),\n ),\n );\n\n return result;\n }.bind(this),\n ).pipe(\n withOperationSpan(\"virus-scan\", \"scan\", {\n \"scan.file_size\": input.byteLength,\n }),\n );\n }\n\n /*\n Gets the ClamAV engine version\n \n @returns Effect with version string\n /\n getVersion(): Effect.Effect<string, UploadistaError> {\n return Effect.gen(\n function (this: ClamScanPluginImpl) {\n // Initialize scanner (lazy initialization)\n const scanner = yield* this.initScanner();\n\n // Get version from ClamAV\n const versionResult = yield* Effect.tryPromise({\n try: () => scanner.getVersion(),\n catch: (error) =>\n UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n body: \"Failed to get ClamAV version\",\n details: { error },\n }),\n });\n\n return versionResult.version \|\| \"Unknown\";\n }.bind(this),\n ).pipe(withOperationSpan(\"virus-scan\", \"get-version\", {}));\n }\n}\n\n/*\n Creates a Virus Scan Plugin layer using ClamAV\n \n @param config - Optional ClamAV configuration\n * @returns Layer providing VirusScanPlugin\n \n @example\n * ```typescript\n * // Use with default configuration\n * const layer = ClamScanPluginLayer();\n \n // Use with custom configuration\n * const customLayer = ClamScanPluginLayer({\n * preference: \"clamdscan\",\n * clamdscan_socket: \"/var/run/clamav/clamd.ctl\"\n * });\n * ```\n */\nexport function virusScanPlugin(\n config: VirusScanPluginConfig = {},\n): Layer.Layer<VirusScanPlugin, never, never> {\n return Layer.succeed(VirusScanPlugin, new ClamScanPluginImpl(config));\n}\n"],"mappings":"qXAsEA,IAAM,EAAN,KAAyD,CACvD,SAAoC,KAEpC,YAAY,EAAwC,EAAE,CAAE,CAApC,KAAA,OAAA,EAMpB,aAAgE,CAC9D,OAAO,EAAO,IACZ,WAAqC,CACnC,GAAI,KAAK,SACP,OAAO,KAAK,SAGd,IAAM,EAAU,MAAO,EAAO,WAAW,CACvC,IAAK,SAEI,MAAM,IAAI,GAAU,CAAC,KAAK,CAC/B,WAAY,KAAK,OAAO,YAAc,YACtC,gBAAiB,KAAK,OAAO,iBAAmB,GAChD,WAAY,KAAK,OAAO,YAAc,GACtC,UAAW,CACT,OAAQ,KAAK,OAAO,iBACpB,KAAM,KAAK,OAAO,eAClB,KAAM,KAAK,OAAO,gBAAkB,KACpC,QAAS,IACT,eAAgB,GACjB,CACD,SAAU,CACR,KAAM,oBACN,cAAe,GACf,OAAQ,GACT,CACF,CAAC,CAEJ,MAAQ,GACN,EAAgB,SAAS,uBAAwB,CAC/C,KAAM,iCAAiC,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAC7F,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGF,MADA,MAAK,SAAW,EACT,GACP,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,kBAAmB,KAAK,OAAO,YAAc,YAC9C,CAAC,CACH,CASH,KAAK,EAA+D,CAClE,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAGnC,EAAS,EAAG,QAAQ,CACpB,EAAW,mBAAmB,GAAY,GAC1C,EAAe,EAAK,KAAK,EAAQ,EAAS,CAkChD,OA/BA,MAAO,EAAO,WAAW,CACvB,QAAW,EAAG,UAAU,EAAc,EAAM,CAC5C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGa,MAAO,EAAO,WAAW,CACtC,QAAW,EAAQ,WAAW,EAAa,CAC3C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,sBAAsB,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAClF,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAAC,KACD,EAAO,IAAK,IAAgB,CAC1B,QAAS,CAAC,EAAW,WACrB,gBAAiB,EAAW,SAAW,EAAE,CAC1C,EAAE,CACH,EAAO,SAEL,EAAO,WAAW,CAChB,QAAW,EAAG,OAAO,EAAa,CAClC,UAAa,IAAA,GACd,CAAC,CAAC,KAAK,EAAO,OAAO,CACvB,CACF,EAGD,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,iBAAkB,EAAM,WACzB,CAAC,CACH,CAQH,YAAqD,CACnD,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAYzC,OATsB,MAAO,EAAO,WAAW,CAC7C,QAAW,EAAQ,YAAY,CAC/B,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+BACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,EAEmB,SAAW,WAChC,KAAK,KAAK,CACb,CAAC,KAAK,EAAkB,aAAc,cAAe,EAAE,CAAC,CAAC,GAsB9D,SAAgB,EACd,EAAgC,EAAE,CACU,CAC5C,OAAO,EAAM,QAAQ,EAAiB,IAAI,EAAmB,EAAO,CAAC"}
1	+ {"version":3,"file":"index.mjs","names":[],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":["import { randomUUID } from \"node:crypto\";\nimport * as fs from \"node:fs/promises\";\nimport * as os from \"node:os\";\nimport * as path from \"node:path\";\nimport { UploadistaError } from \"@uploadista/core/errors\";\nimport type { ScanResult, VirusScanPluginShape } from \"@uploadista/core/flow\";\nimport { VirusScanPlugin } from \"@uploadista/core/flow\";\nimport { withOperationSpan } from \"@uploadista/observability\";\nimport NodeClam from \"clamscan\";\nimport { Effect, Layer } from \"effect\";\n\n/*\n Configuration options for the ClamAV Virus Scan plugin\n /\nexport interface VirusScanPluginConfig {\n /\n Preference for scanning method\n * - \"clamdscan\": Use clamd daemon (faster, recommended)\n * - \"clamscan\": Use command-line binary\n /\n preference?: \"clamdscan\" \| \"clamscan\";\n\n /\n Path to clamd socket (for daemon mode)\n * Default: /var/run/clamd.scan/clamd.sock\n /\n clamdscan_socket?: string;\n\n /\n TCP host for clamd (alternative to socket)\n /\n clamdscan_host?: string;\n\n /\n TCP port for clamd\n * Default: 3310\n /\n clamdscan_port?: number;\n\n /\n Whether to remove infected files automatically\n * Default: false (not recommended in flow context)\n /\n remove_infected?: boolean;\n\n /\n Debug mode for clamscan library\n * Default: false\n /\n debug_mode?: boolean;\n}\n\n/\n ClamAV implementation of the VirusScanPlugin\n \n This plugin uses the `clamscan` npm package to scan files for viruses\n * using ClamAV antivirus engine. It supports both clamd daemon mode (fast)\n * and binary mode (slower but more portable).\n \n @example\n * ```typescript\n * import { ClamScanPluginLayer } from \"@uploadista/flow-security-clamscan\";\n \n const program = Effect.gen(function* () {\n * const virusScan = yield* VirusScanPlugin;\n * const result = yield* virusScan.scan(fileBytes);\n * console.log(result.isClean ? \"Clean\" : \"Infected\");\n * }).pipe(Effect.provide(ClamScanPluginLayer));\n * ```\n /\nclass ClamScanPluginImpl implements VirusScanPluginShape {\n private clamscan: NodeClam \| null = null;\n\n constructor(private config: VirusScanPluginConfig = {}) {}\n\n /\n Initialize the ClamAV scanner\n * This is called lazily on first use\n /\n private initScanner(): Effect.Effect<NodeClam, UploadistaError> {\n return Effect.gen(\n function (this: ClamScanPluginImpl) {\n if (this.clamscan) {\n return this.clamscan;\n }\n\n const scanner = yield* Effect.tryPromise({\n try: async () => {\n // Initialize clamscan with configuration\n return await new NodeClam().init({\n preference: this.config.preference ?? \"clamdscan\",\n remove_infected: this.config.remove_infected ?? false,\n debug_mode: this.config.debug_mode ?? false,\n clamdscan: {\n socket: this.config.clamdscan_socket,\n host: this.config.clamdscan_host,\n port: this.config.clamdscan_port ?? 3310,\n timeout: 60000,\n local_fallback: true, // Fall back to binary if daemon unavailable\n },\n clamscan: {\n path: \"/usr/bin/clamscan\", // Standard path\n scan_archives: true,\n active: true,\n },\n });\n },\n catch: (error) =>\n UploadistaError.fromCode(\"CLAMAV_NOT_INSTALLED\", {\n body: `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,\n details: { error },\n }),\n });\n\n this.clamscan = scanner;\n return scanner;\n }.bind(this),\n ).pipe(\n withOperationSpan(\"virus-scan\", \"init\", {\n \"scan.preference\": this.config.preference ?? \"clamdscan\",\n }),\n );\n }\n\n /*\n Scans a file for viruses using ClamAV\n \n @param input - File contents as Uint8Array\n * @returns Effect with scan results\n /\n scan(input: Uint8Array): Effect.Effect<ScanResult, UploadistaError> {\n return Effect.gen(\n function (this: ClamScanPluginImpl) {\n // Initialize scanner (lazy initialization)\n const scanner = yield* this.initScanner();\n\n // Create temporary file path for scanning\n const tmpDir = os.tmpdir();\n const fileName = `uploadista-scan-${randomUUID()}`;\n const tempFilePath = path.join(tmpDir, fileName);\n\n // Write file data to temp file\n yield* Effect.tryPromise({\n try: () => fs.writeFile(tempFilePath, input),\n catch: (error) =>\n UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n body: \"Failed to create temporary file for scanning\",\n details: { error },\n }),\n });\n\n // Scan the file and ensure cleanup\n const result = yield* Effect.tryPromise({\n try: () => scanner.isInfected(tempFilePath),\n catch: (error) =>\n UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n body: `Virus scan failed: ${error instanceof Error ? error.message : String(error)}`,\n details: { error },\n }),\n }).pipe(\n Effect.map((scanResult) => ({\n isClean: !scanResult.isInfected,\n detectedViruses: scanResult.viruses \|\| [],\n })),\n Effect.ensuring(\n // Clean up temporary file (ignore errors)\n Effect.tryPromise({\n try: () => fs.unlink(tempFilePath),\n catch: () => undefined,\n }).pipe(Effect.ignore),\n ),\n );\n\n return result;\n }.bind(this),\n ).pipe(\n withOperationSpan(\"virus-scan\", \"scan\", {\n \"scan.file_size\": input.byteLength,\n }),\n );\n }\n\n /*\n Gets the ClamAV engine version\n \n @returns Effect with version string\n /\n getVersion(): Effect.Effect<string, UploadistaError> {\n return Effect.gen(\n function (this: ClamScanPluginImpl) {\n // Initialize scanner (lazy initialization)\n const scanner = yield* this.initScanner();\n\n // Get version from ClamAV\n const versionResult = yield* Effect.tryPromise({\n try: () => scanner.getVersion(),\n catch: (error) =>\n UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n body: \"Failed to get ClamAV version\",\n details: { error },\n }),\n });\n\n return versionResult.version \|\| \"Unknown\";\n }.bind(this),\n ).pipe(withOperationSpan(\"virus-scan\", \"get-version\", {}));\n }\n}\n\n/*\n Creates a Virus Scan Plugin layer using ClamAV\n \n @param config - Optional ClamAV configuration\n * @returns Layer providing VirusScanPlugin\n \n @example\n * ```typescript\n * // Use with default configuration\n * const layer = ClamScanPluginLayer();\n \n // Use with custom configuration\n * const customLayer = ClamScanPluginLayer({\n * preference: \"clamdscan\",\n * clamdscan_socket: \"/var/run/clamav/clamd.ctl\"\n * });\n * ```\n */\nexport function virusScanPlugin(\n config: VirusScanPluginConfig = {},\n): Layer.Layer<VirusScanPlugin, never, never> {\n return Layer.succeed(VirusScanPlugin, new ClamScanPluginImpl(config));\n}\n"],"mappings":"qXAsEA,IAAM,EAAN,KAAyD,CACvD,SAAoC,KAEpC,YAAY,EAAwC,EAAE,CAAE,CAApC,KAAA,OAAA,EAMpB,aAAgE,CAC9D,OAAO,EAAO,IACZ,WAAqC,CACnC,GAAI,KAAK,SACP,OAAO,KAAK,SAGd,IAAM,EAAU,MAAO,EAAO,WAAW,CACvC,IAAK,SAEI,MAAM,IAAI,GAAU,CAAC,KAAK,CAC/B,WAAY,KAAK,OAAO,YAAc,YACtC,gBAAiB,KAAK,OAAO,iBAAmB,GAChD,WAAY,KAAK,OAAO,YAAc,GACtC,UAAW,CACT,OAAQ,KAAK,OAAO,iBACpB,KAAM,KAAK,OAAO,eAClB,KAAM,KAAK,OAAO,gBAAkB,KACpC,QAAS,IACT,eAAgB,GACjB,CACD,SAAU,CACR,KAAM,oBACN,cAAe,GACf,OAAQ,GACT,CACF,CAAC,CAEJ,MAAQ,GACN,EAAgB,SAAS,uBAAwB,CAC/C,KAAM,iCAAiC,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAC7F,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGF,MADA,MAAK,SAAW,EACT,GACP,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,kBAAmB,KAAK,OAAO,YAAc,YAC9C,CAAC,CACH,CASH,KAAK,EAA+D,CAClE,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAGnC,EAAS,EAAG,QAAQ,CACpB,EAAW,mBAAmB,GAAY,GAC1C,EAAe,EAAK,KAAK,EAAQ,EAAS,CAkChD,OA/BA,MAAO,EAAO,WAAW,CACvB,QAAW,EAAG,UAAU,EAAc,EAAM,CAC5C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGa,MAAO,EAAO,WAAW,CACtC,QAAW,EAAQ,WAAW,EAAa,CAC3C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,sBAAsB,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAClF,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAAC,KACD,EAAO,IAAK,IAAgB,CAC1B,QAAS,CAAC,EAAW,WACrB,gBAAiB,EAAW,SAAW,EAAE,CAC1C,EAAE,CACH,EAAO,SAEL,EAAO,WAAW,CAChB,QAAW,EAAG,OAAO,EAAa,CAClC,UAAa,IAAA,GACd,CAAC,CAAC,KAAK,EAAO,OAAO,CACvB,CACF,EAGD,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,iBAAkB,EAAM,WACzB,CAAC,CACH,CAQH,YAAqD,CACnD,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAYzC,OATsB,MAAO,EAAO,WAAW,CAC7C,QAAW,EAAQ,YAAY,CAC/B,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+BACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,EAEmB,SAAW,WAChC,KAAK,KAAK,CACb,CAAC,KAAK,EAAkB,aAAc,cAAe,EAAE,CAAC,CAAC,GAsB9D,SAAgB,EACd,EAAgC,EAAE,CACU,CAC5C,OAAO,EAAM,QAAQ,EAAiB,IAAI,EAAmB,EAAO,CAAC"}

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@uploadista/flow-security-clamscan",
   "type": "module",
-  "version": "0.0.20",
+  "version": "0.1.0-beta.5",
   "description": "ClamAV virus scanning plugin for Uploadista Flow",
   "license": "MIT",
   "author": "Uploadista",
@@ -15,8 +15,8 @@
   },
   "dependencies": {
     "clamscan": "^2.3.3",
-    "@uploadista/core": "0.0.20",
-    "@uploadista/observability": "0.0.20"
+    "@uploadista/core": "0.1.0-beta.5",
+    "@uploadista/observability": "0.1.0-beta.5"
   },
   "peerDependencies": {
     "effect": "^3.0.0",
@@ -24,19 +24,19 @@
   },
   "devDependencies": {
     "@effect/vitest": "0.27.0",
-    "@types/node": "24.10.4",
-    "effect": "3.19.12",
-    "tsdown": "0.18.0",
-    "vitest": "4.0.15",
-    "zod": "4.2.0",
-    "@uploadista/typescript-config": "0.0.20"
+    "@types/node": "24.10.8",
+    "effect": "3.19.14",
+    "tsdown": "0.19.0",
+    "vitest": "4.0.17",
+    "zod": "4.3.5",
+    "@uploadista/typescript-config": "0.1.0-beta.5"
   },
   "scripts": {
     "build": "tsc --noEmit && tsdown",
     "format": "biome format --write ./src",
     "lint": "biome lint --write ./src",
     "check": "biome check --write ./src",
-    "test": "vitest",
+    "test": "vitest run",
     "test:run": "vitest run",
     "test:watch": "vitest watch"
   }

package/tests/clamscan-plugin.test.ts ADDED Viewed

@@ -0,0 +1,435 @@
+import { describe, expect, it, vi, beforeEach } from "vitest";
+import { Effect } from "effect";
+import { VirusScanPlugin } from "@uploadista/core/flow";
+import { virusScanPlugin, type VirusScanPluginConfig } from "../src/clamscan-plugin";
+// Shared mock state
+let mockIsInfectedResult: { isInfected: boolean; file: string; viruses: string[] | null } = {
+  isInfected: false,
+  file: "/tmp/test-file",
+  viruses: [],
+};
+let mockVersionResult: { version: string | undefined } = { version: "ClamAV 1.0.0" };
+let mockInitShouldFail = false;
+let mockIsInfectedShouldFail = false;
+let mockGetVersionShouldFail = false;
+// Mock the clamscan module
+vi.mock("clamscan", () => {
+  return {
+    default: class MockNodeClam {
+      async init() {
+        if (mockInitShouldFail) {
+          throw new Error("ClamAV not found");
+        }
+        return this;
+      }
+      async isInfected() {
+        if (mockIsInfectedShouldFail) {
+          throw new Error("Scan timeout");
+        }
+        return mockIsInfectedResult;
+      }
+      async getVersion() {
+        if (mockGetVersionShouldFail) {
+          throw new Error("Connection refused");
+        }
+        return mockVersionResult;
+      }
+    },
+  };
+});
+describe("ClamScan Virus Plugin", () => {
+  beforeEach(() => {
+    // Reset mock state before each test
+    mockIsInfectedResult = {
+      isInfected: false,
+      file: "/tmp/test-file",
+      viruses: [],
+    };
+    mockVersionResult = { version: "ClamAV 1.0.0" };
+    mockInitShouldFail = false;
+    mockIsInfectedShouldFail = false;
+    mockGetVersionShouldFail = false;
+  });
+  describe("virusScanPlugin factory", () => {
+    it("should create a plugin layer with default configuration", () => {
+      const layer = virusScanPlugin();
+      expect(layer).toBeDefined();
+    });
+    it("should create a plugin layer with custom configuration", () => {
+      const config: VirusScanPluginConfig = {
+        preference: "clamscan",
+        clamdscan_socket: "/custom/socket/path",
+        clamdscan_host: "localhost",
+        clamdscan_port: 3311,
+        remove_infected: false,
+        debug_mode: true,
+      };
+      const layer = virusScanPlugin(config);
+      expect(layer).toBeDefined();
+    });
+  });
+  describe("scan method", () => {
+    it("should return clean result for non-infected file", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("clean file content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+      expect(result.detectedViruses).toEqual([]);
+    });
+    it("should return infected result with virus names", async () => {
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/test-file",
+        viruses: ["Eicar-Test-Signature", "Win.Trojan.Generic"],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("infected file content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toEqual(["Eicar-Test-Signature", "Win.Trojan.Generic"]);
+    });
+    it("should handle null virus array for infected files", async () => {
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/test-file",
+        viruses: null,
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("infected file");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toEqual([]);
+    });
+    it("should handle binary data correctly", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        // Binary data that isn't valid UTF-8
+        const binaryData = new Uint8Array([0x00, 0xff, 0xfe, 0x89, 0x50, 0x4e, 0x47]);
+        return yield* plugin.scan(binaryData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+    });
+    it("should handle large file data", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        // 1MB of data
+        const largeData = new Uint8Array(1024 * 1024).fill(0x41);
+        return yield* plugin.scan(largeData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+    });
+  });
+  describe("getVersion method", () => {
+    it("should return ClamAV version string", async () => {
+      mockVersionResult = {
+        version: "ClamAV 1.0.0/26789/Tue Jan 14 09:00:00 2025",
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result).toBe("ClamAV 1.0.0/26789/Tue Jan 14 09:00:00 2025");
+    });
+    it("should return 'Unknown' when version is undefined", async () => {
+      mockVersionResult = {
+        version: undefined,
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result).toBe("Unknown");
+    });
+    it("should return 'Unknown' when version is empty", async () => {
+      mockVersionResult = {
+        version: "",
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result).toBe("Unknown");
+    });
+  });
+  describe("error handling", () => {
+    it("should fail with CLAMAV_NOT_INSTALLED when initialization fails", async () => {
+      mockInitShouldFail = true;
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+      if (result._tag === "Left") {
+        expect(result.left.code).toBe("CLAMAV_NOT_INSTALLED");
+      }
+    });
+    it("should fail with VIRUS_SCAN_FAILED when scan fails", async () => {
+      mockIsInfectedShouldFail = true;
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+      if (result._tag === "Left") {
+        expect(result.left.code).toBe("VIRUS_SCAN_FAILED");
+      }
+    });
+    it("should fail with VIRUS_SCAN_FAILED when getVersion fails", async () => {
+      mockGetVersionShouldFail = true;
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+      if (result._tag === "Left") {
+        expect(result.left.code).toBe("VIRUS_SCAN_FAILED");
+      }
+    });
+  });
+  describe("configuration options", () => {
+    it("should accept clamdscan preference", () => {
+      const layer = virusScanPlugin({ preference: "clamdscan" });
+      expect(layer).toBeDefined();
+    });
+    it("should accept clamscan preference", () => {
+      const layer = virusScanPlugin({ preference: "clamscan" });
+      expect(layer).toBeDefined();
+    });
+    it("should accept socket configuration for clamd", () => {
+      const layer = virusScanPlugin({
+        preference: "clamdscan",
+        clamdscan_socket: "/var/run/clamav/clamd.ctl",
+      });
+      expect(layer).toBeDefined();
+    });
+    it("should accept TCP host and port for clamd", () => {
+      const layer = virusScanPlugin({
+        preference: "clamdscan",
+        clamdscan_host: "127.0.0.1",
+        clamdscan_port: 3310,
+      });
+      expect(layer).toBeDefined();
+    });
+    it("should accept debug mode configuration", () => {
+      const layer = virusScanPlugin({
+        debug_mode: true,
+      });
+      expect(layer).toBeDefined();
+    });
+    it("should accept remove_infected configuration", () => {
+      const layer = virusScanPlugin({
+        remove_infected: false,
+      });
+      expect(layer).toBeDefined();
+    });
+  });
+  describe("EICAR test file detection", () => {
+    it("should detect EICAR test file as infected", async () => {
+      // EICAR is a standard antivirus test signature
+      const EICAR_SIGNATURE =
+        "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*";
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/eicar-test",
+        viruses: ["Eicar-Test-Signature"],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const eicarData = new TextEncoder().encode(EICAR_SIGNATURE);
+        return yield* plugin.scan(eicarData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toContain("Eicar-Test-Signature");
+    });
+  });
+  describe("temporary file handling", () => {
+    it("should clean up temporary files after successful scan", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      // The test verifies the scan completes - cleanup is handled internally
+      const result = await Effect.runPromise(program);
+      expect(result).toBeDefined();
+      expect(result.isClean).toBe(true);
+    });
+    it("should clean up temporary files even when scan fails", async () => {
+      mockIsInfectedShouldFail = true;
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      // Scan should fail but temp file cleanup should still happen
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+    });
+  });
+  describe("lazy initialization", () => {
+    it("should initialize scanner lazily on first use", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test",
+        viruses: [],
+      };
+      const layer = virusScanPlugin();
+      // First scan initializes the scanner
+      const program1 = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.scan(new TextEncoder().encode("test1"));
+      }).pipe(Effect.provide(layer));
+      await Effect.runPromise(program1);
+      // Second scan reuses the initialized scanner (same layer instance)
+      const program2 = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.scan(new TextEncoder().encode("test2"));
+      }).pipe(Effect.provide(layer));
+      const result = await Effect.runPromise(program2);
+      expect(result.isClean).toBe(true);
+    });
+  });
+  describe("multiple virus detection", () => {
+    it("should report multiple viruses when detected", async () => {
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/multi-virus",
+        viruses: ["Trojan.Generic", "Worm.Mydoom", "Virus.Sality"],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("malicious content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toHaveLength(3);
+      expect(result.detectedViruses).toContain("Trojan.Generic");
+      expect(result.detectedViruses).toContain("Worm.Mydoom");
+      expect(result.detectedViruses).toContain("Virus.Sality");
+    });
+  });
+  describe("empty file handling", () => {
+    it("should handle empty file input", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/empty-file",
+        viruses: [],
+      };
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const emptyData = new Uint8Array(0);
+        return yield* plugin.scan(emptyData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+      expect(result.detectedViruses).toEqual([]);
+    });
+  });
+});