@uploadista/flow-security-clamscan 0.0.20 → 0.1.0

package/.turbo/turbo-build.log

@@ -1,22 +1,21 @@
 
-> @uploadista/flow-security-clamscan@0.0.20-beta.9 build /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan
+> @uploadista/flow-security-clamscan@0.1.0 build /home/runner/work/uploadista-sdk/uploadista-sdk/packages/flow/security/clamscan
 > tsc --noEmit && tsdown
 
-ℹ tsdown v0.18.0 powered by rolldown v1.0.0-beta.53
-ℹ config file: /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/clamscan/tsdown.config.ts 
+ℹ tsdown v0.19.0 powered by rolldown v1.0.0-beta.59
+ℹ config file: /home/runner/work/uploadista-sdk/uploadista-sdk/packages/flow/security/clamscan/tsdown.config.ts 
 ℹ entry: src/index.ts
 ℹ tsconfig: tsconfig.json
 ℹ Build start
-ℹ Cleaning 7 files
 ℹ [CJS] dist/index.cjs  2.89 kB │ gzip: 1.22 kB
 ℹ [CJS] 1 files, total: 2.89 kB
 ℹ [ESM] dist/index.mjs        2.27 kB │ gzip: 0.97 kB
-ℹ [ESM] dist/index.mjs.map    9.43 kB │ gzip: 2.94 kB
+ℹ [ESM] dist/index.mjs.map    9.40 kB │ gzip: 2.93 kB
 ℹ [ESM] dist/index.d.mts.map  0.25 kB │ gzip: 0.17 kB
 ℹ [ESM] dist/index.d.mts      1.68 kB │ gzip: 0.73 kB
-ℹ [ESM] 4 files, total: 13.62 kB
-✔ Build complete in 7684ms
+ℹ [ESM] 4 files, total: 13.59 kB
+✔ Build complete in 27670ms
 ℹ [CJS] dist/index.d.cts.map  0.25 kB │ gzip: 0.17 kB
 ℹ [CJS] dist/index.d.cts      1.68 kB │ gzip: 0.73 kB
 ℹ [CJS] 2 files, total: 1.92 kB
-✔ Build complete in 7697ms
+✔ Build complete in 27669ms

package/dist/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":["config: VirusScanPluginConfig"],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":["import { randomUUID } from \"node:crypto\";\nimport * as fs from \"node:fs/promises\";\nimport * as os from \"node:os\";\nimport * as path from \"node:path\";\nimport { UploadistaError } from \"@uploadista/core/errors\";\nimport type { ScanResult, VirusScanPluginShape } from \"@uploadista/core/flow\";\nimport { VirusScanPlugin } from \"@uploadista/core/flow\";\nimport { withOperationSpan } from \"@uploadista/observability\";\nimport NodeClam from \"clamscan\";\nimport { Effect, Layer } from \"effect\";\n\n/**\n * Configuration options for the ClamAV Virus Scan plugin\n */\nexport interface VirusScanPluginConfig {\n  /**\n   * Preference for scanning method\n   * - \"clamdscan\": Use clamd daemon (faster, recommended)\n   * - \"clamscan\": Use command-line binary\n   */\n  preference?: \"clamdscan\" | \"clamscan\";\n\n  /**\n   * Path to clamd socket (for daemon mode)\n   * Default: /var/run/clamd.scan/clamd.sock\n   */\n  clamdscan_socket?: string;\n\n  /**\n   * TCP host for clamd (alternative to socket)\n   */\n  clamdscan_host?: string;\n\n  /**\n   * TCP port for clamd\n   * Default: 3310\n   */\n  clamdscan_port?: number;\n\n  /**\n   * Whether to remove infected files automatically\n   * Default: false (not recommended in flow context)\n   */\n  remove_infected?: boolean;\n\n  /**\n   * Debug mode for clamscan library\n   * Default: false\n   */\n  debug_mode?: boolean;\n}\n\n/**\n * ClamAV implementation of the VirusScanPlugin\n *\n * This plugin uses the `clamscan` npm package to scan files for viruses\n * using ClamAV antivirus engine. It supports both clamd daemon mode (fast)\n * and binary mode (slower but more portable).\n *\n * @example\n * ```typescript\n * import { ClamScanPluginLayer } from \"@uploadista/flow-security-clamscan\";\n *\n * const program = Effect.gen(function* () {\n *   const virusScan = yield* VirusScanPlugin;\n *   const result = yield* virusScan.scan(fileBytes);\n *   console.log(result.isClean ? \"Clean\" : \"Infected\");\n * }).pipe(Effect.provide(ClamScanPluginLayer));\n * ```\n */\nclass ClamScanPluginImpl implements VirusScanPluginShape {\n  private clamscan: NodeClam | null = null;\n\n  constructor(private config: VirusScanPluginConfig = {}) {}\n\n  /**\n   * Initialize the ClamAV scanner\n   * This is called lazily on first use\n   */\n  private initScanner(): Effect.Effect<NodeClam, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        if (this.clamscan) {\n          return this.clamscan;\n        }\n\n        const scanner = yield* Effect.tryPromise({\n          try: async () => {\n            // Initialize clamscan with configuration\n            return await new NodeClam().init({\n              preference: this.config.preference ?? \"clamdscan\",\n              remove_infected: this.config.remove_infected ?? false,\n              debug_mode: this.config.debug_mode ?? false,\n              clamdscan: {\n                socket: this.config.clamdscan_socket,\n                host: this.config.clamdscan_host,\n                port: this.config.clamdscan_port ?? 3310,\n                timeout: 60000,\n                local_fallback: true, // Fall back to binary if daemon unavailable\n              },\n              clamscan: {\n                path: \"/usr/bin/clamscan\", // Standard path\n                scan_archives: true,\n                active: true,\n              },\n            });\n          },\n          catch: (error) =>\n            UploadistaError.fromCode(\"CLAMAV_NOT_INSTALLED\", {\n              body: `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,\n              details: { error },\n            }),\n        });\n\n        this.clamscan = scanner;\n        return scanner;\n      }.bind(this),\n    ).pipe(\n      withOperationSpan(\"virus-scan\", \"init\", {\n        \"scan.preference\": this.config.preference ?? \"clamdscan\",\n      }),\n    );\n  }\n\n  /**\n   * Scans a file for viruses using ClamAV\n   *\n   * @param input - File contents as Uint8Array\n   * @returns Effect with scan results\n   */\n  scan(input: Uint8Array): Effect.Effect<ScanResult, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* this.initScanner();\n\n        // Create temporary file path for scanning\n        const tmpDir = os.tmpdir();\n        const fileName = `uploadista-scan-${randomUUID()}`;\n        const tempFilePath = path.join(tmpDir, fileName);\n\n        // Write file data to temp file\n        yield* Effect.tryPromise({\n          try: () => fs.writeFile(tempFilePath, input),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to create temporary file for scanning\",\n              details: { error },\n            }),\n        });\n\n        // Scan the file and ensure cleanup\n        const result = yield* Effect.tryPromise({\n          try: () => scanner.isInfected(tempFilePath),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: `Virus scan failed: ${error instanceof Error ? error.message : String(error)}`,\n              details: { error },\n            }),\n        }).pipe(\n          Effect.map((scanResult) => ({\n            isClean: !scanResult.isInfected,\n            detectedViruses: scanResult.viruses || [],\n          })),\n          Effect.ensuring(\n            // Clean up temporary file (ignore errors)\n            Effect.tryPromise({\n              try: () => fs.unlink(tempFilePath),\n              catch: () => undefined,\n            }).pipe(Effect.ignore),\n          ),\n        );\n\n        return result;\n      }.bind(this),\n    ).pipe(\n      withOperationSpan(\"virus-scan\", \"scan\", {\n        \"scan.file_size\": input.byteLength,\n      }),\n    );\n  }\n\n  /**\n   * Gets the ClamAV engine version\n   *\n   * @returns Effect with version string\n   */\n  getVersion(): Effect.Effect<string, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* this.initScanner();\n\n        // Get version from ClamAV\n        const versionResult = yield* Effect.tryPromise({\n          try: () => scanner.getVersion(),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to get ClamAV version\",\n              details: { error },\n            }),\n        });\n\n        return versionResult.version || \"Unknown\";\n      }.bind(this),\n    ).pipe(withOperationSpan(\"virus-scan\", \"get-version\", {}));\n  }\n}\n\n/**\n * Creates a Virus Scan Plugin layer using ClamAV\n *\n * @param config - Optional ClamAV configuration\n * @returns Layer providing VirusScanPlugin\n *\n * @example\n * ```typescript\n * // Use with default configuration\n * const layer = ClamScanPluginLayer();\n *\n * // Use with custom configuration\n * const customLayer = ClamScanPluginLayer({\n *   preference: \"clamdscan\",\n *   clamdscan_socket: \"/var/run/clamav/clamd.ctl\"\n * });\n * ```\n */\nexport function virusScanPlugin(\n  config: VirusScanPluginConfig = {},\n): Layer.Layer<VirusScanPlugin, never, never> {\n  return Layer.succeed(VirusScanPlugin, new ClamScanPluginImpl(config));\n}\n"],"mappings":"qXAsEA,IAAM,EAAN,KAAyD,CACvD,SAAoC,KAEpC,YAAY,EAAwC,EAAE,CAAE,CAApC,KAAA,OAAA,EAMpB,aAAgE,CAC9D,OAAO,EAAO,IACZ,WAAqC,CACnC,GAAI,KAAK,SACP,OAAO,KAAK,SAGd,IAAM,EAAU,MAAO,EAAO,WAAW,CACvC,IAAK,SAEI,MAAM,IAAI,GAAU,CAAC,KAAK,CAC/B,WAAY,KAAK,OAAO,YAAc,YACtC,gBAAiB,KAAK,OAAO,iBAAmB,GAChD,WAAY,KAAK,OAAO,YAAc,GACtC,UAAW,CACT,OAAQ,KAAK,OAAO,iBACpB,KAAM,KAAK,OAAO,eAClB,KAAM,KAAK,OAAO,gBAAkB,KACpC,QAAS,IACT,eAAgB,GACjB,CACD,SAAU,CACR,KAAM,oBACN,cAAe,GACf,OAAQ,GACT,CACF,CAAC,CAEJ,MAAQ,GACN,EAAgB,SAAS,uBAAwB,CAC/C,KAAM,iCAAiC,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAC7F,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGF,MADA,MAAK,SAAW,EACT,GACP,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,kBAAmB,KAAK,OAAO,YAAc,YAC9C,CAAC,CACH,CASH,KAAK,EAA+D,CAClE,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAGnC,EAAS,EAAG,QAAQ,CACpB,EAAW,mBAAmB,GAAY,GAC1C,EAAe,EAAK,KAAK,EAAQ,EAAS,CAkChD,OA/BA,MAAO,EAAO,WAAW,CACvB,QAAW,EAAG,UAAU,EAAc,EAAM,CAC5C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGa,MAAO,EAAO,WAAW,CACtC,QAAW,EAAQ,WAAW,EAAa,CAC3C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,sBAAsB,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAClF,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAAC,KACD,EAAO,IAAK,IAAgB,CAC1B,QAAS,CAAC,EAAW,WACrB,gBAAiB,EAAW,SAAW,EAAE,CAC1C,EAAE,CACH,EAAO,SAEL,EAAO,WAAW,CAChB,QAAW,EAAG,OAAO,EAAa,CAClC,UAAa,IAAA,GACd,CAAC,CAAC,KAAK,EAAO,OAAO,CACvB,CACF,EAGD,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,iBAAkB,EAAM,WACzB,CAAC,CACH,CAQH,YAAqD,CACnD,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAYzC,OATsB,MAAO,EAAO,WAAW,CAC7C,QAAW,EAAQ,YAAY,CAC/B,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+BACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,EAEmB,SAAW,WAChC,KAAK,KAAK,CACb,CAAC,KAAK,EAAkB,aAAc,cAAe,EAAE,CAAC,CAAC,GAsB9D,SAAgB,EACd,EAAgC,EAAE,CACU,CAC5C,OAAO,EAAM,QAAQ,EAAiB,IAAI,EAAmB,EAAO,CAAC"}
+{"version":3,"file":"index.mjs","names":[],"sources":["../src/clamscan-plugin.ts"],"sourcesContent":["import { randomUUID } from \"node:crypto\";\nimport * as fs from \"node:fs/promises\";\nimport * as os from \"node:os\";\nimport * as path from \"node:path\";\nimport { UploadistaError } from \"@uploadista/core/errors\";\nimport type { ScanResult, VirusScanPluginShape } from \"@uploadista/core/flow\";\nimport { VirusScanPlugin } from \"@uploadista/core/flow\";\nimport { withOperationSpan } from \"@uploadista/observability\";\nimport NodeClam from \"clamscan\";\nimport { Effect, Layer } from \"effect\";\n\n/**\n * Configuration options for the ClamAV Virus Scan plugin\n */\nexport interface VirusScanPluginConfig {\n  /**\n   * Preference for scanning method\n   * - \"clamdscan\": Use clamd daemon (faster, recommended)\n   * - \"clamscan\": Use command-line binary\n   */\n  preference?: \"clamdscan\" | \"clamscan\";\n\n  /**\n   * Path to clamd socket (for daemon mode)\n   * Default: /var/run/clamd.scan/clamd.sock\n   */\n  clamdscan_socket?: string;\n\n  /**\n   * TCP host for clamd (alternative to socket)\n   */\n  clamdscan_host?: string;\n\n  /**\n   * TCP port for clamd\n   * Default: 3310\n   */\n  clamdscan_port?: number;\n\n  /**\n   * Whether to remove infected files automatically\n   * Default: false (not recommended in flow context)\n   */\n  remove_infected?: boolean;\n\n  /**\n   * Debug mode for clamscan library\n   * Default: false\n   */\n  debug_mode?: boolean;\n}\n\n/**\n * ClamAV implementation of the VirusScanPlugin\n *\n * This plugin uses the `clamscan` npm package to scan files for viruses\n * using ClamAV antivirus engine. It supports both clamd daemon mode (fast)\n * and binary mode (slower but more portable).\n *\n * @example\n * ```typescript\n * import { ClamScanPluginLayer } from \"@uploadista/flow-security-clamscan\";\n *\n * const program = Effect.gen(function* () {\n *   const virusScan = yield* VirusScanPlugin;\n *   const result = yield* virusScan.scan(fileBytes);\n *   console.log(result.isClean ? \"Clean\" : \"Infected\");\n * }).pipe(Effect.provide(ClamScanPluginLayer));\n * ```\n */\nclass ClamScanPluginImpl implements VirusScanPluginShape {\n  private clamscan: NodeClam | null = null;\n\n  constructor(private config: VirusScanPluginConfig = {}) {}\n\n  /**\n   * Initialize the ClamAV scanner\n   * This is called lazily on first use\n   */\n  private initScanner(): Effect.Effect<NodeClam, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        if (this.clamscan) {\n          return this.clamscan;\n        }\n\n        const scanner = yield* Effect.tryPromise({\n          try: async () => {\n            // Initialize clamscan with configuration\n            return await new NodeClam().init({\n              preference: this.config.preference ?? \"clamdscan\",\n              remove_infected: this.config.remove_infected ?? false,\n              debug_mode: this.config.debug_mode ?? false,\n              clamdscan: {\n                socket: this.config.clamdscan_socket,\n                host: this.config.clamdscan_host,\n                port: this.config.clamdscan_port ?? 3310,\n                timeout: 60000,\n                local_fallback: true, // Fall back to binary if daemon unavailable\n              },\n              clamscan: {\n                path: \"/usr/bin/clamscan\", // Standard path\n                scan_archives: true,\n                active: true,\n              },\n            });\n          },\n          catch: (error) =>\n            UploadistaError.fromCode(\"CLAMAV_NOT_INSTALLED\", {\n              body: `ClamAV initialization failed: ${error instanceof Error ? error.message : String(error)}`,\n              details: { error },\n            }),\n        });\n\n        this.clamscan = scanner;\n        return scanner;\n      }.bind(this),\n    ).pipe(\n      withOperationSpan(\"virus-scan\", \"init\", {\n        \"scan.preference\": this.config.preference ?? \"clamdscan\",\n      }),\n    );\n  }\n\n  /**\n   * Scans a file for viruses using ClamAV\n   *\n   * @param input - File contents as Uint8Array\n   * @returns Effect with scan results\n   */\n  scan(input: Uint8Array): Effect.Effect<ScanResult, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* this.initScanner();\n\n        // Create temporary file path for scanning\n        const tmpDir = os.tmpdir();\n        const fileName = `uploadista-scan-${randomUUID()}`;\n        const tempFilePath = path.join(tmpDir, fileName);\n\n        // Write file data to temp file\n        yield* Effect.tryPromise({\n          try: () => fs.writeFile(tempFilePath, input),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to create temporary file for scanning\",\n              details: { error },\n            }),\n        });\n\n        // Scan the file and ensure cleanup\n        const result = yield* Effect.tryPromise({\n          try: () => scanner.isInfected(tempFilePath),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: `Virus scan failed: ${error instanceof Error ? error.message : String(error)}`,\n              details: { error },\n            }),\n        }).pipe(\n          Effect.map((scanResult) => ({\n            isClean: !scanResult.isInfected,\n            detectedViruses: scanResult.viruses || [],\n          })),\n          Effect.ensuring(\n            // Clean up temporary file (ignore errors)\n            Effect.tryPromise({\n              try: () => fs.unlink(tempFilePath),\n              catch: () => undefined,\n            }).pipe(Effect.ignore),\n          ),\n        );\n\n        return result;\n      }.bind(this),\n    ).pipe(\n      withOperationSpan(\"virus-scan\", \"scan\", {\n        \"scan.file_size\": input.byteLength,\n      }),\n    );\n  }\n\n  /**\n   * Gets the ClamAV engine version\n   *\n   * @returns Effect with version string\n   */\n  getVersion(): Effect.Effect<string, UploadistaError> {\n    return Effect.gen(\n      function* (this: ClamScanPluginImpl) {\n        // Initialize scanner (lazy initialization)\n        const scanner = yield* this.initScanner();\n\n        // Get version from ClamAV\n        const versionResult = yield* Effect.tryPromise({\n          try: () => scanner.getVersion(),\n          catch: (error) =>\n            UploadistaError.fromCode(\"VIRUS_SCAN_FAILED\", {\n              body: \"Failed to get ClamAV version\",\n              details: { error },\n            }),\n        });\n\n        return versionResult.version || \"Unknown\";\n      }.bind(this),\n    ).pipe(withOperationSpan(\"virus-scan\", \"get-version\", {}));\n  }\n}\n\n/**\n * Creates a Virus Scan Plugin layer using ClamAV\n *\n * @param config - Optional ClamAV configuration\n * @returns Layer providing VirusScanPlugin\n *\n * @example\n * ```typescript\n * // Use with default configuration\n * const layer = ClamScanPluginLayer();\n *\n * // Use with custom configuration\n * const customLayer = ClamScanPluginLayer({\n *   preference: \"clamdscan\",\n *   clamdscan_socket: \"/var/run/clamav/clamd.ctl\"\n * });\n * ```\n */\nexport function virusScanPlugin(\n  config: VirusScanPluginConfig = {},\n): Layer.Layer<VirusScanPlugin, never, never> {\n  return Layer.succeed(VirusScanPlugin, new ClamScanPluginImpl(config));\n}\n"],"mappings":"qXAsEA,IAAM,EAAN,KAAyD,CACvD,SAAoC,KAEpC,YAAY,EAAwC,EAAE,CAAE,CAApC,KAAA,OAAA,EAMpB,aAAgE,CAC9D,OAAO,EAAO,IACZ,WAAqC,CACnC,GAAI,KAAK,SACP,OAAO,KAAK,SAGd,IAAM,EAAU,MAAO,EAAO,WAAW,CACvC,IAAK,SAEI,MAAM,IAAI,GAAU,CAAC,KAAK,CAC/B,WAAY,KAAK,OAAO,YAAc,YACtC,gBAAiB,KAAK,OAAO,iBAAmB,GAChD,WAAY,KAAK,OAAO,YAAc,GACtC,UAAW,CACT,OAAQ,KAAK,OAAO,iBACpB,KAAM,KAAK,OAAO,eAClB,KAAM,KAAK,OAAO,gBAAkB,KACpC,QAAS,IACT,eAAgB,GACjB,CACD,SAAU,CACR,KAAM,oBACN,cAAe,GACf,OAAQ,GACT,CACF,CAAC,CAEJ,MAAQ,GACN,EAAgB,SAAS,uBAAwB,CAC/C,KAAM,iCAAiC,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAC7F,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGF,MADA,MAAK,SAAW,EACT,GACP,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,kBAAmB,KAAK,OAAO,YAAc,YAC9C,CAAC,CACH,CASH,KAAK,EAA+D,CAClE,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAGnC,EAAS,EAAG,QAAQ,CACpB,EAAW,mBAAmB,GAAY,GAC1C,EAAe,EAAK,KAAK,EAAQ,EAAS,CAkChD,OA/BA,MAAO,EAAO,WAAW,CACvB,QAAW,EAAG,UAAU,EAAc,EAAM,CAC5C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+CACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAGa,MAAO,EAAO,WAAW,CACtC,QAAW,EAAQ,WAAW,EAAa,CAC3C,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,sBAAsB,aAAiB,MAAQ,EAAM,QAAU,OAAO,EAAM,GAClF,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,CAAC,KACD,EAAO,IAAK,IAAgB,CAC1B,QAAS,CAAC,EAAW,WACrB,gBAAiB,EAAW,SAAW,EAAE,CAC1C,EAAE,CACH,EAAO,SAEL,EAAO,WAAW,CAChB,QAAW,EAAG,OAAO,EAAa,CAClC,UAAa,IAAA,GACd,CAAC,CAAC,KAAK,EAAO,OAAO,CACvB,CACF,EAGD,KAAK,KAAK,CACb,CAAC,KACA,EAAkB,aAAc,OAAQ,CACtC,iBAAkB,EAAM,WACzB,CAAC,CACH,CAQH,YAAqD,CACnD,OAAO,EAAO,IACZ,WAAqC,CAEnC,IAAM,EAAU,MAAO,KAAK,aAAa,CAYzC,OATsB,MAAO,EAAO,WAAW,CAC7C,QAAW,EAAQ,YAAY,CAC/B,MAAQ,GACN,EAAgB,SAAS,oBAAqB,CAC5C,KAAM,+BACN,QAAS,CAAE,QAAO,CACnB,CAAC,CACL,CAAC,EAEmB,SAAW,WAChC,KAAK,KAAK,CACb,CAAC,KAAK,EAAkB,aAAc,cAAe,EAAE,CAAC,CAAC,GAsB9D,SAAgB,EACd,EAAgC,EAAE,CACU,CAC5C,OAAO,EAAM,QAAQ,EAAiB,IAAI,EAAmB,EAAO,CAAC"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@uploadista/flow-security-clamscan",
   "type": "module",
-  "version": "0.0.20",
+  "version": "0.1.0",
   "description": "ClamAV virus scanning plugin for Uploadista Flow",
   "license": "MIT",
   "author": "Uploadista",
@@ -15,8 +15,8 @@
   },
   "dependencies": {
     "clamscan": "^2.3.3",
-    "@uploadista/core": "0.0.20",
-    "@uploadista/observability": "0.0.20"
+    "@uploadista/core": "0.1.0",
+    "@uploadista/observability": "0.1.0"
   },
   "peerDependencies": {
     "effect": "^3.0.0",
@@ -24,19 +24,19 @@
   },
   "devDependencies": {
     "@effect/vitest": "0.27.0",
-    "@types/node": "24.10.4",
-    "effect": "3.19.12",
-    "tsdown": "0.18.0",
-    "vitest": "4.0.15",
-    "zod": "4.2.0",
-    "@uploadista/typescript-config": "0.0.20"
+    "@types/node": "24.10.8",
+    "effect": "3.19.14",
+    "tsdown": "0.19.0",
+    "vitest": "4.0.17",
+    "zod": "4.3.5",
+    "@uploadista/typescript-config": "0.1.0"
   },
   "scripts": {
     "build": "tsc --noEmit && tsdown",
     "format": "biome format --write ./src",
     "lint": "biome lint --write ./src",
     "check": "biome check --write ./src",
-    "test": "vitest",
+    "test": "vitest run",
     "test:run": "vitest run",
     "test:watch": "vitest watch"
   }

package/tests/clamscan-plugin.test.ts

@@ -0,0 +1,435 @@
+import { describe, expect, it, vi, beforeEach } from "vitest";
+import { Effect } from "effect";
+import { VirusScanPlugin } from "@uploadista/core/flow";
+import { virusScanPlugin, type VirusScanPluginConfig } from "../src/clamscan-plugin";
+
+// Shared mock state
+let mockIsInfectedResult: { isInfected: boolean; file: string; viruses: string[] | null } = {
+  isInfected: false,
+  file: "/tmp/test-file",
+  viruses: [],
+};
+let mockVersionResult: { version: string | undefined } = { version: "ClamAV 1.0.0" };
+let mockInitShouldFail = false;
+let mockIsInfectedShouldFail = false;
+let mockGetVersionShouldFail = false;
+
+// Mock the clamscan module
+vi.mock("clamscan", () => {
+  return {
+    default: class MockNodeClam {
+      async init() {
+        if (mockInitShouldFail) {
+          throw new Error("ClamAV not found");
+        }
+        return this;
+      }
+      async isInfected() {
+        if (mockIsInfectedShouldFail) {
+          throw new Error("Scan timeout");
+        }
+        return mockIsInfectedResult;
+      }
+      async getVersion() {
+        if (mockGetVersionShouldFail) {
+          throw new Error("Connection refused");
+        }
+        return mockVersionResult;
+      }
+    },
+  };
+});
+
+describe("ClamScan Virus Plugin", () => {
+  beforeEach(() => {
+    // Reset mock state before each test
+    mockIsInfectedResult = {
+      isInfected: false,
+      file: "/tmp/test-file",
+      viruses: [],
+    };
+    mockVersionResult = { version: "ClamAV 1.0.0" };
+    mockInitShouldFail = false;
+    mockIsInfectedShouldFail = false;
+    mockGetVersionShouldFail = false;
+  });
+
+  describe("virusScanPlugin factory", () => {
+    it("should create a plugin layer with default configuration", () => {
+      const layer = virusScanPlugin();
+      expect(layer).toBeDefined();
+    });
+
+    it("should create a plugin layer with custom configuration", () => {
+      const config: VirusScanPluginConfig = {
+        preference: "clamscan",
+        clamdscan_socket: "/custom/socket/path",
+        clamdscan_host: "localhost",
+        clamdscan_port: 3311,
+        remove_infected: false,
+        debug_mode: true,
+      };
+      const layer = virusScanPlugin(config);
+      expect(layer).toBeDefined();
+    });
+  });
+
+  describe("scan method", () => {
+    it("should return clean result for non-infected file", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("clean file content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+      expect(result.detectedViruses).toEqual([]);
+    });
+
+    it("should return infected result with virus names", async () => {
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/test-file",
+        viruses: ["Eicar-Test-Signature", "Win.Trojan.Generic"],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("infected file content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toEqual(["Eicar-Test-Signature", "Win.Trojan.Generic"]);
+    });
+
+    it("should handle null virus array for infected files", async () => {
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/test-file",
+        viruses: null,
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("infected file");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toEqual([]);
+    });
+
+    it("should handle binary data correctly", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        // Binary data that isn't valid UTF-8
+        const binaryData = new Uint8Array([0x00, 0xff, 0xfe, 0x89, 0x50, 0x4e, 0x47]);
+        return yield* plugin.scan(binaryData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+    });
+
+    it("should handle large file data", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        // 1MB of data
+        const largeData = new Uint8Array(1024 * 1024).fill(0x41);
+        return yield* plugin.scan(largeData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+    });
+  });
+
+  describe("getVersion method", () => {
+    it("should return ClamAV version string", async () => {
+      mockVersionResult = {
+        version: "ClamAV 1.0.0/26789/Tue Jan 14 09:00:00 2025",
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result).toBe("ClamAV 1.0.0/26789/Tue Jan 14 09:00:00 2025");
+    });
+
+    it("should return 'Unknown' when version is undefined", async () => {
+      mockVersionResult = {
+        version: undefined,
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result).toBe("Unknown");
+    });
+
+    it("should return 'Unknown' when version is empty", async () => {
+      mockVersionResult = {
+        version: "",
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result).toBe("Unknown");
+    });
+  });
+
+  describe("error handling", () => {
+    it("should fail with CLAMAV_NOT_INSTALLED when initialization fails", async () => {
+      mockInitShouldFail = true;
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+      if (result._tag === "Left") {
+        expect(result.left.code).toBe("CLAMAV_NOT_INSTALLED");
+      }
+    });
+
+    it("should fail with VIRUS_SCAN_FAILED when scan fails", async () => {
+      mockIsInfectedShouldFail = true;
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+      if (result._tag === "Left") {
+        expect(result.left.code).toBe("VIRUS_SCAN_FAILED");
+      }
+    });
+
+    it("should fail with VIRUS_SCAN_FAILED when getVersion fails", async () => {
+      mockGetVersionShouldFail = true;
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.getVersion();
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+      if (result._tag === "Left") {
+        expect(result.left.code).toBe("VIRUS_SCAN_FAILED");
+      }
+    });
+  });
+
+  describe("configuration options", () => {
+    it("should accept clamdscan preference", () => {
+      const layer = virusScanPlugin({ preference: "clamdscan" });
+      expect(layer).toBeDefined();
+    });
+
+    it("should accept clamscan preference", () => {
+      const layer = virusScanPlugin({ preference: "clamscan" });
+      expect(layer).toBeDefined();
+    });
+
+    it("should accept socket configuration for clamd", () => {
+      const layer = virusScanPlugin({
+        preference: "clamdscan",
+        clamdscan_socket: "/var/run/clamav/clamd.ctl",
+      });
+      expect(layer).toBeDefined();
+    });
+
+    it("should accept TCP host and port for clamd", () => {
+      const layer = virusScanPlugin({
+        preference: "clamdscan",
+        clamdscan_host: "127.0.0.1",
+        clamdscan_port: 3310,
+      });
+      expect(layer).toBeDefined();
+    });
+
+    it("should accept debug mode configuration", () => {
+      const layer = virusScanPlugin({
+        debug_mode: true,
+      });
+      expect(layer).toBeDefined();
+    });
+
+    it("should accept remove_infected configuration", () => {
+      const layer = virusScanPlugin({
+        remove_infected: false,
+      });
+      expect(layer).toBeDefined();
+    });
+  });
+
+  describe("EICAR test file detection", () => {
+    it("should detect EICAR test file as infected", async () => {
+      // EICAR is a standard antivirus test signature
+      const EICAR_SIGNATURE =
+        "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*";
+
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/eicar-test",
+        viruses: ["Eicar-Test-Signature"],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const eicarData = new TextEncoder().encode(EICAR_SIGNATURE);
+        return yield* plugin.scan(eicarData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toContain("Eicar-Test-Signature");
+    });
+  });
+
+  describe("temporary file handling", () => {
+    it("should clean up temporary files after successful scan", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test-file",
+        viruses: [],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      // The test verifies the scan completes - cleanup is handled internally
+      const result = await Effect.runPromise(program);
+      expect(result).toBeDefined();
+      expect(result.isClean).toBe(true);
+    });
+
+    it("should clean up temporary files even when scan fails", async () => {
+      mockIsInfectedShouldFail = true;
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("test content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      // Scan should fail but temp file cleanup should still happen
+      const result = await Effect.runPromise(Effect.either(program));
+      expect(result._tag).toBe("Left");
+    });
+  });
+
+  describe("lazy initialization", () => {
+    it("should initialize scanner lazily on first use", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/test",
+        viruses: [],
+      };
+
+      const layer = virusScanPlugin();
+
+      // First scan initializes the scanner
+      const program1 = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.scan(new TextEncoder().encode("test1"));
+      }).pipe(Effect.provide(layer));
+
+      await Effect.runPromise(program1);
+
+      // Second scan reuses the initialized scanner (same layer instance)
+      const program2 = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        return yield* plugin.scan(new TextEncoder().encode("test2"));
+      }).pipe(Effect.provide(layer));
+
+      const result = await Effect.runPromise(program2);
+      expect(result.isClean).toBe(true);
+    });
+  });
+
+  describe("multiple virus detection", () => {
+    it("should report multiple viruses when detected", async () => {
+      mockIsInfectedResult = {
+        isInfected: true,
+        file: "/tmp/multi-virus",
+        viruses: ["Trojan.Generic", "Worm.Mydoom", "Virus.Sality"],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const fileData = new TextEncoder().encode("malicious content");
+        return yield* plugin.scan(fileData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(false);
+      expect(result.detectedViruses).toHaveLength(3);
+      expect(result.detectedViruses).toContain("Trojan.Generic");
+      expect(result.detectedViruses).toContain("Worm.Mydoom");
+      expect(result.detectedViruses).toContain("Virus.Sality");
+    });
+  });
+
+  describe("empty file handling", () => {
+    it("should handle empty file input", async () => {
+      mockIsInfectedResult = {
+        isInfected: false,
+        file: "/tmp/empty-file",
+        viruses: [],
+      };
+
+      const program = Effect.gen(function* () {
+        const plugin = yield* VirusScanPlugin;
+        const emptyData = new Uint8Array(0);
+        return yield* plugin.scan(emptyData);
+      }).pipe(Effect.provide(virusScanPlugin()));
+
+      const result = await Effect.runPromise(program);
+      expect(result.isClean).toBe(true);
+      expect(result.detectedViruses).toEqual([]);
+    });
+  });
+});