@uploadista/flow-security-nodes 0.0.20 → 0.1.0

package/.turbo/turbo-build.log

@@ -1,22 +1,21 @@
 
-> @uploadista/flow-security-nodes@0.0.20-beta.9 build /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/nodes
+> @uploadista/flow-security-nodes@0.1.0 build /home/runner/work/uploadista-sdk/uploadista-sdk/packages/flow/security/nodes
 > tsc --noEmit && tsdown
 
-ℹ tsdown v0.18.0 powered by rolldown v1.0.0-beta.53
-ℹ config file: /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/nodes/tsdown.config.ts 
+ℹ tsdown v0.19.0 powered by rolldown v1.0.0-beta.59
+ℹ config file: /home/runner/work/uploadista-sdk/uploadista-sdk/packages/flow/security/nodes/tsdown.config.ts 
 ℹ entry: src/index.ts
 ℹ tsconfig: tsconfig.json
 ℹ Build start
-ℹ Cleaning 7 files
 ℹ [CJS] dist/index.cjs  1.23 kB │ gzip: 0.69 kB
 ℹ [CJS] 1 files, total: 1.23 kB
 ℹ [ESM] dist/index.mjs        1.26 kB │ gzip: 0.73 kB
-ℹ [ESM] dist/index.mjs.map    5.67 kB │ gzip: 2.19 kB
+ℹ [ESM] dist/index.mjs.map    5.64 kB │ gzip: 2.19 kB
 ℹ [ESM] dist/index.d.mts.map  0.54 kB │ gzip: 0.29 kB
 ℹ [ESM] dist/index.d.mts      3.29 kB │ gzip: 1.21 kB
-ℹ [ESM] 4 files, total: 10.76 kB
-✔ Build complete in 7869ms
+ℹ [ESM] 4 files, total: 10.73 kB
+✔ Build complete in 25058ms
 ℹ [CJS] dist/index.d.cts.map  0.54 kB │ gzip: 0.29 kB
 ℹ [CJS] dist/index.d.cts      3.29 kB │ gzip: 1.20 kB
 ℹ [CJS] 2 files, total: 3.83 kB
-✔ Build complete in 7894ms
+✔ Build complete in 25074ms

package/dist/index.d.cts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.cts","names":[],"sources":["../src/scan-virus-node.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;cAaa,YAAU,CAAA,CAAA;;;AAAvB,CAAA,CAAA;AACY,KAAA,UAAA,GAAa,CAAA,CAAE,KAAa,CAAA,OAAA,UAAR,CAAA;AAKhC;;;cAAa,iBAAe,CAAA,CAAA;;;;EAAA,CAAA,CAAA,CAAA;EAAA,OAAA,cAAA,cAAA,YAAA,CAAA,CAAA;AAgB5B,CAAA,eAAY,CAAA;AA8BI,KA9BJ,eAAA,GAAkB,CAAA,CAAE,KA8BG,CAAA,OA9BU,eA8BV,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAAnB,mBAAA,sBAEN;;IAC0B,MAAA,CAAA,OAD0B,sBAAA,CAC1B,YAAA;yBAAA,uBAAA,CAAA,UAAA;;;;;;;aAqE2l1M;;iEAAA,uBAAA,CAAA,UAAA"}
+{"version":3,"file":"index.d.cts","names":[],"sources":["../src/scan-virus-node.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;cAaa,YAAU,CAAA,CAAA;;;AAAvB,CAAA,CAAA;AACY,KAAA,UAAA,GAAa,CAAA,CAAE,KAAa,CAAA,OAAA,UAAR,CAAA;AAKhC;;;cAAa,iBAAe,CAAA,CAAA;;;;EAAA,CAAA,CAAA,CAAA;EAAA,OAAA,cAAA,cAAA,YAAA,CAAA,CAAA;AAgB5B,CAAA,eAAY,CAAA;AA8BI,KA9BJ,eAAA,GAAkB,CAAA,CAAE,KA8BG,CAAA,OA9BU,eA8BV,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAAnB,mBAAA,sBAEN;;IAC0B,MAAA,CAAA,OAD0B,sBAAA,CAC1B,YAAA;yBAAA,uBAAA,CAAA,UAAA;;;;;;;aAqEik5M;;iEAAA,uBAAA,CAAA,UAAA"}

package/dist/index.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.mts","names":[],"sources":["../src/scan-virus-node.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;cAaa,YAAU,CAAA,CAAA;;;AAAvB,CAAA,CAAA;AACY,KAAA,UAAA,GAAa,CAAA,CAAE,KAAa,CAAA,OAAA,UAAR,CAAA;AAKhC;;;cAAa,iBAAe,CAAA,CAAA;;;;EAAA,CAAA,CAAA,CAAA;EAAA,OAAA,cAAA,cAAA,YAAA,CAAA,CAAA;AAgB5B,CAAA,eAAY,CAAA;AA8BI,KA9BJ,eAAA,GAAkB,CAAA,CAAE,KA8BG,CAAA,OA9BU,eA8BV,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAAnB,mBAAA,sBAEN;;IAC0B,MAAA,CAAA,OAD0B,sBAAA,CAC1B,YAAA;yBAAA,uBAAA,CAAA,UAAA;;;;;;;aAqE2l1M;;iEAAA,uBAAA,CAAA,UAAA"}
+{"version":3,"file":"index.d.mts","names":[],"sources":["../src/scan-virus-node.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;cAaa,YAAU,CAAA,CAAA;;;AAAvB,CAAA,CAAA;AACY,KAAA,UAAA,GAAa,CAAA,CAAE,KAAa,CAAA,OAAA,UAAR,CAAA;AAKhC;;;cAAa,iBAAe,CAAA,CAAA;;;;EAAA,CAAA,CAAA,CAAA;EAAA,OAAA,cAAA,cAAA,YAAA,CAAA,CAAA;AAgB5B,CAAA,eAAY,CAAA;AA8BI,KA9BJ,eAAA,GAAkB,CAAA,CAAE,KA8BG,CAAA,OA9BU,eA8BV,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAAnB,mBAAA,sBAEN;;IAC0B,MAAA,CAAA,OAD0B,sBAAA,CAC1B,YAAA;yBAAA,uBAAA,CAAA,UAAA;;;;;;;aAqEik5M;;iEAAA,uBAAA,CAAA,UAAA"}

package/dist/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":["scanMetadata: ScanMetadata"],"sources":["../src/scan-virus-node.ts"],"sourcesContent":["import { httpFailure } from \"@uploadista/core/errors\";\nimport {\n  createTransformNode,\n  type ScanMetadata,\n  STORAGE_OUTPUT_TYPE_ID,\n  VirusScanPlugin,\n} from \"@uploadista/core/flow\";\nimport { Effect } from \"effect\";\nimport { z } from \"zod\";\n\n/**\n * Scan action to take when a virus is detected\n */\nexport const ScanAction = z.enum([\"fail\", \"pass\"]);\nexport type ScanAction = z.infer<typeof ScanAction>;\n\n/**\n * Parameters for the Scan Virus node\n */\nexport const ScanVirusParams = z.object({\n  /**\n   * Action to take when a virus is detected:\n   * - \"fail\": Mark flow task as FAILED and stop processing\n   * - \"pass\": Continue processing but add virus metadata to file\n   */\n  action: ScanAction.default(\"fail\"),\n\n  /**\n   * Maximum time to wait for scan completion (in milliseconds)\n   * Default: 60000ms (60 seconds)\n   * Max: 300000ms (5 minutes)\n   */\n  timeout: z.number().min(1000).max(300000).optional().default(60000),\n});\n\nexport type ScanVirusParams = z.infer<typeof ScanVirusParams>;\n\n/**\n * Creates a Scan Virus node for malware detection\n *\n * Scans files for viruses and malware using the configured VirusScanPlugin\n * (typically ClamAV). Supports configurable actions on detection:\n * - \"fail\": Stop flow execution when virus detected\n * - \"pass\": Continue flow with detection metadata\n *\n * All scan results are stored in file.metadata.virusScan for downstream nodes.\n *\n * @param id - Unique node identifier\n * @param params - Configuration parameters for scan behavior\n * @returns Effect that resolves to the configured node\n *\n * @example\n * ```typescript\n * // Fail on virus detection (default)\n * const failNode = yield* createScanVirusNode(\"scan-1\", {\n *   action: \"fail\"\n * });\n *\n * // Pass through with metadata\n * const passNode = yield* createScanVirusNode(\"scan-2\", {\n *   action: \"pass\",\n *   timeout: 120000 // 2 minutes\n * });\n * ```\n */\nexport function createScanVirusNode(\n  id: string,\n  params: ScanVirusParams = { action: \"fail\", timeout: 60000 },\n  options?: { keepOutput?: boolean },\n) {\n  return Effect.gen(function* () {\n    const virusScanService = yield* VirusScanPlugin;\n\n    // Validate params\n    const validatedParams = ScanVirusParams.parse(params);\n\n    return yield* createTransformNode({\n      id,\n      name: \"Scan Virus\",\n      description: \"Scans files for viruses and malware using ClamAV\",\n      nodeTypeId: \"scan-virus\",\n      outputTypeId: STORAGE_OUTPUT_TYPE_ID,\n      keepOutput: options?.keepOutput,\n      // External service - enable circuit breaker with fail fallback (don't skip security scans)\n      circuitBreaker: {\n        enabled: true,\n        failureThreshold: 5,\n        resetTimeout: 60000,\n        fallback: { type: \"fail\" },\n      },\n      transform: (inputBytes, file) =>\n        Effect.gen(function* () {\n          // Perform virus scan\n          const scanResult = yield* virusScanService.scan(inputBytes);\n\n          // Get engine version for metadata\n          const engineVersion = yield* virusScanService.getVersion();\n\n          // Build comprehensive scan metadata\n          const scanMetadata: ScanMetadata = {\n            scanned: true,\n            isClean: scanResult.isClean,\n            detectedViruses: scanResult.detectedViruses,\n            scanDate: new Date().toISOString(),\n            engineVersion,\n            definitionsDate: new Date().toISOString(), // TODO: Get actual definitions date from plugin\n          };\n\n          // Check if virus was detected\n          if (!scanResult.isClean) {\n            // Build error message with detected viruses\n            const virusList = scanResult.detectedViruses.join(\", \");\n            const message = `Virus detected: ${virusList}`;\n\n            // Handle based on configured action\n            if (validatedParams.action === \"fail\") {\n              // Fail the flow task\n              return yield* httpFailure(\"VIRUS_DETECTED\", {\n                body: message,\n                details: { scanMetadata },\n              });\n            }\n            // action === \"pass\": Continue with metadata (handled below)\n          }\n\n          // Return file with scan metadata (clean or pass action)\n          return {\n            bytes: inputBytes, // Pass through original bytes unchanged\n            metadata: {\n              ...file.metadata,\n              virusScan: scanMetadata,\n            },\n          };\n        }),\n    });\n  });\n}\n"],"mappings":"2NAaA,MAAa,EAAa,EAAE,KAAK,CAAC,OAAQ,OAAO,CAAC,CAMrC,EAAkB,EAAE,OAAO,CAMtC,OAAQ,EAAW,QAAQ,OAAO,CAOlC,QAAS,EAAE,QAAQ,CAAC,IAAI,IAAK,CAAC,IAAI,IAAO,CAAC,UAAU,CAAC,QAAQ,IAAM,CACpE,CAAC,CAgCF,SAAgB,EACd,EACA,EAA0B,CAAE,OAAQ,OAAQ,QAAS,IAAO,CAC5D,EACA,CACA,OAAO,EAAO,IAAI,WAAa,CAC7B,IAAM,EAAmB,MAAO,EAG1B,EAAkB,EAAgB,MAAM,EAAO,CAErD,OAAO,MAAO,EAAoB,CAChC,KACA,KAAM,aACN,YAAa,mDACb,WAAY,aACZ,aAAc,EACd,WAAY,GAAS,WAErB,eAAgB,CACd,QAAS,GACT,iBAAkB,EAClB,aAAc,IACd,SAAU,CAAE,KAAM,OAAQ,CAC3B,CACD,WAAY,EAAY,IACtB,EAAO,IAAI,WAAa,CAEtB,IAAM,EAAa,MAAO,EAAiB,KAAK,EAAW,CAGrD,EAAgB,MAAO,EAAiB,YAAY,CAGpDA,EAA6B,CACjC,QAAS,GACT,QAAS,EAAW,QACpB,gBAAiB,EAAW,gBAC5B,SAAU,IAAI,MAAM,CAAC,aAAa,CAClC,gBACA,gBAAiB,IAAI,MAAM,CAAC,aAAa,CAC1C,CAGD,GAAI,CAAC,EAAW,QAAS,CAGvB,IAAM,EAAU,mBADE,EAAW,gBAAgB,KAAK,KAAK,GAIvD,GAAI,EAAgB,SAAW,OAE7B,OAAO,MAAO,EAAY,iBAAkB,CAC1C,KAAM,EACN,QAAS,CAAE,eAAc,CAC1B,CAAC,CAMN,MAAO,CACL,MAAO,EACP,SAAU,CACR,GAAG,EAAK,SACR,UAAW,EACZ,CACF,EACD,CACL,CAAC,EACF"}
+{"version":3,"file":"index.mjs","names":[],"sources":["../src/scan-virus-node.ts"],"sourcesContent":["import { httpFailure } from \"@uploadista/core/errors\";\nimport {\n  createTransformNode,\n  type ScanMetadata,\n  STORAGE_OUTPUT_TYPE_ID,\n  VirusScanPlugin,\n} from \"@uploadista/core/flow\";\nimport { Effect } from \"effect\";\nimport { z } from \"zod\";\n\n/**\n * Scan action to take when a virus is detected\n */\nexport const ScanAction = z.enum([\"fail\", \"pass\"]);\nexport type ScanAction = z.infer<typeof ScanAction>;\n\n/**\n * Parameters for the Scan Virus node\n */\nexport const ScanVirusParams = z.object({\n  /**\n   * Action to take when a virus is detected:\n   * - \"fail\": Mark flow task as FAILED and stop processing\n   * - \"pass\": Continue processing but add virus metadata to file\n   */\n  action: ScanAction.default(\"fail\"),\n\n  /**\n   * Maximum time to wait for scan completion (in milliseconds)\n   * Default: 60000ms (60 seconds)\n   * Max: 300000ms (5 minutes)\n   */\n  timeout: z.number().min(1000).max(300000).optional().default(60000),\n});\n\nexport type ScanVirusParams = z.infer<typeof ScanVirusParams>;\n\n/**\n * Creates a Scan Virus node for malware detection\n *\n * Scans files for viruses and malware using the configured VirusScanPlugin\n * (typically ClamAV). Supports configurable actions on detection:\n * - \"fail\": Stop flow execution when virus detected\n * - \"pass\": Continue flow with detection metadata\n *\n * All scan results are stored in file.metadata.virusScan for downstream nodes.\n *\n * @param id - Unique node identifier\n * @param params - Configuration parameters for scan behavior\n * @returns Effect that resolves to the configured node\n *\n * @example\n * ```typescript\n * // Fail on virus detection (default)\n * const failNode = yield* createScanVirusNode(\"scan-1\", {\n *   action: \"fail\"\n * });\n *\n * // Pass through with metadata\n * const passNode = yield* createScanVirusNode(\"scan-2\", {\n *   action: \"pass\",\n *   timeout: 120000 // 2 minutes\n * });\n * ```\n */\nexport function createScanVirusNode(\n  id: string,\n  params: ScanVirusParams = { action: \"fail\", timeout: 60000 },\n  options?: { keepOutput?: boolean },\n) {\n  return Effect.gen(function* () {\n    const virusScanService = yield* VirusScanPlugin;\n\n    // Validate params\n    const validatedParams = ScanVirusParams.parse(params);\n\n    return yield* createTransformNode({\n      id,\n      name: \"Scan Virus\",\n      description: \"Scans files for viruses and malware using ClamAV\",\n      nodeTypeId: \"scan-virus\",\n      outputTypeId: STORAGE_OUTPUT_TYPE_ID,\n      keepOutput: options?.keepOutput,\n      // External service - enable circuit breaker with fail fallback (don't skip security scans)\n      circuitBreaker: {\n        enabled: true,\n        failureThreshold: 5,\n        resetTimeout: 60000,\n        fallback: { type: \"fail\" },\n      },\n      transform: (inputBytes, file) =>\n        Effect.gen(function* () {\n          // Perform virus scan\n          const scanResult = yield* virusScanService.scan(inputBytes);\n\n          // Get engine version for metadata\n          const engineVersion = yield* virusScanService.getVersion();\n\n          // Build comprehensive scan metadata\n          const scanMetadata: ScanMetadata = {\n            scanned: true,\n            isClean: scanResult.isClean,\n            detectedViruses: scanResult.detectedViruses,\n            scanDate: new Date().toISOString(),\n            engineVersion,\n            definitionsDate: new Date().toISOString(), // TODO: Get actual definitions date from plugin\n          };\n\n          // Check if virus was detected\n          if (!scanResult.isClean) {\n            // Build error message with detected viruses\n            const virusList = scanResult.detectedViruses.join(\", \");\n            const message = `Virus detected: ${virusList}`;\n\n            // Handle based on configured action\n            if (validatedParams.action === \"fail\") {\n              // Fail the flow task\n              return yield* httpFailure(\"VIRUS_DETECTED\", {\n                body: message,\n                details: { scanMetadata },\n              });\n            }\n            // action === \"pass\": Continue with metadata (handled below)\n          }\n\n          // Return file with scan metadata (clean or pass action)\n          return {\n            bytes: inputBytes, // Pass through original bytes unchanged\n            metadata: {\n              ...file.metadata,\n              virusScan: scanMetadata,\n            },\n          };\n        }),\n    });\n  });\n}\n"],"mappings":"2NAaA,MAAa,EAAa,EAAE,KAAK,CAAC,OAAQ,OAAO,CAAC,CAMrC,EAAkB,EAAE,OAAO,CAMtC,OAAQ,EAAW,QAAQ,OAAO,CAOlC,QAAS,EAAE,QAAQ,CAAC,IAAI,IAAK,CAAC,IAAI,IAAO,CAAC,UAAU,CAAC,QAAQ,IAAM,CACpE,CAAC,CAgCF,SAAgB,EACd,EACA,EAA0B,CAAE,OAAQ,OAAQ,QAAS,IAAO,CAC5D,EACA,CACA,OAAO,EAAO,IAAI,WAAa,CAC7B,IAAM,EAAmB,MAAO,EAG1B,EAAkB,EAAgB,MAAM,EAAO,CAErD,OAAO,MAAO,EAAoB,CAChC,KACA,KAAM,aACN,YAAa,mDACb,WAAY,aACZ,aAAc,EACd,WAAY,GAAS,WAErB,eAAgB,CACd,QAAS,GACT,iBAAkB,EAClB,aAAc,IACd,SAAU,CAAE,KAAM,OAAQ,CAC3B,CACD,WAAY,EAAY,IACtB,EAAO,IAAI,WAAa,CAEtB,IAAM,EAAa,MAAO,EAAiB,KAAK,EAAW,CAGrD,EAAgB,MAAO,EAAiB,YAAY,CAGpD,EAA6B,CACjC,QAAS,GACT,QAAS,EAAW,QACpB,gBAAiB,EAAW,gBAC5B,SAAU,IAAI,MAAM,CAAC,aAAa,CAClC,gBACA,gBAAiB,IAAI,MAAM,CAAC,aAAa,CAC1C,CAGD,GAAI,CAAC,EAAW,QAAS,CAGvB,IAAM,EAAU,mBADE,EAAW,gBAAgB,KAAK,KAAK,GAIvD,GAAI,EAAgB,SAAW,OAE7B,OAAO,MAAO,EAAY,iBAAkB,CAC1C,KAAM,EACN,QAAS,CAAE,eAAc,CAC1B,CAAC,CAMN,MAAO,CACL,MAAO,EACP,SAAU,CACR,GAAG,EAAK,SACR,UAAW,EACZ,CACF,EACD,CACL,CAAC,EACF"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@uploadista/flow-security-nodes",
   "type": "module",
-  "version": "0.0.20",
+  "version": "0.1.0",
   "description": "Security processing nodes for Uploadista Flow",
   "license": "MIT",
   "author": "Uploadista",
@@ -14,7 +14,7 @@
     }
   },
   "dependencies": {
-    "@uploadista/core": "0.0.20"
+    "@uploadista/core": "0.1.0"
   },
   "peerDependencies": {
     "effect": "^3.0.0",
@@ -22,19 +22,19 @@
   },
   "devDependencies": {
     "@effect/vitest": "0.27.0",
-    "@types/node": "24.10.4",
-    "effect": "3.19.12",
-    "tsdown": "0.18.0",
-    "vitest": "4.0.15",
-    "zod": "4.2.0",
-    "@uploadista/typescript-config": "0.0.20"
+    "@types/node": "24.10.8",
+    "effect": "3.19.14",
+    "tsdown": "0.19.0",
+    "vitest": "4.0.17",
+    "zod": "4.3.5",
+    "@uploadista/typescript-config": "0.1.0"
   },
   "scripts": {
     "build": "tsc --noEmit && tsdown",
     "format": "biome format --write ./src",
     "lint": "biome lint --write ./src",
     "check": "biome check --write ./src",
-    "test": "vitest",
+    "test": "vitest run",
     "test:run": "vitest run",
     "test:watch": "vitest watch"
   }

package/tests/scan-virus-node.test.ts

@@ -1,7 +1,7 @@
 import { describe, expect, it } from "@effect/vitest";
 import { UploadistaError } from "@uploadista/core/errors";
 import {
-  TestUploadServer,
+  TestUploadEngine,
   TestVirusScanPlugin,
 } from "@uploadista/core/testing";
 import type { UploadFile } from "@uploadista/core/types";
@@ -56,7 +56,7 @@ const createInfectedFileBytes = (): Uint8Array => {
 /**
  * Test layer combining all mocks
  */
-const TestLayer = Layer.mergeAll(TestVirusScanPlugin, TestUploadServer);
+const TestLayer = Layer.mergeAll(TestVirusScanPlugin, TestUploadEngine);
 
 describe("Scan Virus Node", () => {
   describe("Node Creation", () => {
@@ -64,6 +64,7 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-1", {
           action: "fail",
+          timeout: 60000,
         });
 
         expect(node.id).toBe("scan-1");
@@ -89,6 +90,7 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-clean", {
           action: "fail",
+          timeout: 60000,
         });
 
         const testFile = createTestUploadFile();
@@ -117,6 +119,7 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-metadata", {
           action: "fail",
+          timeout: 60000,
         });
 
         const testFile = createTestUploadFile();
@@ -147,6 +150,7 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-preserve", {
           action: "fail",
+          timeout: 60000,
         });
 
         const testFile = createTestUploadFile({
@@ -182,41 +186,43 @@ describe("Scan Virus Node", () => {
   });
 
   describe("Infected File Scanning - Fail Action", () => {
-    it.effect(
-      "should fail flow when virus detected with fail action",
-      () =>
-        Effect.gen(function* () {
-          const node = yield* createScanVirusNode("scan-fail", {
-            action: "fail",
-          });
+    it.effect("should fail flow when virus detected with fail action", () =>
+      Effect.gen(function* () {
+        const node = yield* createScanVirusNode("scan-fail", {
+          action: "fail",
+          timeout: 60000,
+        });
 
-          const testFile = createTestUploadFile();
-
-          const result = yield* Effect.either(
-            node.run({
-              data: testFile,
-              jobId: "test-job",
-              flowId: "test-flow",
-              storageId: "test-storage",
-              clientId: "test-client",
-            }),
-          );
-
-          expect(result._tag).toBe("Left");
-          if (result._tag === "Left") {
-            expect(result.left).toBeInstanceOf(UploadistaError);
-            expect(result.left.code).toBe("VIRUS_DETECTED");
-          }
-        }).pipe(Effect.provide(TestLayer)),
+        // Use file ID containing "infected" to trigger EICAR content from mock
+        const testFile = createTestUploadFile({ id: "infected-file-1" });
+
+        const result = yield* Effect.either(
+          node.run({
+            data: testFile,
+            jobId: "test-job",
+            flowId: "test-flow",
+            storageId: "test-storage",
+            clientId: "test-client",
+          }),
+        );
+
+        expect(result._tag).toBe("Left");
+        if (result._tag === "Left") {
+          expect(result.left).toBeInstanceOf(UploadistaError);
+          expect(result.left.code).toBe("VIRUS_DETECTED");
+        }
+      }).pipe(Effect.provide(TestLayer)),
     );
 
     it.effect("should include virus names in error message", () =>
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-names", {
           action: "fail",
+          timeout: 60000,
         });
 
-        const testFile = createTestUploadFile();
+        // Use file ID containing "infected" to trigger EICAR content from mock
+        const testFile = createTestUploadFile({ id: "infected-file-2" });
 
         const result = yield* Effect.either(
           node.run({
@@ -241,9 +247,11 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-details", {
           action: "fail",
+          timeout: 60000,
         });
 
-        const testFile = createTestUploadFile();
+        // Use file ID containing "infected" to trigger EICAR content from mock
+        const testFile = createTestUploadFile({ id: "infected-file-3" });
 
         const result = yield* Effect.either(
           node.run({
@@ -262,35 +270,35 @@ describe("Scan Virus Node", () => {
           expect(error.details?.scanMetadata).toBeDefined();
           expect(error.details?.scanMetadata.isClean).toBe(false);
           expect(error.details?.scanMetadata.detectedViruses).toBeDefined();
-          expect(error.details?.scanMetadata.detectedViruses.length).toBeGreaterThan(
-            0,
-          );
+          expect(
+            error.details?.scanMetadata.detectedViruses.length,
+          ).toBeGreaterThan(0);
         }
       }).pipe(Effect.provide(TestLayer)),
     );
   });
 
   describe("Infected File Scanning - Pass Action", () => {
-    it.effect(
-      "should continue flow when virus detected with pass action",
-      () =>
-        Effect.gen(function* () {
-          const node = yield* createScanVirusNode("scan-pass", {
-            action: "pass",
-          });
+    it.effect("should continue flow when virus detected with pass action", () =>
+      Effect.gen(function* () {
+        const node = yield* createScanVirusNode("scan-pass", {
+          action: "pass",
+          timeout: 60000,
+        });
 
-          const testFile = createTestUploadFile();
+        // Use file ID containing "infected" to trigger EICAR content from mock
+        const testFile = createTestUploadFile({ id: "infected-file-pass-1" });
 
-          const result = yield* node.run({
-            data: testFile,
-            jobId: "test-job",
-            flowId: "test-flow",
-            storageId: "test-storage",
-            clientId: "test-client",
-          });
+        const result = yield* node.run({
+          data: testFile,
+          jobId: "test-job",
+          flowId: "test-flow",
+          storageId: "test-storage",
+          clientId: "test-client",
+        });
 
-          expect(result.type).toBe("complete");
-        }).pipe(Effect.provide(TestLayer)),
+        expect(result.type).toBe("complete");
+      }).pipe(Effect.provide(TestLayer)),
     );
 
     it.effect(
@@ -299,9 +307,11 @@ describe("Scan Virus Node", () => {
         Effect.gen(function* () {
           const node = yield* createScanVirusNode("scan-pass-metadata", {
             action: "pass",
+            timeout: 60000,
           });
 
-          const testFile = createTestUploadFile();
+          // Use file ID containing "infected" to trigger EICAR content from mock
+          const testFile = createTestUploadFile({ id: "infected-file-pass-2" });
 
           const result = yield* node.run({
             data: testFile,
@@ -327,9 +337,11 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-pass-bytes", {
           action: "pass",
+          timeout: 60000,
         });
 
-        const testFile = createTestUploadFile();
+        // Use file ID containing "infected" to trigger EICAR content from mock
+        const testFile = createTestUploadFile({ id: "infected-file-pass-3" });
 
         const result = yield* node.run({
           data: testFile,
@@ -342,7 +354,9 @@ describe("Scan Virus Node", () => {
         expect(result.type).toBe("complete");
         if (result.type === "complete") {
           expect(result.data).toBeDefined();
-          expect(result.data.id).toBe(testFile.id);
+          // The transform creates a new upload with a new ID, but the file is processed
+          expect(result.data.id).toBeDefined();
+          expect(typeof result.data.id).toBe("string");
         }
       }).pipe(Effect.provide(TestLayer)),
     );
@@ -375,6 +389,7 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-default-timeout", {
           action: "fail",
+          timeout: 60000,
         });
 
         expect(node.id).toBe("scan-default-timeout");
@@ -398,6 +413,7 @@ describe("Scan Virus Node", () => {
       Effect.gen(function* () {
         const node = yield* createScanVirusNode("scan-version", {
           action: "fail",
+          timeout: 60000,
         });
 
         const testFile = createTestUploadFile();

package/.turbo/turbo-test.log

@@ -1,5 +0,0 @@
-
-> @uploadista/flow-security-nodes@0.0.17 test /Users/denislaboureyras/Documents/uploadista/dev/uploadista-workspace/uploadista-sdk/packages/flow/security/nodes
-> vitest
-
- ELIFECYCLE  Test failed. See above for more details.