pompelmi 0.22.0 → 0.23.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +71 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -108,6 +108,7 @@
|
|
|
108
108
|
- [Express](#express)
|
|
109
109
|
- [Koa](#koa)
|
|
110
110
|
- [Next.js (App Router)](#nextjs-app-router)
|
|
111
|
+
- [CLI Tool](#cli-tool)
|
|
111
112
|
- [Configuration](#configuration)
|
|
112
113
|
- [Security Notes](#security-notes)
|
|
113
114
|
- [Testing & Development](#testing--development)
|
|
@@ -390,6 +391,76 @@ export const POST = createNextUploadHandler({ ...policy, scanner });
|
|
|
390
391
|
|
|
391
392
|
---
|
|
392
393
|
|
|
394
|
+
## 🖥️ CLI Tool
|
|
395
|
+
|
|
396
|
+
**pompelmi** includes a modern command-line interface for scanning files directly from your terminal. Perfect for CI/CD pipelines, security audits, and local development.
|
|
397
|
+
|
|
398
|
+
### Installation
|
|
399
|
+
|
|
400
|
+
```bash
|
|
401
|
+
# Install globally
|
|
402
|
+
npm install -g @pompelmi/cli
|
|
403
|
+
|
|
404
|
+
# Or use with npx
|
|
405
|
+
npx @pompelmi/cli scan file.pdf
|
|
406
|
+
```
|
|
407
|
+
|
|
408
|
+
### Features
|
|
409
|
+
|
|
410
|
+
🎨 **Modern Terminal UI** — Emoji-rich interface with progress indicators
|
|
411
|
+
⚡ **Fast Scanning** — Parallel file processing with real-time feedback
|
|
412
|
+
📊 **Detailed Reports** — Human-readable scan summaries with timing
|
|
413
|
+
🎯 **Smart Detection** — Built-in heuristics for common threats
|
|
414
|
+
🛡️ **Safe Defaults** — ZIP bomb protection and file size limits
|
|
415
|
+
|
|
416
|
+
### Usage
|
|
417
|
+
|
|
418
|
+
```bash
|
|
419
|
+
# Scan a single file
|
|
420
|
+
pompelmi scan document.pdf
|
|
421
|
+
|
|
422
|
+
# Scan a directory with progress
|
|
423
|
+
pompelmi scan-dir ./uploads
|
|
424
|
+
|
|
425
|
+
# Watch directory for changes
|
|
426
|
+
pompelmi watch ./uploads
|
|
427
|
+
|
|
428
|
+
# Get help
|
|
429
|
+
pompelmi --help
|
|
430
|
+
```
|
|
431
|
+
|
|
432
|
+
### Example Output
|
|
433
|
+
|
|
434
|
+
```
|
|
435
|
+
🛡️ Pompelmi Security Scanner v0.23.0
|
|
436
|
+
|
|
437
|
+
📁 Scanning: document.pdf
|
|
438
|
+
🔍 Checking file safety...
|
|
439
|
+
✅ File passed all security checks
|
|
440
|
+
|
|
441
|
+
📊 Scan Summary (0.1s)
|
|
442
|
+
• Files scanned: 1
|
|
443
|
+
• Clean: 1 ✅
|
|
444
|
+
• Suspicious: 0 ⚠️
|
|
445
|
+
• Malicious: 0 ❌
|
|
446
|
+
```
|
|
447
|
+
|
|
448
|
+
### CI/CD Integration
|
|
449
|
+
|
|
450
|
+
Use the CLI in your build pipelines:
|
|
451
|
+
|
|
452
|
+
```yaml
|
|
453
|
+
# GitHub Actions
|
|
454
|
+
- name: Security Scan
|
|
455
|
+
run: npx @pompelmi/cli scan-dir ./dist
|
|
456
|
+
|
|
457
|
+
# GitLab CI
|
|
458
|
+
script:
|
|
459
|
+
- npx @pompelmi/cli scan build.zip
|
|
460
|
+
```
|
|
461
|
+
|
|
462
|
+
---
|
|
463
|
+
|
|
393
464
|
## 🤖 GitHub Action
|
|
394
465
|
|
|
395
466
|
Run **pompelmi** in CI to scan repository files or built artifacts.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pompelmi",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.23.0",
|
|
4
4
|
"description": "RFI-safe file uploads for Node.js — Express/Koa/Next.js middleware with deep ZIP inspection, MIME/size checks, and optional YARA scanning.",
|
|
5
5
|
"main": "./dist/pompelmi.cjs",
|
|
6
6
|
"module": "./dist/pompelmi.esm.js",
|