pompelmi 0.30.1 → 0.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +78 -134
  2. package/package.json +10 -2
package/README.md CHANGED
@@ -89,7 +89,7 @@
89
89
  <strong>
90
90
  <a href="https://pompelmi.github.io/pompelmi/">📚 Documentation</a> •
91
91
  <a href="#-installation">💾 Install</a> •
92
- <a href="#-quick-start">⚡ Quick Start</a> •
92
+ <a href="#-quickstart">⚡ Quickstart</a> •
93
93
  <a href="#-adapters">🧩 Adapters</a> •
94
94
  <a href="#-yara-getting-started">🧬 YARA</a> •
95
95
  <a href="#-github-action">🤖 CI/CD</a>
@@ -102,6 +102,37 @@
102
102
 
103
103
  ---
104
104
 
105
+ ## 📦 Installation
106
+
107
+ ```bash
108
+ npm install pompelmi
109
+ ```
110
+
111
+ > Node.js 18+ required. No daemon, no cloud API keys, no configuration files needed to get started.
112
+
113
+ ---
114
+
115
+ ## ⚡ Quickstart
116
+
117
+ Scan a file and act on the result in three lines:
118
+
119
+ ```ts
120
+ import { scanFile } from 'pompelmi';
121
+
122
+ const result = await scanFile('path/to/upload.pdf');
123
+ // result.verdict → "clean" | "suspicious" | "malicious"
124
+
125
+ if (result.verdict !== 'clean') {
126
+ console.error('Blocked:', result.verdict, result.reasons);
127
+ } else {
128
+ console.log('Safe to process.');
129
+ }
130
+ ```
131
+
132
+ That's it. No server required, no framework dependency — works standalone in any Node.js script or service.
133
+
134
+ ---
135
+
105
136
  ## 🎬 Demo
106
137
 
107
138
  ![Pompelmi Demo](./assets/malware-detection-node-demo.gif)
@@ -131,78 +162,29 @@ npm i pompelmi @pompelmi/express-middleware
131
162
 
132
163
  ---
133
164
 
134
- ## ⚡ Quick Start
135
-
136
- Get secure file upload scanning running in **under 5 minutes**.
137
-
138
- ### Express Integration
139
-
140
- ```ts
141
- import express from 'express';
142
- import multer from 'multer';
143
- import { createUploadGuard } from '@pompelmi/express-middleware';
144
- import { CommonHeuristicsScanner, createZipBombGuard, composeScanners } from 'pompelmi';
145
-
146
- const app = express();
147
- const upload = multer({ storage: multer.memoryStorage() });
148
-
149
- // Configure your security policy
150
- const scanner = composeScanners(
151
- [
152
- ['zipGuard', createZipBombGuard({ maxEntries: 512, maxCompressionRatio: 12 })],
153
- ['heuristics', CommonHeuristicsScanner],
154
- ],
155
- { parallel: false, stopOn: 'suspicious', timeoutMsPerScanner: 1500 }
156
- );
157
-
158
- app.post('/upload',
159
- upload.single('file'),
160
- createUploadGuard({
161
- includeExtensions: ['pdf', 'zip', 'png', 'jpg'],
162
- allowedMimeTypes: ['application/pdf', 'application/zip', 'image/png', 'image/jpeg'],
163
- maxFileSizeBytes: 20 * 1024 * 1024, // 20MB
164
- scanner,
165
- failClosed: true
166
- }),
167
- (req, res) => {
168
- // File is safe - proceed with your logic
169
- res.json({ success: true, message: 'File uploaded successfully' });
170
- }
171
- );
172
-
173
- app.listen(3000, () => console.log('🚀 Server running on http://localhost:3000'));
174
- ```
175
-
176
- **Test it:**
177
- ```bash
178
- curl -X POST http://localhost:3000/upload -F "file=@test.pdf"
179
- ```
180
-
181
- ✅ **Done!** Your app now blocks malicious uploads before they hit disk.
182
-
183
- 👉 **[Explore full documentation →](https://pompelmi.github.io/pompelmi/)** | **[See more examples →](./examples/)**
184
-
185
- ---
186
-
187
165
  ## Table of Contents
188
166
 
189
- - [Features](#features)
190
- - [Quick Start](#quick-start)
191
- - [Why pompelmi](#why-pompelmi)
192
- - [Use Cases](#use-cases)
193
- - [Installation](#installation)
194
- - [Getting Started](#getting-started)
195
- - [Code Examples](#code-examples)
196
- - [Adapters](#adapters)
197
- - [GitHub Action](#github-action)
198
- - [Configuration](#configuration)
199
- - [YARA Getting Started](#yara-getting-started)
200
- - [Security Notes](#security-notes)
201
- - [Production Checklist](#production-checklist)
202
- - [Community & Recognition](#community--recognition)
203
- - [FAQ](#faq)
204
- - [Contributing](#contributing)
205
- - [License](#license)
167
+ - [Installation](#-installation)
168
+ - [Quickstart](#-quickstart)
169
+ - [Demo](#-demo)
170
+ - [Features](#-features)
171
+ - [Why pompelmi?](#-why-pompelmi)
172
+ - [Use Cases](#-use-cases)
173
+ - [Getting Started](#-getting-started)
174
+ - [Code Examples](#-code-examples)
175
+ - [Adapters](#-adapters)
176
+ - [GitHub Action](#-github-action)
177
+ - [Diagrams](#️-diagrams)
178
+ - [Configuration](#️-configuration)
179
+ - [Production Checklist](#-production-checklist)
180
+ - [YARA Getting Started](#-yara-getting-started)
181
+ - [Security Notes](#-security-notes)
182
+ - [Releases & Security](#-releases--security)
183
+ - [Community & Recognition](#-community--recognition)
184
+ - [FAQ](#-faq)
185
+ - [Tests & Coverage](#-tests--coverage)
186
+ - [Contributing](#-contributing)
187
+ - [License](#-license)
206
188
 
207
189
  ---
208
190
 
@@ -299,71 +281,11 @@ Validate user-generated content uploads (images, videos, documents) before proce
299
281
 
300
282
  ---
301
283
 
302
- ## 📦 Installation
303
-
304
- **pompelmi** is a privacy-first Node.js library for local file scanning.
305
-
306
- **Requirements:**
307
- - Node.js 18+
308
- - Optional: ClamAV binaries (for signature-based scanning)
309
- - Optional: YARA libraries (for custom rules)
310
-
311
- <table>
312
- <tr>
313
- <td><b>npm</b></td>
314
- <td><code>npm install pompelmi</code></td>
315
- </tr>
316
- <tr>
317
- <td><b>pnpm</b></td>
318
- <td><code>pnpm add pompelmi</code></td>
319
- </tr>
320
- <tr>
321
- <td><b>yarn</b></td>
322
- <td><code>yarn add pompelmi</code></td>
323
- </tr>
324
- <tr>
325
- <td><b>bun</b></td>
326
- <td><code>bun add pompelmi</code></td>
327
- </tr>
328
- </table>
329
-
330
- #### 📦 Framework Adapters
331
-
332
- ```bash
333
- # Express
334
- npm i @pompelmi/express-middleware
335
-
336
- # Koa
337
- npm i @pompelmi/koa-middleware
338
-
339
- # Next.js
340
- npm i @pompelmi/next-upload
341
-
342
- # NestJS
343
- npm i @pompelmi/nestjs-integration
344
-
345
- # Fastify (alpha)
346
- npm i @pompelmi/fastify-plugin
347
-
348
- # Standalone CLI
349
- npm i -g @pompelmi/cli
350
- ```
351
-
352
- > **Note:** Core library works standalone. Install adapters only if using specific frameworks.
353
-
354
- ---
355
-
356
284
  ## 🚀 Getting Started
357
285
 
358
286
  Get secure file scanning running in under 5 minutes with pompelmi's zero-config defaults.
359
287
 
360
- ### Step 1: Install
361
-
362
- ```bash
363
- npm install pompelmi
364
- ```
365
-
366
- ### Step 2: Create Security Policy
288
+ ### Step 1: Create Security Policy
367
289
 
368
290
  Create a reusable security policy and scanner configuration:
369
291
 
@@ -400,7 +322,7 @@ export const scanner = composeScanners(
400
322
  );
401
323
  ```
402
324
 
403
- ### Step 3: Choose Your Integration
325
+ ### Step 2: Choose Your Integration
404
326
 
405
327
  Pick the integration that matches your framework:
406
328
 
@@ -491,7 +413,7 @@ if (result.verdict === 'malicious') {
491
413
  }
492
414
  ```
493
415
 
494
- ### Step 4: Test It
416
+ ### Step 3: Test It
495
417
 
496
418
  Upload a test file to verify everything works:
497
419
 
@@ -694,6 +616,28 @@ Use the adapter that matches your web framework. All adapters share the same pol
694
616
  | **SvelteKit** | - | 🔜 Planned | Coming soon |
695
617
  | **hapi** | - | 🔜 Planned | Coming soon |
696
618
 
619
+ ```bash
620
+ # Express
621
+ npm i @pompelmi/express-middleware
622
+
623
+ # Koa
624
+ npm i @pompelmi/koa-middleware
625
+
626
+ # Next.js
627
+ npm i @pompelmi/next-upload
628
+
629
+ # NestJS
630
+ npm i @pompelmi/nestjs-integration
631
+
632
+ # Fastify (alpha)
633
+ npm i @pompelmi/fastify-plugin
634
+
635
+ # Standalone CLI
636
+ npm i -g @pompelmi/cli
637
+ ```
638
+
639
+ > **Note:** Core library works standalone. Install adapters only if using a specific framework.
640
+
697
641
  See the [📘 Code Examples](#-code-examples) section above for integration examples.
698
642
 
699
643
  👉 **[View adapter documentation →](https://pompelmi.github.io/pompelmi/)** | **[Browse all examples →](./examples/)**
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "pompelmi",
3
- "version": "0.30.1",
3
+ "version": "0.31.0",
4
4
  "description": "Fast, private malware scanner for Node.js file uploads. TypeScript-first library with Express, Koa, Fastify, Next.js & Nuxt/Nitro adapters. Features deep ZIP inspection, YARA integration, ZIP bomb protection, and real-time threat detection. Zero cloud dependencies - scan files in-process before they hit disk. Perfect for GDPR/HIPAA compliance.",
5
5
  "main": "./dist/pompelmi.cjs",
6
6
  "module": "./dist/pompelmi.esm.js",
@@ -57,7 +57,12 @@
57
57
  "mdast-util-to-hast@>=13.0.0 <13.2.1": ">=13.2.1",
58
58
  "next@>=16.0.0-canary.0 <16.0.7": ">=16.0.7",
59
59
  "next@>=16.0.0-beta.0 <16.0.9": ">=16.0.9",
60
- "qs@<6.14.1": ">=6.14.1",
60
+ "qs@<6.14.2": ">=6.14.2",
61
+ "multer@<2.0.2": ">=2.0.2",
62
+ "@isaacs/brace-expansion@<=5.0.0": ">=5.0.1",
63
+ "ajv@<8.18.0": ">=8.18.0",
64
+ "fastify@<5.7.3": ">=5.7.3",
65
+ "next@>=16.0.9 <16.1.5": ">=16.1.5",
61
66
  "preact@>=10.28.0 <10.28.2": ">=10.28.2",
62
67
  "devalue@>=5.1.0 <5.6.2": ">=5.6.2",
63
68
  "h3@<=1.15.4": ">=1.15.5",
@@ -69,6 +74,9 @@
69
74
  },
70
75
  "scripts": {
71
76
  "build": "rollup -c",
77
+ "test": "vitest run --passWithNoTests",
78
+ "test:coverage": "vitest run --coverage --passWithNoTests",
79
+ "test:coverage:ci": "vitest run --coverage --reporter=verbose --passWithNoTests",
72
80
  "prepublishOnly": "npm run build && npm run pack:strict",
73
81
  "yara:node:smoke": "tsx scripts/yara-node-smoke.ts",
74
82
  "yara:int:smoke": "tsx scripts/yara-integration-smoke.ts",