pompelmi 0.31.0 → 0.32.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -1
- package/dist/pompelmi.cjs +90 -1
- package/dist/pompelmi.cjs.map +1 -1
- package/dist/pompelmi.esm.js +90 -1
- package/dist/pompelmi.esm.js.map +1 -1
- package/dist/types/index.d.ts +1 -1
- package/dist/types/presets.d.ts +55 -2
- package/dist/types/types.d.ts +1 -1
- package/package.json +1 -1
package/dist/types/index.d.ts
CHANGED
|
@@ -9,7 +9,7 @@ export { mapMatchesToVerdict } from './verdict';
|
|
|
9
9
|
export { CommonHeuristicsScanner } from './scanners/common-heuristics';
|
|
10
10
|
export { createZipBombGuard } from './scanners/zip-bomb-guard';
|
|
11
11
|
export { definePolicy, DEFAULT_POLICY } from './policy';
|
|
12
|
-
export { createPresetScanner, composeScanners, type PresetName, type PresetOptions } from './presets';
|
|
12
|
+
export { createPresetScanner, composeScanners, type PresetName, type PresetOptions, type NamedScanner, type ComposeScannerOptions } from './presets';
|
|
13
13
|
export { scanBytes, scanFile, type ScanOptions } from './scan';
|
|
14
14
|
export * from "./presets";
|
|
15
15
|
export { PerformanceTracker, aggregateScanStats, type PerformanceMetrics, type ScanStatistics, } from './utils/performance-metrics';
|
package/dist/types/presets.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { Scanner, AnalysisDepth } from "./types";
|
|
1
|
+
import type { Scanner, ScanFn, Verdict, AnalysisDepth } from "./types";
|
|
2
2
|
export type PresetName = 'basic' | 'advanced' | 'malware-analysis' | 'decompilation-basic' | 'decompilation-deep' | string;
|
|
3
3
|
export interface PresetOptions {
|
|
4
4
|
yaraRules?: string | string[];
|
|
@@ -14,6 +14,59 @@ export interface PresetOptions {
|
|
|
14
14
|
timeout?: number;
|
|
15
15
|
[key: string]: unknown;
|
|
16
16
|
}
|
|
17
|
-
|
|
17
|
+
/**
|
|
18
|
+
* A named scanner entry used with the array form of `composeScanners`.
|
|
19
|
+
* The first element is a display name for the scanner (used when
|
|
20
|
+
* `tagSourceName: true`), and the second element is the scanner itself.
|
|
21
|
+
*
|
|
22
|
+
* @example
|
|
23
|
+
* const entry: NamedScanner = ['zipGuard', createZipBombGuard({ ... })];
|
|
24
|
+
*/
|
|
25
|
+
export type NamedScanner = [name: string, scanner: Scanner];
|
|
26
|
+
/**
|
|
27
|
+
* Options for `composeScanners` when using the named-scanner array form.
|
|
28
|
+
*/
|
|
29
|
+
export interface ComposeScannerOptions {
|
|
30
|
+
/**
|
|
31
|
+
* When `true` scanners run concurrently (Promise.all).
|
|
32
|
+
* When `false` (default) they run sequentially in order.
|
|
33
|
+
*/
|
|
34
|
+
parallel?: boolean;
|
|
35
|
+
/**
|
|
36
|
+
* Stop scanning as soon as a match at this severity level (or higher) is
|
|
37
|
+
* found. Severity order: `'malicious'` > `'suspicious'` > `'clean'`.
|
|
38
|
+
* Only effective when `parallel` is `false`.
|
|
39
|
+
*/
|
|
40
|
+
stopOn?: Verdict;
|
|
41
|
+
/** Maximum time in milliseconds to wait for each individual scanner. */
|
|
42
|
+
timeoutMsPerScanner?: number;
|
|
43
|
+
/**
|
|
44
|
+
* When `true`, each match is tagged with the scanner's display name via
|
|
45
|
+
* `match.meta._sourceName`. Useful for tracing which scanner produced a
|
|
46
|
+
* given result.
|
|
47
|
+
*/
|
|
48
|
+
tagSourceName?: boolean;
|
|
49
|
+
}
|
|
50
|
+
/**
|
|
51
|
+
* Compose multiple scanners into a single scanner.
|
|
52
|
+
*
|
|
53
|
+
* **Named-scanner array form** (recommended — matches the README examples):
|
|
54
|
+
* ```ts
|
|
55
|
+
* const scanner = composeScanners(
|
|
56
|
+
* [
|
|
57
|
+
* ['zipGuard', createZipBombGuard({ maxEntries: 512, maxCompressionRatio: 12 })],
|
|
58
|
+
* ['heuristics', CommonHeuristicsScanner],
|
|
59
|
+
* ],
|
|
60
|
+
* { parallel: false, stopOn: 'malicious', timeoutMsPerScanner: 5000, tagSourceName: true }
|
|
61
|
+
* );
|
|
62
|
+
* ```
|
|
63
|
+
*
|
|
64
|
+
* **Variadic form** (backward-compatible):
|
|
65
|
+
* ```ts
|
|
66
|
+
* const scanner = composeScanners(scannerA, scannerB, scannerC);
|
|
67
|
+
* ```
|
|
68
|
+
*/
|
|
69
|
+
export declare function composeScanners(namedScanners: NamedScanner[], opts?: ComposeScannerOptions): ScanFn;
|
|
70
|
+
export declare function composeScanners(...scanners: Scanner[]): ScanFn;
|
|
18
71
|
export declare function createPresetScanner(preset: PresetName, opts?: PresetOptions): Scanner;
|
|
19
72
|
export declare const PRESET_CONFIGS: Record<string, PresetOptions>;
|
package/dist/types/types.d.ts
CHANGED
|
@@ -10,7 +10,7 @@ export * from './types/decompilation';
|
|
|
10
10
|
export * from './hipaa-compliance';
|
|
11
11
|
export interface Match {
|
|
12
12
|
rule: string;
|
|
13
|
-
severity?: 'low' | 'medium' | 'high' | 'critical' | 'suspicious';
|
|
13
|
+
severity?: 'info' | 'low' | 'medium' | 'high' | 'critical' | 'suspicious' | 'malicious';
|
|
14
14
|
meta?: Record<string, unknown>;
|
|
15
15
|
}
|
|
16
16
|
export interface FileInfo {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pompelmi",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.32.0",
|
|
4
4
|
"description": "Fast, private malware scanner for Node.js file uploads. TypeScript-first library with Express, Koa, Fastify, Next.js & Nuxt/Nitro adapters. Features deep ZIP inspection, YARA integration, ZIP bomb protection, and real-time threat detection. Zero cloud dependencies - scan files in-process before they hit disk. Perfect for GDPR/HIPAA compliance.",
|
|
5
5
|
"main": "./dist/pompelmi.cjs",
|
|
6
6
|
"module": "./dist/pompelmi.esm.js",
|