pompelmi 0.35.5 → 1.0.0

package/package.json

@@ -1,263 +1,38 @@
 {
   "name": "pompelmi",
-  "version": "0.35.5",
-  "description": "Inspect untrusted uploads before storage in Node.js. Open-source upload security with checks for spoofing, archive abuse, risky document and binary signals, and optional YARA.",
-  "main": "./dist/pompelmi.cjs",
-  "module": "./dist/pompelmi.esm.js",
-  "type": "module",
-  "browser": {
-    "yara": false,
-    "util": false,
-    "crypto": false,
-    "os": false,
-    "path": false,
-    "unzipper": false,
-    "child_process": false
-  },
+  "version": "1.0.0",
+  "description": "ClamAV for humans — scan any file and get back Clean, Malicious, or ScanError. No daemons. No cloud. No native bindings.",
+  "license": "ISC",
+  "author": "pompelmi contributors",
+  "homepage": "https://pompelmi.app",
   "repository": {
     "type": "git",
     "url": "https://github.com/pompelmi/pompelmi.git"
   },
-  "homepage": "https://pompelmi.github.io/pompelmi/",
-  "funding": {
-    "type": "github",
-    "url": "https://github.com/sponsors/pompelmi"
-  },
-  "pnpm": {
-    "overrides": {
-      "process": "0.11.10",
-      "regjsgen": "0.8.0",
-      "fflate": "0.8.2",
-      "@tokenizer/inflate>fflate": "0.8.2",
-      "file-type>fflate": "0.8.2",
-      "regexpu-core>regjsgen": "0.8.0",
-      "@babel/helper-create-regexp-features-plugin>regjsgen": "0.8.0",
-      "vitest": "2.1.9",
-      "@vitest/coverage-v8": "2.1.9",
-      "babel-plugin-polyfill-corejs3": "^0.13.0",
-      "@types/cookies": "0.9.1",
-      "@types/koa>@types/cookies": "0.9.1",
-      "pompelmi": "workspace:*",
-      "@pompelmi/core": "workspace:*",
-      "katex": "0.16.21",
-      "react": "^19.2.0",
-      "react-dom": "^19.2.0",
-      "@types/react": "^19.2.0",
-      "@types/react-dom": "^19.2.0",
-      "esbuild@<=0.24.2": ">=0.25.0",
-      "devalue@<5.3.2": ">=5.3.2",
-      "vite@>=6.0.0 <=6.3.5": ">=6.3.6",
-      "katex@>=0.12.0 <=0.16.20": ">=0.16.21",
-      "astro@<5.14.3": ">=5.14.3",
-      "vite@>=6.0.0 <=6.4.0": ">=6.4.1",
-      "astro@>=2.16.0 <5.15.5": ">=5.15.5",
-      "js-yaml@<3.14.2": ">=3.14.2",
-      "js-yaml@>=4.0.0 <4.1.1": ">=4.1.1",
-      "glob@>=10.2.0 <10.5.0": ">=10.5.0",
-      "astro@<=5.15.6": ">=5.15.8",
-      "body-parser@>=2.2.0 <2.2.1": ">=2.2.1",
-      "astro@<5.15.9": ">=5.15.9",
-      "astro@<5.15.8": ">=5.15.8",
-      "astro@>=5.2.0 <5.15.6": ">=5.15.6",
-      "mdast-util-to-hast@>=13.0.0 <13.2.1": ">=13.2.1",
-      "next@>=16.0.0-canary.0 <16.0.7": ">=16.0.7",
-      "next@>=16.0.0-beta.0 <16.0.9": ">=16.0.9",
-      "qs@<6.14.2": ">=6.14.2",
-      "multer@<2.0.2": ">=2.0.2",
-      "@isaacs/brace-expansion@<=5.0.0": ">=5.0.1",
-      "ajv@<8.18.0": ">=8.18.0",
-      "fastify@<5.7.3": ">=5.7.3",
-      "next@>=16.0.9 <16.1.5": ">=16.1.5",
-      "preact@>=10.28.0 <10.28.2": ">=10.28.2",
-      "devalue@>=5.1.0 <5.6.2": ">=5.6.2",
-      "h3@<=1.15.4": ">=1.15.5",
-      "koa@>=2.16.2 <2.16.3": ">=2.16.3",
-      "lodash-es@>=4.0.0 <=4.17.22": ">=4.17.23",
-      "lodash@>=4.0.0 <=4.17.22": ">=4.17.23",
-      "diff@>=5.0.0 <5.2.2": ">=5.2.2"
-    }
-  },
-  "scripts": {
-    "build": "rollup -c",
-    "test": "vitest run --passWithNoTests",
-    "test:coverage": "vitest run --coverage --passWithNoTests",
-    "test:coverage:ci": "vitest run --coverage --reporter=verbose --passWithNoTests",
-    "prepublishOnly": "npm run build && npm run pack:strict",
-    "yara:node:smoke": "tsx scripts/yara-node-smoke.ts",
-    "yara:int:smoke": "tsx scripts/yara-integration-smoke.ts",
-    "dev:remote": "tsx examples/remote-yara-server.ts",
-    "docs:build": "hugo -s docs -D -d docs",
-    "predocs:deploy": "npm run docs:build",
-    "docs:deploy": "gh-pages -d docs -b gh-pages",
-    "format": "biome format --write .",
-    "format:check": "biome format .",
-    "lint": "biome ci .",
-    "lint:fix": "biome check --write .",
-    "yara:check": "node scripts/yara-quick-check-cli.mjs",
-    "build:core": "pnpm -r --filter '!./examples/*' --if-present build",
-    "preview": "npm pack --dry-run",
-    "typecheck": "tsc -p tsconfig.json --noEmit || tsc -p tsconfig.build.json --noEmit",
-    "typecheck:strict": "tsc -p tsconfig.strict.json --noEmit",
-    "smoke": "node scripts/smoke.mjs",
-    "test:e2e": "node scripts/e2e.mjs",
-    "repo:doctor": "pnpm install --frozen-lockfile && pnpm -r --if-present build && pnpm -r --if-present test && npm run -s preview || true && node scripts/smoke.mjs && node scripts/e2e.mjs || true",
-    "audit:deps": "depcheck --skip-missing true || true",
-    "audit:code": "knip --reporter compact || true",
-    "audit:exports": "ts-prune -p tsconfig.json || true",
-    "repo:audit": "node scripts/audit.mjs",
-    "pack:check": "node scripts/pack-check.mjs",
-    "pack:list": "pnpm -r --filter \"@pompelmi/*\" --if-present pack --json --dry-run",
-    "pack:strict": "node scripts/pack-check.mjs --strict",
-    "clean": "rimraf dist",
-    "mentions:find": "node scripts/find-mentions.mjs",
-    "mentions:render": "node scripts/render-mentions-readme.mjs",
-    "mentions:inject": "node scripts/inject-mentions-readme.mjs",
-    "mentions:update": "npm run mentions:find && npm run mentions:render && npm run mentions:inject"
-  },
-  "license": "MIT",
-  "devDependencies": {
-    "@biomejs/biome": "^2.2.4",
-    "@pompelmi/core": "workspace:*",
-    "@pompelmi/engine": "workspace:*",
-    "@pompelmi/engine-heuristics": "workspace:^0.2.0",
-    "@rollup/plugin-commonjs": "^29.0.2",
-    "@rollup/plugin-node-resolve": "^16.0.1",
-    "@rollup/plugin-typescript": "^12.1.4",
-    "@types/cors": "^2.8.19",
-    "@types/express": "^5.0.3",
-    "@types/multer": "^2.0.0",
-    "@types/node": "^25.5.0",
-    "@types/react": "^19.1.8",
-    "@types/unzipper": "^0.10.11",
-    "@vitest/coverage-v8": "^4",
-    "cors": "^2.8.5",
-    "depcheck": "^1.4.7",
-    "express": "^5.1.0",
-    "gh-pages": "^6.3.0",
-    "knip": "^6.1.1",
-    "multer": "^2.0.2",
-    "react": "^19.2.0",
-    "rollup": "^4.x",
-    "ts-prune": "^0.10.3",
-    "tslib": "^2.8.1",
-    "tsup": "^8",
-    "tsx": "^4.20.3",
-    "typescript": "^6.0.2",
-    "vitest": "4.1.2"
-  },
-  "peerDependencies": {
-    "react": "^18.0.0 || ^19.0.0",
-    "react-dom": "^18.0.0 || ^19.0.0"
-  },
-  "peerDependenciesMeta": {
-    "react": {
-      "optional": true
-    },
-    "react-dom": {
-      "optional": true
-    }
+  "bugs": {
+    "url": "https://github.com/pompelmi/pompelmi/issues"
   },
-  "optionalDependencies": {
-    "@litko/yara-x": "^0.2.1"
-  },
-  "exports": {
-    ".": {
-      "types": "./dist/types/index.d.ts",
-      "import": "./dist/pompelmi.esm.js",
-      "require": "./dist/pompelmi.cjs",
-      "default": "./dist/pompelmi.esm.js"
-    },
-    "./node": {
-      "types": "./dist/types/index.d.ts",
-      "import": "./dist/pompelmi.esm.js",
-      "require": "./dist/pompelmi.cjs",
-      "default": "./dist/pompelmi.esm.js"
-    },
-    "./browser": {
-      "types": "./dist/types/browser-index.d.ts",
-      "import": "./dist/pompelmi.browser.esm.js",
-      "require": "./dist/pompelmi.browser.cjs",
-      "default": "./dist/pompelmi.browser.esm.js"
-    },
-    "./react": {
-      "types": "./dist/types/react-index.d.ts",
-      "import": "./dist/pompelmi.react.esm.js",
-      "require": "./dist/pompelmi.react.cjs",
-      "default": "./dist/pompelmi.react.esm.js"
-    },
-    "./quarantine": {
-      "types": "./dist/types/quarantine/index.d.ts",
-      "import": "./dist/pompelmi.quarantine.esm.js",
-      "require": "./dist/pompelmi.quarantine.cjs",
-      "default": "./dist/pompelmi.quarantine.esm.js"
-    },
-    "./hooks": {
-      "types": "./dist/types/hooks.d.ts",
-      "import": "./dist/pompelmi.hooks.esm.js",
-      "require": "./dist/pompelmi.hooks.cjs",
-      "default": "./dist/pompelmi.hooks.esm.js"
-    },
-    "./audit": {
-      "types": "./dist/types/audit.d.ts",
-      "import": "./dist/pompelmi.audit.esm.js",
-      "require": "./dist/pompelmi.audit.cjs",
-      "default": "./dist/pompelmi.audit.esm.js"
-    },
-    "./policy-packs": {
-      "types": "./dist/types/policy-packs.d.ts",
-      "import": "./dist/pompelmi.policy-packs.esm.js",
-      "require": "./dist/pompelmi.policy-packs.cjs",
-      "default": "./dist/pompelmi.policy-packs.esm.js"
-    },
-    "./package.json": "./package.json"
-  },
-  "files": [
-    "dist/",
-    "README.md",
-    "LICENSE",
-    "package.json",
-    "CHANGELOG*"
-  ],
   "keywords": [
-    "secure-file-upload",
-    "file-upload-security",
-    "upload-security",
-    "upload-scanning",
-    "file-scanning",
-    "file-validation",
-    "malware-scanner",
-    "mime-sniffing",
-    "magic-bytes",
-    "archive-security",
-    "zip-bomb-protection",
-    "yara",
-    "yara-rules",
-    "local-first-security",
-    "self-hosted-security",
-    "nodejs-security",
-    "typescript",
-    "nodejs",
-    "express",
-    "nextjs",
-    "nestjs",
-    "fastify",
-    "koa",
-    "nuxt"
+    "clamav",
+    "antivirus",
+    "malware",
+    "virus",
+    "scan",
+    "security",
+    "file-scan"
   ],
-  "directories": {
-    "example": "examples"
-  },
-  "author": "Tommaso Bertocchi",
-  "packageManager": "pnpm@9.12.0",
-  "resolutions": {
-    "process": "0.11.10"
-  },
-  "sideEffects": false,
-  "engines": {
-    "node": ">=18"
+  "type": "commonjs",
+  "main": "./src/index.js",
+  "scripts": {
+    "test": "node --test test/unit.test.js && node test/scan.test.js",
+    "lint": "eslint src/"
   },
-  "publishConfig": {
-    "access": "public"
+  "dependencies": {
+    "cross-spawn": "^7.0.6"
   },
-  "types": "./dist/types/index.d.ts"
+  "devDependencies": {
+    "@eslint/js": "^10.0.1",
+    "eslint": "^10.2.0",
+    "globals": "^17.4.0"
+  }
 }

package/src/ClamAVDatabaseUpdater.js

@@ -0,0 +1,48 @@
+const spawn = require("cross-spawn");
+const fs = require("fs");
+const { getUpdaterCommand } = require('./InstallerCommand.js');
+const { PLATFORM } = require('./constants.js');
+const { DB_PATHS } = require('./config.js');
+
+const MESSAGES = {
+    DB_PRESENT: "Virus database already present, skipping.",
+    SUCCESS: "Database updated successfully!",
+    FAILURE: (code) => `Database update failed with exit code: ${code}`,
+    STARTING: "Downloading virus definitions...",
+    PLATFORM_NOT_SUPPORTED: "Current platform is not supported."
+};
+
+function isDatabasePresent() {
+    const dbPath = DB_PATHS[PLATFORM];
+    return dbPath ? fs.existsSync(dbPath) : false;
+}
+
+function updateClamAVDatabase() {
+    return new Promise((resolve, reject) => {
+        if (isDatabasePresent()) {
+            console.log(MESSAGES.DB_PRESENT);
+            return resolve(MESSAGES.DB_PRESENT);
+        }
+
+        const [command, args] = getUpdaterCommand(PLATFORM);
+
+        if (!command) {
+            console.log(MESSAGES.PLATFORM_NOT_SUPPORTED);
+            return resolve(MESSAGES.PLATFORM_NOT_SUPPORTED);
+        }
+
+        console.log(MESSAGES.STARTING);
+
+        const child = spawn(command, args, { stdio: 'inherit' });
+        child.on('error', (err) => reject(err));
+        child.on('close', (code) => {
+            if (code !== 0) {
+                return reject(new Error(MESSAGES.FAILURE(code)));
+            }
+            console.log(MESSAGES.SUCCESS);
+            resolve(MESSAGES.SUCCESS);
+        });
+    });
+}
+
+module.exports = { updateClamAVDatabase };

package/src/ClamAVInstaller.js

@@ -0,0 +1,49 @@
+const spawn = require("cross-spawn");
+const { execSync } = require("child_process");
+const { getInstallerCommand } = require('./InstallerCommand.js');
+const { PLATFORM } = require('./constants.js')
+
+const MESSAGES = {
+    ALREADY_INSTALLED: "ClamAV is already installed, skipping.",
+    SUCCESS: "Installation completed successfully!",
+    PLATFORM_NOT_SUPPORTED: "Current platform is not supported.",
+    FAILURE: (code) => `Installation failed with exit code: ${code}`
+};
+
+function isClamAVInstalled() {
+    const command = PLATFORM === 'win32' ? 'where clamscan' : 'which clamscan';
+    try {
+        execSync(command, { stdio: 'ignore' });
+        return true;
+    } catch {
+        return false;
+    }
+}
+
+function ClamAVInstaller() {
+    return new Promise((resolve, reject) => {
+        if (isClamAVInstalled()) {
+            console.log(MESSAGES.ALREADY_INSTALLED);
+            return resolve(MESSAGES.ALREADY_INSTALLED);
+        }
+
+        const [packageManager, packageToInstall] = getInstallerCommand(PLATFORM);
+
+        if (!packageManager) {
+            console.log(MESSAGES.PLATFORM_NOT_SUPPORTED);
+            return resolve(MESSAGES.PLATFORM_NOT_SUPPORTED);
+        }
+
+        const child = spawn(packageManager, packageToInstall, { stdio: 'inherit' });
+        child.on('error', (err) => reject(err));
+        child.on('close', (code) => {
+            if (code !== 0) {
+                return reject(new Error(MESSAGES.FAILURE(code)));
+            }
+            console.log(MESSAGES.SUCCESS);
+            resolve(MESSAGES.SUCCESS);
+        });
+    });
+}
+
+module.exports = { ClamAVInstaller};

package/src/ClamAVScanner.js

@@ -0,0 +1,31 @@
+const spawn = require("cross-spawn");
+const fs = require("fs");
+const { SCAN_RESULTS } = require('./config.js');
+
+const MESSAGES = {
+    FILE_NOT_FOUND:        (filePath) => `File not found: ${filePath}`,
+    UNEXPECTED_EXIT_CODE:  (code)     => `Unexpected exit code: ${code}`,
+    PROCESS_KILLED:        (signal)   => `Process killed by signal: ${signal}`,
+};
+
+function scan(filePath) {
+    return new Promise((resolve, reject) => {
+        if (typeof filePath !== 'string') {
+            return reject(new Error('filePath must be a string'));
+        }
+        if (!fs.existsSync(filePath)) {
+            return reject(new Error(MESSAGES.FILE_NOT_FOUND(filePath)));
+        }
+
+        const child = spawn('clamscan', ['--no-summary', filePath]);
+        child.on('error', (err) => reject(err));
+        child.on('close', (code, signal) => {
+            if (code === null) return reject(new Error(MESSAGES.PROCESS_KILLED(signal)));
+            const result = SCAN_RESULTS[code];
+            if (!result) return reject(new Error(MESSAGES.UNEXPECTED_EXIT_CODE(code)));
+            resolve(result);
+        });
+    });
+}
+
+module.exports = { scan };

package/src/InstallerCommand.js

@@ -0,0 +1,11 @@
+const { INSTALLER_COMMANDS, UPDATER_COMMANDS } = require('./config.js');
+
+function getInstallerCommand(platform) {
+    return INSTALLER_COMMANDS[platform] ?? [null, []];
+}
+
+function getUpdaterCommand(platform) {
+    return UPDATER_COMMANDS[platform] ?? [null, []];
+}
+
+module.exports = { getInstallerCommand, getUpdaterCommand };

package/src/config.js

@@ -0,0 +1,22 @@
+module.exports = Object.freeze({
+    INSTALLER_COMMANDS: Object.freeze({
+        win32:  ['choco',  ['install', 'clamav', '-y']],
+        darwin: ['brew',   ['install', 'clamav']],
+        linux:  ['sudo',   ['apt-get', 'install', '-y', 'clamav', 'clamav-daemon']],
+    }),
+    UPDATER_COMMANDS: Object.freeze({
+        win32:  ['freshclam', []],
+        darwin: ['freshclam', []],
+        linux:  ['sudo',      ['freshclam']],
+    }),
+    DB_PATHS: Object.freeze({
+        darwin: '/usr/local/share/clamav/main.cvd',
+        linux:  '/var/lib/clamav/main.cvd',
+        win32:  'C:\\ProgramData\\ClamAV\\main.cvd',
+    }),
+    SCAN_RESULTS: Object.freeze({
+        0: 'Clean',
+        1: 'Malicious',
+        2: 'ScanError'
+    }),
+});

package/src/constants.js

@@ -0,0 +1,3 @@
+module.exports = Object.freeze({
+    PLATFORM: process.platform
+});

package/src/index.js

@@ -0,0 +1,5 @@
+const { scan } = require('./ClamAVScanner.js');
+
+const pompelmi = { scan };
+
+module.exports = pompelmi;

package/CHANGELOG.md

@@ -1,71 +0,0 @@
-# Changelog
-
-All notable changes to this project will be documented in this file.
-
-The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
-and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-
-## Unreleased (main)
-
-### Highlights
-
-- Fixed `@pompelmi/fastify-plugin` multipart dependency wiring and removed an unnecessary promise hop.
-- Refined the root README layout for faster first-run onboarding and clearer repo entry points.
-- Refreshed README badges and demo media so the public repo surface is easier to scan quickly.
-- Added verified mention badges to strengthen the top-level trust signals around adoption.
-- Tightened onboarding copy across the repo surfaces to make the docs-and-examples path easier to follow.
-
-### Notes
-
-This section summarizes changes since the last tag: `v0.34.8`.
-Post-tag activity is currently limited, so the highlights above also surface the most recent user-visible commits from the current `v0.34.x` line for context.
-For full details, see GitHub Releases / tag diffs.
-
-## [0.27.1] - 2026-01-26
-
-### Security
-- 🔐 **Critical Security Fixes**: Fixed 89 vulnerabilities (6 critical, 36 high, 35 moderate, 12 low)
-- 🔐 **Dependency Updates**: Updated 26 package overrides including esbuild, vite, astro, next, body-parser, qs, lodash
-- 🔐 **CVE Fixes**: Patched multiple CVEs in dependencies
-
-### Fixed
-- 🐛 Fixed GitHub Actions workflow with correct pnpm/action-setup SHA
-- 🐛 Resolved CI/CD pipeline execution errors
-
-## [0.27.0] - 2026-01-26
-
-### Added
-- 🚀 **Enhanced Performance Monitoring**: Added detailed performance metrics tracking for scan operations
-- 🔒 **Advanced Threat Detection**: Improved heuristics engine with better polyglot file detection
-- 📊 **Scan Statistics API**: New utility functions to aggregate and analyze scan results
-- 🛡️ **Enhanced ZIP Bomb Protection**: Improved nested archive detection with configurable depth limits
-- 🔍 **Content Analysis**: Advanced content inspection for embedded scripts and obfuscated code
-- 📝 **Better TypeScript Types**: Enhanced type definitions for improved developer experience
-- ⚡ **Async Performance**: Optimized async operations for better throughput
-- 🎯 **Scan Context Enrichment**: Enhanced metadata collection during file scanning
-
-### Improved
-- 🔧 **Error Handling**: More descriptive error messages with actionable suggestions
-- 📈 **Memory Efficiency**: Reduced memory footprint for large file operations
-- 🚦 **CI/CD Pipeline**: Enhanced GitHub Actions workflows with better caching
-- 📚 **Documentation**: Updated examples and API documentation
-- 🧪 **Test Coverage**: Added comprehensive test cases for new features
-
-### Fixed
-- 🐛 Fixed edge cases in MIME type detection
-- 🐛 Resolved memory leaks in stream processing
-- 🐛 Corrected verdict mapping for multi-threaded scenarios
-
-### Security
-- 🔐 Updated dependencies to patch known vulnerabilities
-- 🔐 Enhanced input validation for all public APIs
-- 🔐 Improved sanitization for file metadata
-
-## [0.26.0] - 2025-12-15
-
-### Added
-- Initial stable release with core scanning functionality
-- YARA integration support
-- ZIP bomb protection
-- Framework adapters (Express, Koa, Fastify, Next.js)
-- Browser and Node.js support

package/dist/pompelmi.audit.cjs

@@ -1,128 +0,0 @@
-'use strict';
-
-var fs = require('fs');
-
-function _interopNamespaceDefault(e) {
-    var n = Object.create(null);
-    if (e) {
-        Object.keys(e).forEach(function (k) {
-            if (k !== 'default') {
-                var d = Object.getOwnPropertyDescriptor(e, k);
-                Object.defineProperty(n, k, d.get ? d : {
-                    enumerable: true,
-                    get: function () { return e[k]; }
-                });
-            }
-        });
-    }
-    n.default = e;
-    return Object.freeze(n);
-}
-
-var fs__namespace = /*#__PURE__*/_interopNamespaceDefault(fs);
-
-/**
- * Audit trail for Pompelmi scan and quarantine events.
- *
- * Produces structured, append-only audit records suitable for:
- *   - compliance logging (HIPAA, SOC 2, ISO 27001)
- *   - SIEM ingestion
- *   - operational dashboards
- *   - incident response
- *
- * Usage:
- * ```ts
- * import { AuditTrail } from 'pompelmi/audit';
- *
- * const audit = new AuditTrail({ dest: 'file', path: './audit.jsonl' });
- * audit.logScanComplete({ filename: 'upload.zip', verdict: 'suspicious', ... });
- * audit.logQuarantine({ entryId: '...', sha256: '...', ... });
- * ```
- *
- * @module audit
- */
-// ── AuditTrail ────────────────────────────────────────────────────────────────
-class AuditTrail {
-    constructor(options = {}) {
-        this.options = {
-            output: options.output ?? { dest: "console" },
-            pretty: options.pretty ?? false,
-        };
-    }
-    /** Log a completed scan. */
-    logScanComplete(report, extra) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: report.verdict !== "clean" ? "threat.detected" : "scan.complete",
-            verdict: report.verdict,
-            matchCount: report.matches?.length ?? 0,
-            durationMs: report.durationMs,
-            engine: report.engine,
-            mimeType: report.file?.mimeType,
-            ...extra,
-        };
-        void this.write(record);
-    }
-    /** Log a scan error. */
-    logScanError(error, extra) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: "scan.error",
-            verdict: "clean", // unknown at this point
-            matchCount: 0,
-            error: error instanceof Error ? error.message : String(error),
-            ...extra,
-        };
-        void this.write(record);
-    }
-    /** Log a new quarantine entry. */
-    logQuarantine(entry, correlationId) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: "quarantine.created",
-            quarantineId: entry.id,
-            filename: entry.file.originalName,
-            sha256: entry.file.sha256,
-            uploadedBy: entry.file.uploadedBy,
-            correlationId,
-        };
-        void this.write(record);
-    }
-    /** Log a quarantine resolution (promote or delete). */
-    logQuarantineResolved(entry, correlationId) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: entry.status === "deleted" ? "quarantine.deleted" : "quarantine.resolved",
-            quarantineId: entry.id,
-            filename: entry.file.originalName,
-            sha256: entry.file.sha256,
-            decision: entry.status === "promoted" ? "promote" : "delete",
-            reviewedBy: entry.reviewedBy,
-            reviewNote: entry.reviewNote,
-            correlationId,
-        };
-        void this.write(record);
-    }
-    async write(record) {
-        const line = this.options.pretty ? JSON.stringify(record, null, 2) : JSON.stringify(record);
-        const { output } = this.options;
-        try {
-            if (output.dest === "console") {
-                process.stdout.write(line + "\n");
-            }
-            else if (output.dest === "file") {
-                // Append a newline-delimited JSON (NDJSON) record.
-                await fs__namespace.promises.appendFile(output.path, line + "\n", "utf8");
-            }
-            else if (output.dest === "custom") {
-                await output.write(record);
-            }
-        }
-        catch {
-            // Audit failures must never interrupt the upload pipeline.
-        }
-    }
-}
-
-exports.AuditTrail = AuditTrail;
-//# sourceMappingURL=pompelmi.audit.cjs.map