pompelmi 0.35.5 → 1.1.0

package/package.json

@@ -1,263 +1,38 @@
 {
   "name": "pompelmi",
-  "version": "0.35.5",
-  "description": "Inspect untrusted uploads before storage in Node.js. Open-source upload security with checks for spoofing, archive abuse, risky document and binary signals, and optional YARA.",
-  "main": "./dist/pompelmi.cjs",
-  "module": "./dist/pompelmi.esm.js",
-  "type": "module",
-  "browser": {
-    "yara": false,
-    "util": false,
-    "crypto": false,
-    "os": false,
-    "path": false,
-    "unzipper": false,
-    "child_process": false
-  },
+  "version": "1.1.0",
+  "description": "ClamAV for humans — scan any file and get back Clean, Malicious, or ScanError. No daemons. No cloud. No native bindings.",
+  "license": "ISC",
+  "author": "pompelmi contributors",
+  "homepage": "https://pompelmi.app",
   "repository": {
     "type": "git",
     "url": "https://github.com/pompelmi/pompelmi.git"
   },
-  "homepage": "https://pompelmi.github.io/pompelmi/",
-  "funding": {
-    "type": "github",
-    "url": "https://github.com/sponsors/pompelmi"
-  },
-  "pnpm": {
-    "overrides": {
-      "process": "0.11.10",
-      "regjsgen": "0.8.0",
-      "fflate": "0.8.2",
-      "@tokenizer/inflate>fflate": "0.8.2",
-      "file-type>fflate": "0.8.2",
-      "regexpu-core>regjsgen": "0.8.0",
-      "@babel/helper-create-regexp-features-plugin>regjsgen": "0.8.0",
-      "vitest": "2.1.9",
-      "@vitest/coverage-v8": "2.1.9",
-      "babel-plugin-polyfill-corejs3": "^0.13.0",
-      "@types/cookies": "0.9.1",
-      "@types/koa>@types/cookies": "0.9.1",
-      "pompelmi": "workspace:*",
-      "@pompelmi/core": "workspace:*",
-      "katex": "0.16.21",
-      "react": "^19.2.0",
-      "react-dom": "^19.2.0",
-      "@types/react": "^19.2.0",
-      "@types/react-dom": "^19.2.0",
-      "esbuild@<=0.24.2": ">=0.25.0",
-      "devalue@<5.3.2": ">=5.3.2",
-      "vite@>=6.0.0 <=6.3.5": ">=6.3.6",
-      "katex@>=0.12.0 <=0.16.20": ">=0.16.21",
-      "astro@<5.14.3": ">=5.14.3",
-      "vite@>=6.0.0 <=6.4.0": ">=6.4.1",
-      "astro@>=2.16.0 <5.15.5": ">=5.15.5",
-      "js-yaml@<3.14.2": ">=3.14.2",
-      "js-yaml@>=4.0.0 <4.1.1": ">=4.1.1",
-      "glob@>=10.2.0 <10.5.0": ">=10.5.0",
-      "astro@<=5.15.6": ">=5.15.8",
-      "body-parser@>=2.2.0 <2.2.1": ">=2.2.1",
-      "astro@<5.15.9": ">=5.15.9",
-      "astro@<5.15.8": ">=5.15.8",
-      "astro@>=5.2.0 <5.15.6": ">=5.15.6",
-      "mdast-util-to-hast@>=13.0.0 <13.2.1": ">=13.2.1",
-      "next@>=16.0.0-canary.0 <16.0.7": ">=16.0.7",
-      "next@>=16.0.0-beta.0 <16.0.9": ">=16.0.9",
-      "qs@<6.14.2": ">=6.14.2",
-      "multer@<2.0.2": ">=2.0.2",
-      "@isaacs/brace-expansion@<=5.0.0": ">=5.0.1",
-      "ajv@<8.18.0": ">=8.18.0",
-      "fastify@<5.7.3": ">=5.7.3",
-      "next@>=16.0.9 <16.1.5": ">=16.1.5",
-      "preact@>=10.28.0 <10.28.2": ">=10.28.2",
-      "devalue@>=5.1.0 <5.6.2": ">=5.6.2",
-      "h3@<=1.15.4": ">=1.15.5",
-      "koa@>=2.16.2 <2.16.3": ">=2.16.3",
-      "lodash-es@>=4.0.0 <=4.17.22": ">=4.17.23",
-      "lodash@>=4.0.0 <=4.17.22": ">=4.17.23",
-      "diff@>=5.0.0 <5.2.2": ">=5.2.2"
-    }
-  },
-  "scripts": {
-    "build": "rollup -c",
-    "test": "vitest run --passWithNoTests",
-    "test:coverage": "vitest run --coverage --passWithNoTests",
-    "test:coverage:ci": "vitest run --coverage --reporter=verbose --passWithNoTests",
-    "prepublishOnly": "npm run build && npm run pack:strict",
-    "yara:node:smoke": "tsx scripts/yara-node-smoke.ts",
-    "yara:int:smoke": "tsx scripts/yara-integration-smoke.ts",
-    "dev:remote": "tsx examples/remote-yara-server.ts",
-    "docs:build": "hugo -s docs -D -d docs",
-    "predocs:deploy": "npm run docs:build",
-    "docs:deploy": "gh-pages -d docs -b gh-pages",
-    "format": "biome format --write .",
-    "format:check": "biome format .",
-    "lint": "biome ci .",
-    "lint:fix": "biome check --write .",
-    "yara:check": "node scripts/yara-quick-check-cli.mjs",
-    "build:core": "pnpm -r --filter '!./examples/*' --if-present build",
-    "preview": "npm pack --dry-run",
-    "typecheck": "tsc -p tsconfig.json --noEmit || tsc -p tsconfig.build.json --noEmit",
-    "typecheck:strict": "tsc -p tsconfig.strict.json --noEmit",
-    "smoke": "node scripts/smoke.mjs",
-    "test:e2e": "node scripts/e2e.mjs",
-    "repo:doctor": "pnpm install --frozen-lockfile && pnpm -r --if-present build && pnpm -r --if-present test && npm run -s preview || true && node scripts/smoke.mjs && node scripts/e2e.mjs || true",
-    "audit:deps": "depcheck --skip-missing true || true",
-    "audit:code": "knip --reporter compact || true",
-    "audit:exports": "ts-prune -p tsconfig.json || true",
-    "repo:audit": "node scripts/audit.mjs",
-    "pack:check": "node scripts/pack-check.mjs",
-    "pack:list": "pnpm -r --filter \"@pompelmi/*\" --if-present pack --json --dry-run",
-    "pack:strict": "node scripts/pack-check.mjs --strict",
-    "clean": "rimraf dist",
-    "mentions:find": "node scripts/find-mentions.mjs",
-    "mentions:render": "node scripts/render-mentions-readme.mjs",
-    "mentions:inject": "node scripts/inject-mentions-readme.mjs",
-    "mentions:update": "npm run mentions:find && npm run mentions:render && npm run mentions:inject"
-  },
-  "license": "MIT",
-  "devDependencies": {
-    "@biomejs/biome": "^2.2.4",
-    "@pompelmi/core": "workspace:*",
-    "@pompelmi/engine": "workspace:*",
-    "@pompelmi/engine-heuristics": "workspace:^0.2.0",
-    "@rollup/plugin-commonjs": "^29.0.2",
-    "@rollup/plugin-node-resolve": "^16.0.1",
-    "@rollup/plugin-typescript": "^12.1.4",
-    "@types/cors": "^2.8.19",
-    "@types/express": "^5.0.3",
-    "@types/multer": "^2.0.0",
-    "@types/node": "^25.5.0",
-    "@types/react": "^19.1.8",
-    "@types/unzipper": "^0.10.11",
-    "@vitest/coverage-v8": "^4",
-    "cors": "^2.8.5",
-    "depcheck": "^1.4.7",
-    "express": "^5.1.0",
-    "gh-pages": "^6.3.0",
-    "knip": "^6.1.1",
-    "multer": "^2.0.2",
-    "react": "^19.2.0",
-    "rollup": "^4.x",
-    "ts-prune": "^0.10.3",
-    "tslib": "^2.8.1",
-    "tsup": "^8",
-    "tsx": "^4.20.3",
-    "typescript": "^6.0.2",
-    "vitest": "4.1.2"
-  },
-  "peerDependencies": {
-    "react": "^18.0.0 || ^19.0.0",
-    "react-dom": "^18.0.0 || ^19.0.0"
-  },
-  "peerDependenciesMeta": {
-    "react": {
-      "optional": true
-    },
-    "react-dom": {
-      "optional": true
-    }
+  "bugs": {
+    "url": "https://github.com/pompelmi/pompelmi/issues"
   },
-  "optionalDependencies": {
-    "@litko/yara-x": "^0.2.1"
-  },
-  "exports": {
-    ".": {
-      "types": "./dist/types/index.d.ts",
-      "import": "./dist/pompelmi.esm.js",
-      "require": "./dist/pompelmi.cjs",
-      "default": "./dist/pompelmi.esm.js"
-    },
-    "./node": {
-      "types": "./dist/types/index.d.ts",
-      "import": "./dist/pompelmi.esm.js",
-      "require": "./dist/pompelmi.cjs",
-      "default": "./dist/pompelmi.esm.js"
-    },
-    "./browser": {
-      "types": "./dist/types/browser-index.d.ts",
-      "import": "./dist/pompelmi.browser.esm.js",
-      "require": "./dist/pompelmi.browser.cjs",
-      "default": "./dist/pompelmi.browser.esm.js"
-    },
-    "./react": {
-      "types": "./dist/types/react-index.d.ts",
-      "import": "./dist/pompelmi.react.esm.js",
-      "require": "./dist/pompelmi.react.cjs",
-      "default": "./dist/pompelmi.react.esm.js"
-    },
-    "./quarantine": {
-      "types": "./dist/types/quarantine/index.d.ts",
-      "import": "./dist/pompelmi.quarantine.esm.js",
-      "require": "./dist/pompelmi.quarantine.cjs",
-      "default": "./dist/pompelmi.quarantine.esm.js"
-    },
-    "./hooks": {
-      "types": "./dist/types/hooks.d.ts",
-      "import": "./dist/pompelmi.hooks.esm.js",
-      "require": "./dist/pompelmi.hooks.cjs",
-      "default": "./dist/pompelmi.hooks.esm.js"
-    },
-    "./audit": {
-      "types": "./dist/types/audit.d.ts",
-      "import": "./dist/pompelmi.audit.esm.js",
-      "require": "./dist/pompelmi.audit.cjs",
-      "default": "./dist/pompelmi.audit.esm.js"
-    },
-    "./policy-packs": {
-      "types": "./dist/types/policy-packs.d.ts",
-      "import": "./dist/pompelmi.policy-packs.esm.js",
-      "require": "./dist/pompelmi.policy-packs.cjs",
-      "default": "./dist/pompelmi.policy-packs.esm.js"
-    },
-    "./package.json": "./package.json"
-  },
-  "files": [
-    "dist/",
-    "README.md",
-    "LICENSE",
-    "package.json",
-    "CHANGELOG*"
-  ],
   "keywords": [
-    "secure-file-upload",
-    "file-upload-security",
-    "upload-security",
-    "upload-scanning",
-    "file-scanning",
-    "file-validation",
-    "malware-scanner",
-    "mime-sniffing",
-    "magic-bytes",
-    "archive-security",
-    "zip-bomb-protection",
-    "yara",
-    "yara-rules",
-    "local-first-security",
-    "self-hosted-security",
-    "nodejs-security",
-    "typescript",
-    "nodejs",
-    "express",
-    "nextjs",
-    "nestjs",
-    "fastify",
-    "koa",
-    "nuxt"
+    "clamav",
+    "antivirus",
+    "malware",
+    "virus",
+    "scan",
+    "security",
+    "file-scan"
   ],
-  "directories": {
-    "example": "examples"
-  },
-  "author": "Tommaso Bertocchi",
-  "packageManager": "pnpm@9.12.0",
-  "resolutions": {
-    "process": "0.11.10"
-  },
-  "sideEffects": false,
-  "engines": {
-    "node": ">=18"
+  "type": "commonjs",
+  "main": "./src/index.js",
+  "scripts": {
+    "test": "node --test test/unit.test.js && node test/scan.test.js",
+    "lint": "eslint src/"
   },
-  "publishConfig": {
-    "access": "public"
+  "dependencies": {
+    "cross-spawn": "^7.0.6"
   },
-  "types": "./dist/types/index.d.ts"
+  "devDependencies": {
+    "@eslint/js": "^10.0.1",
+    "eslint": "^10.2.0",
+    "globals": "^17.4.0"
+  }
 }

package/src/ClamAVDatabaseUpdater.js

@@ -0,0 +1,48 @@
+const spawn = require("cross-spawn");
+const fs = require("fs");
+const { getUpdaterCommand } = require('./InstallerCommand.js');
+const { PLATFORM } = require('./constants.js');
+const { DB_PATHS } = require('./config.js');
+
+const MESSAGES = {
+    DB_PRESENT: "Virus database already present, skipping.",
+    SUCCESS: "Database updated successfully!",
+    FAILURE: (code) => `Database update failed with exit code: ${code}`,
+    STARTING: "Downloading virus definitions...",
+    PLATFORM_NOT_SUPPORTED: "Current platform is not supported."
+};
+
+function isDatabasePresent() {
+    const dbPath = DB_PATHS[PLATFORM];
+    return dbPath ? fs.existsSync(dbPath) : false;
+}
+
+function updateClamAVDatabase() {
+    return new Promise((resolve, reject) => {
+        if (isDatabasePresent()) {
+            console.log(MESSAGES.DB_PRESENT);
+            return resolve(MESSAGES.DB_PRESENT);
+        }
+
+        const [command, args] = getUpdaterCommand(PLATFORM);
+
+        if (!command) {
+            console.log(MESSAGES.PLATFORM_NOT_SUPPORTED);
+            return resolve(MESSAGES.PLATFORM_NOT_SUPPORTED);
+        }
+
+        console.log(MESSAGES.STARTING);
+
+        const child = spawn(command, args, { stdio: 'inherit' });
+        child.on('error', (err) => reject(err));
+        child.on('close', (code) => {
+            if (code !== 0) {
+                return reject(new Error(MESSAGES.FAILURE(code)));
+            }
+            console.log(MESSAGES.SUCCESS);
+            resolve(MESSAGES.SUCCESS);
+        });
+    });
+}
+
+module.exports = { updateClamAVDatabase };

package/src/ClamAVInstaller.js

@@ -0,0 +1,49 @@
+const spawn = require("cross-spawn");
+const { execSync } = require("child_process");
+const { getInstallerCommand } = require('./InstallerCommand.js');
+const { PLATFORM } = require('./constants.js')
+
+const MESSAGES = {
+    ALREADY_INSTALLED: "ClamAV is already installed, skipping.",
+    SUCCESS: "Installation completed successfully!",
+    PLATFORM_NOT_SUPPORTED: "Current platform is not supported.",
+    FAILURE: (code) => `Installation failed with exit code: ${code}`
+};
+
+function isClamAVInstalled() {
+    const command = PLATFORM === 'win32' ? 'where clamscan' : 'which clamscan';
+    try {
+        execSync(command, { stdio: 'ignore' });
+        return true;
+    } catch {
+        return false;
+    }
+}
+
+function ClamAVInstaller() {
+    return new Promise((resolve, reject) => {
+        if (isClamAVInstalled()) {
+            console.log(MESSAGES.ALREADY_INSTALLED);
+            return resolve(MESSAGES.ALREADY_INSTALLED);
+        }
+
+        const [packageManager, packageToInstall] = getInstallerCommand(PLATFORM);
+
+        if (!packageManager) {
+            console.log(MESSAGES.PLATFORM_NOT_SUPPORTED);
+            return resolve(MESSAGES.PLATFORM_NOT_SUPPORTED);
+        }
+
+        const child = spawn(packageManager, packageToInstall, { stdio: 'inherit' });
+        child.on('error', (err) => reject(err));
+        child.on('close', (code) => {
+            if (code !== 0) {
+                return reject(new Error(MESSAGES.FAILURE(code)));
+            }
+            console.log(MESSAGES.SUCCESS);
+            resolve(MESSAGES.SUCCESS);
+        });
+    });
+}
+
+module.exports = { ClamAVInstaller};

package/src/ClamAVScanner.js

@@ -0,0 +1,37 @@
+const spawn = require("cross-spawn");
+const fs = require("fs");
+const { SCAN_RESULTS } = require('./config.js');
+const { scanViaClamd } = require('./ClamdScanner.js');
+
+const MESSAGES = {
+    FILE_NOT_FOUND:        (filePath) => `File not found: ${filePath}`,
+    UNEXPECTED_EXIT_CODE:  (code)     => `Unexpected exit code: ${code}`,
+    PROCESS_KILLED:        (signal)   => `Process killed by signal: ${signal}`,
+};
+
+function scan(filePath, options = {}) {
+    // When a host or port is provided, delegate to the clamd TCP path.
+    if (options.host !== undefined || options.port !== undefined) {
+        return scanViaClamd(filePath, options);
+    }
+
+    return new Promise((resolve, reject) => {
+        if (typeof filePath !== 'string') {
+            return reject(new Error('filePath must be a string'));
+        }
+        if (!fs.existsSync(filePath)) {
+            return reject(new Error(MESSAGES.FILE_NOT_FOUND(filePath)));
+        }
+
+        const child = spawn('clamscan', ['--no-summary', filePath]);
+        child.on('error', (err) => reject(err));
+        child.on('close', (code, signal) => {
+            if (code === null) return reject(new Error(MESSAGES.PROCESS_KILLED(signal)));
+            const result = SCAN_RESULTS[code];
+            if (!result) return reject(new Error(MESSAGES.UNEXPECTED_EXIT_CODE(code)));
+            resolve(result);
+        });
+    });
+}
+
+module.exports = { scan };

package/src/ClamdScanner.js

@@ -0,0 +1,81 @@
+'use strict';
+
+const net = require('net');
+const fs  = require('fs');
+
+// ClamAV INSTREAM protocol:
+//   1. Send "zINSTREAM\0"
+//   2. Send N chunks, each prefixed with a 4-byte big-endian length
+//   3. Terminate with four zero bytes
+//   4. Read response line: "stream: OK", "stream: <name> FOUND", or an error
+const CLAMD_INSTREAM = Buffer.from('zINSTREAM\0');
+const CHUNK_SIZE     = 64 * 1024;  // 64 KB — well within clamd's default StreamMaxLength
+
+function parseClamdResponse(raw) {
+    const text = raw.toString('utf8').trim();
+    if (text === 'stream: OK')      return 'Clean';
+    if (text.endsWith(' FOUND'))    return 'Malicious';
+    return 'ScanError';
+}
+
+/**
+ * Scan a file by streaming it to a running clamd instance over TCP.
+ *
+ * @param {string} filePath   - Absolute or relative path to the file to scan.
+ * @param {object} [options]
+ * @param {string} [options.host='127.0.0.1']
+ * @param {number} [options.port=3310]
+ * @param {number} [options.timeout=15000]  - Socket idle timeout in ms.
+ * @returns {Promise<'Clean'|'Malicious'|'ScanError'>}
+ */
+function scanViaClamd(filePath, { host = '127.0.0.1', port = 3310, timeout = 15_000 } = {}) {
+    return new Promise((resolve, reject) => {
+        if (typeof filePath !== 'string') {
+            return reject(new Error('filePath must be a string'));
+        }
+        if (!fs.existsSync(filePath)) {
+            return reject(new Error(`File not found: ${filePath}`));
+        }
+
+        const socket     = net.createConnection({ host, port });
+        const chunks     = [];
+        let   settled    = false;
+
+        function settle(fn, value) {
+            if (settled) return;
+            settled = true;
+            socket.destroy();
+            fn(value);
+        }
+
+        socket.setTimeout(timeout);
+        socket.on('timeout', () =>
+            settle(reject, new Error(`clamd connection timed out after ${timeout}ms`))
+        );
+        socket.on('error', (err) => settle(reject, err));
+        socket.on('data',  (chunk) => chunks.push(chunk));
+        socket.on('end',   () => settle(resolve, parseClamdResponse(Buffer.concat(chunks))));
+
+        socket.on('connect', () => {
+            socket.write(CLAMD_INSTREAM);
+
+            const fileStream = fs.createReadStream(filePath, { highWaterMark: CHUNK_SIZE });
+
+            fileStream.on('error', (err) => settle(reject, err));
+
+            fileStream.on('data', (chunk) => {
+                const header = Buffer.allocUnsafe(4);
+                header.writeUInt32BE(chunk.length, 0);
+                socket.write(header);
+                socket.write(chunk);
+            });
+
+            fileStream.on('end', () => {
+                socket.write(Buffer.alloc(4)); // terminating zero-length chunk
+                socket.end();
+            });
+        });
+    });
+}
+
+module.exports = { scanViaClamd };

package/src/InstallerCommand.js

@@ -0,0 +1,11 @@
+const { INSTALLER_COMMANDS, UPDATER_COMMANDS } = require('./config.js');
+
+function getInstallerCommand(platform) {
+    return INSTALLER_COMMANDS[platform] ?? [null, []];
+}
+
+function getUpdaterCommand(platform) {
+    return UPDATER_COMMANDS[platform] ?? [null, []];
+}
+
+module.exports = { getInstallerCommand, getUpdaterCommand };

package/src/config.js

@@ -0,0 +1,22 @@
+module.exports = Object.freeze({
+    INSTALLER_COMMANDS: Object.freeze({
+        win32:  ['choco',  ['install', 'clamav', '-y']],
+        darwin: ['brew',   ['install', 'clamav']],
+        linux:  ['sudo',   ['apt-get', 'install', '-y', 'clamav', 'clamav-daemon']],
+    }),
+    UPDATER_COMMANDS: Object.freeze({
+        win32:  ['freshclam', []],
+        darwin: ['freshclam', []],
+        linux:  ['sudo',      ['freshclam']],
+    }),
+    DB_PATHS: Object.freeze({
+        darwin: '/usr/local/share/clamav/main.cvd',
+        linux:  '/var/lib/clamav/main.cvd',
+        win32:  'C:\\ProgramData\\ClamAV\\main.cvd',
+    }),
+    SCAN_RESULTS: Object.freeze({
+        0: 'Clean',
+        1: 'Malicious',
+        2: 'ScanError'
+    }),
+});

package/src/constants.js

@@ -0,0 +1,3 @@
+module.exports = Object.freeze({
+    PLATFORM: process.platform
+});

package/src/index.js

@@ -0,0 +1,5 @@
+const { scan } = require('./ClamAVScanner.js');
+
+const pompelmi = { scan };
+
+module.exports = pompelmi;

package/test_out.txt

@@ -0,0 +1,74 @@
+ClamAV is already installed, skipping.
+Current platform is not supported.
+Installation completed successfully!
+Virus database already present, skipping.
+Current platform is not supported.
+Downloading virus definitions...
+Database updated successfully!
+Downloading virus definitions...
+Downloading virus definitions...
+▶ InstallerCommand
+  ▶ getInstallerCommand
+    ✔ darwin  → brew install clamav (1.172833ms)
+    ✔ linux   → sudo apt-get install (0.163833ms)
+    ✔ win32   → choco install clamav (0.07125ms)
+    ✔ unknown → [null, []] (0.054792ms)
+  ✔ getInstallerCommand (1.877625ms)
+  ▶ getUpdaterCommand
+    ✔ darwin  → freshclam (0.094625ms)
+    ✔ linux   → sudo freshclam (0.255ms)
+    ✔ win32   → freshclam (0.055834ms)
+    ✔ unknown → [null, []] (0.308416ms)
+  ✔ getUpdaterCommand (0.965833ms)
+✔ InstallerCommand (3.261333ms)
+▶ ClamAVScanner
+  ✔ rejects if filePath is not a string (10.062042ms)
+  ✔ rejects if file does not exist (0.441042ms)
+  ✔ exit code 0  → resolves to "Clean" (0.847959ms)
+  ✔ exit code 1  → resolves to "Malicious" (0.890875ms)
+  ✔ exit code 2  → resolves to "ScanError" (0.5805ms)
+  ✔ exit code 99 → rejects with exit code message (0.535625ms)
+  ✔ spawn error  → rejects with the error (0.550542ms)
+  ✔ signal kill  → rejects with signal name (0.405667ms)
+✔ ClamAVScanner (14.502167ms)
+▶ ClamAVInstaller
+  ✔ resolves if ClamAV is already installed (1.17225ms)
+  ✔ resolves with platform-not-supported message (1.279459ms)
+  ✔ resolves after successful installation (0.755125ms)
+  ✔ rejects when installation exits non-zero (0.553375ms)
+  ✔ rejects on spawn error (0.969208ms)
+✔ ClamAVInstaller (4.845042ms)
+▶ ClamdScanner
+  ✔ rejects if filePath is not a string (0.186125ms)
+  ✔ rejects if file does not exist (0.371125ms)
+  ✔ "stream: OK"              → "Clean" (0.388458ms)
+  ✔ "stream: ... FOUND"       → "Malicious" (0.163792ms)
+  ✔ any other clamd response  → "ScanError" (0.294458ms)
+  ✔ socket error (ECONNREFUSED) → rejects with that error (0.187ms)
+  ✔ socket timeout              → rejects with timeout message (0.119208ms)
+  ✔ file read stream error      → rejects with that error (0.118084ms)
+  ✔ sends zINSTREAM command, chunk header, chunk data, and terminator (0.327083ms)
+✔ ClamdScanner (2.320125ms)
+▶ ClamAVScanner (TCP routing)
+  ✔ routes to clamd when { port } is given (2.303ms)
+  ✔ routes to clamd when { host } is given (0.207792ms)
+  ✔ routes to clamd when { host, port } are both given (0.27525ms)
+  ✔ forwards filePath and options unchanged to scanViaClamd (0.267083ms)
+  ✔ uses the CLI path when called without options (0.31125ms)
+  ✔ uses the CLI path when called with an empty options object {} (0.318041ms)
+✔ ClamAVScanner (TCP routing) (3.793958ms)
+▶ ClamAVDatabaseUpdater
+  ✔ resolves if database is already present (0.793833ms)
+  ✔ resolves with platform-not-supported message (0.326166ms)
+  ✔ resolves after successful update (0.37675ms)
+  ✔ rejects when update exits non-zero (0.330167ms)
+  ✔ rejects on spawn error (0.545833ms)
+✔ ClamAVDatabaseUpdater (2.478542ms)
+ℹ tests 41
+ℹ suites 8
+ℹ pass 41
+ℹ fail 0
+ℹ cancelled 0
+ℹ skipped 0
+ℹ todo 0
+ℹ duration_ms 107.87375