npm - pompelmi - Versions diffs - 0.35.5 → 1.1.0 - Mend

pompelmi 0.35.5 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (135) hide show

package/.claude/settings.local.json +45 -0
package/LICENSE +12 -18
package/README.md +174 -181
package/eslint.config.mjs +8 -0
package/package.json +26 -251
package/src/ClamAVDatabaseUpdater.js +48 -0
package/src/ClamAVInstaller.js +49 -0
package/src/ClamAVScanner.js +37 -0
package/src/ClamdScanner.js +81 -0
package/src/InstallerCommand.js +11 -0
package/src/config.js +22 -0
package/src/constants.js +3 -0
package/src/favicon.ico +0 -0
package/src/grapefruit.png +0 -0
package/src/index.js +5 -0
package/test_out.txt +74 -0
package/CHANGELOG.md +0 -71
package/dist/pompelmi.audit.cjs +0 -128
package/dist/pompelmi.audit.cjs.map +0 -1
package/dist/pompelmi.audit.esm.js +0 -107
package/dist/pompelmi.audit.esm.js.map +0 -1
package/dist/pompelmi.browser.cjs +0 -1549
package/dist/pompelmi.browser.cjs.map +0 -1
package/dist/pompelmi.browser.esm.js +0 -1523
package/dist/pompelmi.browser.esm.js.map +0 -1
package/dist/pompelmi.cjs +0 -2591
package/dist/pompelmi.cjs.map +0 -1
package/dist/pompelmi.esm.js +0 -2525
package/dist/pompelmi.esm.js.map +0 -1
package/dist/pompelmi.hooks.cjs +0 -75
package/dist/pompelmi.hooks.cjs.map +0 -1
package/dist/pompelmi.hooks.esm.js +0 -72
package/dist/pompelmi.hooks.esm.js.map +0 -1
package/dist/pompelmi.policy-packs.cjs +0 -240
package/dist/pompelmi.policy-packs.cjs.map +0 -1
package/dist/pompelmi.policy-packs.esm.js +0 -232
package/dist/pompelmi.policy-packs.esm.js.map +0 -1
package/dist/pompelmi.quarantine.cjs +0 -317
package/dist/pompelmi.quarantine.cjs.map +0 -1
package/dist/pompelmi.quarantine.esm.js +0 -293
package/dist/pompelmi.quarantine.esm.js.map +0 -1
package/dist/pompelmi.react.cjs +0 -1580
package/dist/pompelmi.react.cjs.map +0 -1
package/dist/pompelmi.react.esm.js +0 -1553
package/dist/pompelmi.react.esm.js.map +0 -1
package/dist/types/audit.d.ts +0 -84
package/dist/types/browser-index.d.ts +0 -29
package/dist/types/config.d.ts +0 -143
package/dist/types/engines/dynamic-taint.d.ts +0 -102
package/dist/types/engines/hybrid-orchestrator.d.ts +0 -65
package/dist/types/engines/hybrid-taint-integration.d.ts +0 -129
package/dist/types/engines/taint-policies.d.ts +0 -84
package/dist/types/hipaa-compliance.d.ts +0 -110
package/dist/types/hooks.d.ts +0 -89
package/dist/types/index.d.ts +0 -29
package/dist/types/magic.d.ts +0 -7
package/dist/types/node/scanDir.d.ts +0 -30
package/dist/types/policy-packs.d.ts +0 -98
package/dist/types/policy.d.ts +0 -12
package/dist/types/presets.d.ts +0 -72
package/dist/types/quarantine/index.d.ts +0 -18
package/dist/types/quarantine/storage.d.ts +0 -77
package/dist/types/quarantine/types.d.ts +0 -78
package/dist/types/quarantine/workflow.d.ts +0 -97
package/dist/types/react-index.d.ts +0 -13
package/dist/types/risk.d.ts +0 -18
package/dist/types/scan/remote.d.ts +0 -12
package/dist/types/scan.d.ts +0 -17
package/dist/types/scanners/common-heuristics.d.ts +0 -14
package/dist/types/scanners/zip-bomb-guard.d.ts +0 -9
package/dist/types/scanners/zipTraversalGuard.d.ts +0 -19
package/dist/types/src/audit.d.ts +0 -84
package/dist/types/src/browser-index.d.ts +0 -29
package/dist/types/src/config.d.ts +0 -143
package/dist/types/src/engines/dynamic-taint.d.ts +0 -102
package/dist/types/src/engines/hybrid-orchestrator.d.ts +0 -65
package/dist/types/src/engines/hybrid-taint-integration.d.ts +0 -129
package/dist/types/src/engines/taint-policies.d.ts +0 -84
package/dist/types/src/hipaa-compliance.d.ts +0 -110
package/dist/types/src/hooks.d.ts +0 -89
package/dist/types/src/index.d.ts +0 -29
package/dist/types/src/magic.d.ts +0 -7
package/dist/types/src/node/scanDir.d.ts +0 -30
package/dist/types/src/policy-packs.d.ts +0 -98
package/dist/types/src/policy.d.ts +0 -12
package/dist/types/src/presets.d.ts +0 -72
package/dist/types/src/quarantine/index.d.ts +0 -18
package/dist/types/src/quarantine/storage.d.ts +0 -77
package/dist/types/src/quarantine/types.d.ts +0 -78
package/dist/types/src/quarantine/workflow.d.ts +0 -97
package/dist/types/src/react-index.d.ts +0 -13
package/dist/types/src/risk.d.ts +0 -18
package/dist/types/src/scan/remote.d.ts +0 -12
package/dist/types/src/scan.d.ts +0 -17
package/dist/types/src/scanners/common-heuristics.d.ts +0 -14
package/dist/types/src/scanners/zip-bomb-guard.d.ts +0 -11
package/dist/types/src/scanners/zipTraversalGuard.d.ts +0 -19
package/dist/types/src/stream.d.ts +0 -10
package/dist/types/src/types/decompilation.d.ts +0 -96
package/dist/types/src/types/taint-tracking.d.ts +0 -495
package/dist/types/src/types.d.ts +0 -48
package/dist/types/src/useFileScanner.d.ts +0 -15
package/dist/types/src/utils/advanced-detection.d.ts +0 -21
package/dist/types/src/utils/batch-scanner.d.ts +0 -62
package/dist/types/src/utils/cache-manager.d.ts +0 -95
package/dist/types/src/utils/export.d.ts +0 -51
package/dist/types/src/utils/performance-metrics.d.ts +0 -68
package/dist/types/src/utils/threat-intelligence.d.ts +0 -96
package/dist/types/src/validate.d.ts +0 -7
package/dist/types/src/verdict.d.ts +0 -2
package/dist/types/src/yara/browser.d.ts +0 -7
package/dist/types/src/yara/index.d.ts +0 -17
package/dist/types/src/yara/node.d.ts +0 -2
package/dist/types/src/yara/remote.d.ts +0 -10
package/dist/types/src/yara-bridge.d.ts +0 -3
package/dist/types/src/zip.d.ts +0 -13
package/dist/types/stream.d.ts +0 -10
package/dist/types/types/decompilation.d.ts +0 -96
package/dist/types/types/taint-tracking.d.ts +0 -495
package/dist/types/types.d.ts +0 -48
package/dist/types/useFileScanner.d.ts +0 -15
package/dist/types/utils/advanced-detection.d.ts +0 -21
package/dist/types/utils/batch-scanner.d.ts +0 -62
package/dist/types/utils/cache-manager.d.ts +0 -95
package/dist/types/utils/export.d.ts +0 -51
package/dist/types/utils/performance-metrics.d.ts +0 -68
package/dist/types/utils/threat-intelligence.d.ts +0 -96
package/dist/types/validate.d.ts +0 -7
package/dist/types/verdict.d.ts +0 -2
package/dist/types/yara/browser.d.ts +0 -7
package/dist/types/yara/index.d.ts +0 -17
package/dist/types/yara/node.d.ts +0 -2
package/dist/types/yara/remote.d.ts +0 -10
package/dist/types/yara-bridge.d.ts +0 -3
package/dist/types/zip.d.ts +0 -13

package/CHANGELOG.md DELETED Viewed

@@ -1,71 +0,0 @@
-# Changelog
-All notable changes to this project will be documented in this file.
-The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
-and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-## Unreleased (main)
-### Highlights
-- Fixed `@pompelmi/fastify-plugin` multipart dependency wiring and removed an unnecessary promise hop.
-- Refined the root README layout for faster first-run onboarding and clearer repo entry points.
-- Refreshed README badges and demo media so the public repo surface is easier to scan quickly.
-- Added verified mention badges to strengthen the top-level trust signals around adoption.
-- Tightened onboarding copy across the repo surfaces to make the docs-and-examples path easier to follow.
-### Notes
-This section summarizes changes since the last tag: `v0.34.8`.
-Post-tag activity is currently limited, so the highlights above also surface the most recent user-visible commits from the current `v0.34.x` line for context.
-For full details, see GitHub Releases / tag diffs.
-## [0.27.1] - 2026-01-26
-### Security
-- 🔐 **Critical Security Fixes**: Fixed 89 vulnerabilities (6 critical, 36 high, 35 moderate, 12 low)
-- 🔐 **Dependency Updates**: Updated 26 package overrides including esbuild, vite, astro, next, body-parser, qs, lodash
-- 🔐 **CVE Fixes**: Patched multiple CVEs in dependencies
-### Fixed
-- 🐛 Fixed GitHub Actions workflow with correct pnpm/action-setup SHA
-- 🐛 Resolved CI/CD pipeline execution errors
-## [0.27.0] - 2026-01-26
-### Added
-- 🚀 **Enhanced Performance Monitoring**: Added detailed performance metrics tracking for scan operations
-- 🔒 **Advanced Threat Detection**: Improved heuristics engine with better polyglot file detection
-- 📊 **Scan Statistics API**: New utility functions to aggregate and analyze scan results
-- 🛡️ **Enhanced ZIP Bomb Protection**: Improved nested archive detection with configurable depth limits
-- 🔍 **Content Analysis**: Advanced content inspection for embedded scripts and obfuscated code
-- 📝 **Better TypeScript Types**: Enhanced type definitions for improved developer experience
-- ⚡ **Async Performance**: Optimized async operations for better throughput
-- 🎯 **Scan Context Enrichment**: Enhanced metadata collection during file scanning
-### Improved
-- 🔧 **Error Handling**: More descriptive error messages with actionable suggestions
-- 📈 **Memory Efficiency**: Reduced memory footprint for large file operations
-- 🚦 **CI/CD Pipeline**: Enhanced GitHub Actions workflows with better caching
-- 📚 **Documentation**: Updated examples and API documentation
-- 🧪 **Test Coverage**: Added comprehensive test cases for new features
-### Fixed
-- 🐛 Fixed edge cases in MIME type detection
-- 🐛 Resolved memory leaks in stream processing
-- 🐛 Corrected verdict mapping for multi-threaded scenarios
-### Security
-- 🔐 Updated dependencies to patch known vulnerabilities
-- 🔐 Enhanced input validation for all public APIs
-- 🔐 Improved sanitization for file metadata
-## [0.26.0] - 2025-12-15
-### Added
-- Initial stable release with core scanning functionality
-- YARA integration support
-- ZIP bomb protection
-- Framework adapters (Express, Koa, Fastify, Next.js)
-- Browser and Node.js support

package/dist/pompelmi.audit.cjs DELETED Viewed

@@ -1,128 +0,0 @@
-'use strict';
-var fs = require('fs');
-function _interopNamespaceDefault(e) {
-    var n = Object.create(null);
-    if (e) {
-        Object.keys(e).forEach(function (k) {
-            if (k !== 'default') {
-                var d = Object.getOwnPropertyDescriptor(e, k);
-                Object.defineProperty(n, k, d.get ? d : {
-                    enumerable: true,
-                    get: function () { return e[k]; }
-                });
-            }
-        });
-    }
-    n.default = e;
-    return Object.freeze(n);
-}
-var fs__namespace = /*#__PURE__*/_interopNamespaceDefault(fs);
-/**
- * Audit trail for Pompelmi scan and quarantine events.
- *
- * Produces structured, append-only audit records suitable for:
- *   - compliance logging (HIPAA, SOC 2, ISO 27001)
- *   - SIEM ingestion
- *   - operational dashboards
- *   - incident response
- *
- * Usage:
- * ```ts
- * import { AuditTrail } from 'pompelmi/audit';
- *
- * const audit = new AuditTrail({ dest: 'file', path: './audit.jsonl' });
- * audit.logScanComplete({ filename: 'upload.zip', verdict: 'suspicious', ... });
- * audit.logQuarantine({ entryId: '...', sha256: '...', ... });
- * ```
- *
- * @module audit
- */
-// ── AuditTrail ────────────────────────────────────────────────────────────────
-class AuditTrail {
-    constructor(options = {}) {
-        this.options = {
-            output: options.output ?? { dest: "console" },
-            pretty: options.pretty ?? false,
-        };
-    }
-    /** Log a completed scan. */
-    logScanComplete(report, extra) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: report.verdict !== "clean" ? "threat.detected" : "scan.complete",
-            verdict: report.verdict,
-            matchCount: report.matches?.length ?? 0,
-            durationMs: report.durationMs,
-            engine: report.engine,
-            mimeType: report.file?.mimeType,
-            ...extra,
-        };
-        void this.write(record);
-    }
-    /** Log a scan error. */
-    logScanError(error, extra) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: "scan.error",
-            verdict: "clean", // unknown at this point
-            matchCount: 0,
-            error: error instanceof Error ? error.message : String(error),
-            ...extra,
-        };
-        void this.write(record);
-    }
-    /** Log a new quarantine entry. */
-    logQuarantine(entry, correlationId) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: "quarantine.created",
-            quarantineId: entry.id,
-            filename: entry.file.originalName,
-            sha256: entry.file.sha256,
-            uploadedBy: entry.file.uploadedBy,
-            correlationId,
-        };
-        void this.write(record);
-    }
-    /** Log a quarantine resolution (promote or delete). */
-    logQuarantineResolved(entry, correlationId) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: entry.status === "deleted" ? "quarantine.deleted" : "quarantine.resolved",
-            quarantineId: entry.id,
-            filename: entry.file.originalName,
-            sha256: entry.file.sha256,
-            decision: entry.status === "promoted" ? "promote" : "delete",
-            reviewedBy: entry.reviewedBy,
-            reviewNote: entry.reviewNote,
-            correlationId,
-        };
-        void this.write(record);
-    }
-    async write(record) {
-        const line = this.options.pretty ? JSON.stringify(record, null, 2) : JSON.stringify(record);
-        const { output } = this.options;
-        try {
-            if (output.dest === "console") {
-                process.stdout.write(line + "\n");
-            }
-            else if (output.dest === "file") {
-                // Append a newline-delimited JSON (NDJSON) record.
-                await fs__namespace.promises.appendFile(output.path, line + "\n", "utf8");
-            }
-            else if (output.dest === "custom") {
-                await output.write(record);
-            }
-        }
-        catch {
-            // Audit failures must never interrupt the upload pipeline.
-        }
-    }
-}
-exports.AuditTrail = AuditTrail;
-//# sourceMappingURL=pompelmi.audit.cjs.map

package/dist/pompelmi.audit.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"pompelmi.audit.cjs","sources":["../../src/audit.ts"],"sourcesContent":["/**\n * Audit trail for Pompelmi scan and quarantine events.\n *\n * Produces structured, append-only audit records suitable for:\n * - compliance logging (HIPAA, SOC 2, ISO 27001)\n * - SIEM ingestion\n * - operational dashboards\n * - incident response\n *\n * Usage:\n * ```ts\n * import { AuditTrail } from 'pompelmi/audit';\n *\n * const audit = new AuditTrail({ dest: 'file', path: './audit.jsonl' });\n * audit.logScanComplete({ filename: 'upload.zip', verdict: 'suspicious', ... });\n * audit.logQuarantine({ entryId: '...', sha256: '...', ... });\n * ```\n *\n * @module audit\n */\n\nimport * as fs from \"fs\";\nimport type { QuarantineEntry } from \"./quarantine/types\";\nimport type { ScanReport } from \"./types\";\n\n// ── Record types ──────────────────────────────────────────────────────────────\n\nexport type AuditEventType =\n | \"scan.complete\"\n | \"scan.error\"\n | \"threat.detected\"\n | \"quarantine.created\"\n | \"quarantine.resolved\"\n | \"quarantine.deleted\";\n\ninterface BaseAuditRecord {\n /** ISO-8601 timestamp. */\n timestamp: string;\n /** Event type for structured log routing. */\n event: AuditEventType;\n /** Application-assigned session or request id for correlation. */\n correlationId?: string;\n /** Uploader identity. */\n uploadedBy?: string;\n}\n\nexport interface ScanAuditRecord extends BaseAuditRecord {\n event: \"scan.complete\" | \"scan.error\" | \"threat.detected\";\n filename?: string;\n mimeType?: string;\n sizeBytes?: number;\n sha256?: string;\n verdict: ScanReport[\"verdict\"];\n matchCount: number;\n durationMs?: number;\n engine?: string;\n error?: string;\n}\n\nexport interface QuarantineAuditRecord extends BaseAuditRecord {\n event: \"quarantine.created\" | \"quarantine.resolved\" | \"quarantine.deleted\";\n quarantineId: string;\n filename?: string;\n sha256: string;\n decision?: \"promote\" | \"delete\";\n reviewedBy?: string;\n reviewNote?: string;\n}\n\nexport type AuditRecord = ScanAuditRecord | QuarantineAuditRecord;\n\n// ── Destination ───────────────────────────────────────────────────────────────\n\nexport type AuditDest =\n | { dest: \"console\" }\n | { dest: \"file\"; path: string }\n | { dest: \"custom\"; write: (record: AuditRecord) => void | Promise<void> };\n\nexport interface AuditTrailOptions {\n /** Where to write audit records. Default: 'console'. */\n output?: AuditDest;\n /** If true, pretty-print JSON. Useful for debugging. Default: false. */\n pretty?: boolean;\n}\n\n// ── AuditTrail ────────────────────────────────────────────────────────────────\n\nexport class AuditTrail {\n private readonly options: Required<AuditTrailOptions>;\n\n constructor(options: AuditTrailOptions = {}) {\n this.options = {\n output: options.output ?? { dest: \"console\" },\n pretty: options.pretty ?? false,\n };\n }\n\n /** Log a completed scan. */\n logScanComplete(\n report: ScanReport,\n extra?: Pick<\n ScanAuditRecord,\n \"filename\" | \"sizeBytes\" | \"sha256\" | \"correlationId\" | \"uploadedBy\"\n >,\n ): void {\n const record: ScanAuditRecord = {\n timestamp: new Date().toISOString(),\n event: report.verdict !== \"clean\" ? \"threat.detected\" : \"scan.complete\",\n verdict: report.verdict,\n matchCount: report.matches?.length ?? 0,\n durationMs: report.durationMs,\n engine: report.engine,\n mimeType: report.file?.mimeType,\n ...extra,\n };\n void this.write(record);\n }\n\n /** Log a scan error. */\n logScanError(\n error: unknown,\n extra?: Pick<ScanAuditRecord, \"filename\" | \"correlationId\" | \"uploadedBy\">,\n ): void {\n const record: ScanAuditRecord = {\n timestamp: new Date().toISOString(),\n event: \"scan.error\",\n verdict: \"clean\", // unknown at this point\n matchCount: 0,\n error: error instanceof Error ? error.message : String(error),\n ...extra,\n };\n void this.write(record);\n }\n\n /** Log a new quarantine entry. */\n logQuarantine(entry: QuarantineEntry, correlationId?: string): void {\n const record: QuarantineAuditRecord = {\n timestamp: new Date().toISOString(),\n event: \"quarantine.created\",\n quarantineId: entry.id,\n filename: entry.file.originalName,\n sha256: entry.file.sha256,\n uploadedBy: entry.file.uploadedBy,\n correlationId,\n };\n void this.write(record);\n }\n\n /** Log a quarantine resolution (promote or delete). */\n logQuarantineResolved(entry: QuarantineEntry, correlationId?: string): void {\n const record: QuarantineAuditRecord = {\n timestamp: new Date().toISOString(),\n event: entry.status === \"deleted\" ? \"quarantine.deleted\" : \"quarantine.resolved\",\n quarantineId: entry.id,\n filename: entry.file.originalName,\n sha256: entry.file.sha256,\n decision: entry.status === \"promoted\" ? \"promote\" : \"delete\",\n reviewedBy: entry.reviewedBy,\n reviewNote: entry.reviewNote,\n correlationId,\n };\n void this.write(record);\n }\n\n private async write(record: AuditRecord): Promise<void> {\n const line = this.options.pretty ? JSON.stringify(record, null, 2) : JSON.stringify(record);\n\n const { output } = this.options;\n\n try {\n if (output.dest === \"console\") {\n process.stdout.write(line + \"\\n\");\n } else if (output.dest === \"file\") {\n // Append a newline-delimited JSON (NDJSON) record.\n await fs.promises.appendFile(output.path, line + \"\\n\", \"utf8\");\n } else if (output.dest === \"custom\") {\n await output.write(record);\n }\n } catch {\n // Audit failures must never interrupt the upload pipeline.\n }\n }\n}\n"],"names":["fs"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;;;;;;;;;;AAmBG;AAkEH;MAEa,UAAU,CAAA;AAGrB,IAAA,WAAA,CAAY,UAA6B,EAAE,EAAA;QACzC,IAAI,CAAC,OAAO,GAAG;YACb,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE;AAC7C,YAAA,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;SAChC;IACH;;IAGA,eAAe,CACb,MAAkB,EAClB,KAGC,EAAA;AAED,QAAA,MAAM,MAAM,GAAoB;AAC9B,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,MAAM,CAAC,OAAO,KAAK,OAAO,GAAG,iBAAiB,GAAG,eAAe;YACvE,OAAO,EAAE,MAAM,CAAC,OAAO;AACvB,YAAA,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;YACvC,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,MAAM,EAAE,MAAM,CAAC,MAAM;AACrB,YAAA,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,QAAQ;AAC/B,YAAA,GAAG,KAAK;SACT;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;;IAGA,YAAY,CACV,KAAc,EACd,KAA0E,EAAA;AAE1E,QAAA,MAAM,MAAM,GAAoB;AAC9B,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,YAAY;YACnB,OAAO,EAAE,OAAO;AAChB,YAAA,UAAU,EAAE,CAAC;AACb,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,GAAG,KAAK;SACT;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;;IAGA,aAAa,CAAC,KAAsB,EAAE,aAAsB,EAAA;AAC1D,QAAA,MAAM,MAAM,GAA0B;AACpC,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,oBAAoB;YAC3B,YAAY,EAAE,KAAK,CAAC,EAAE;AACtB,YAAA,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY;AACjC,YAAA,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM;AACzB,YAAA,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,UAAU;YACjC,aAAa;SACd;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;;IAGA,qBAAqB,CAAC,KAAsB,EAAE,aAAsB,EAAA;AAClE,QAAA,MAAM,MAAM,GAA0B;AACpC,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,KAAK,CAAC,MAAM,KAAK,SAAS,GAAG,oBAAoB,GAAG,qBAAqB;YAChF,YAAY,EAAE,KAAK,CAAC,EAAE;AACtB,YAAA,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY;AACjC,YAAA,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM;AACzB,YAAA,QAAQ,EAAE,KAAK,CAAC,MAAM,KAAK,UAAU,GAAG,SAAS,GAAG,QAAQ;YAC5D,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,aAAa;SACd;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;IAEQ,MAAM,KAAK,CAAC,MAAmB,EAAA;AACrC,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;AAE3F,QAAA,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO;AAE/B,QAAA,IAAI;AACF,YAAA,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE;gBAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC;YACnC;AAAO,iBAAA,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE;;AAEjC,gBAAA,MAAMA,aAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,EAAE,MAAM,CAAC;YAChE;AAAO,iBAAA,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE;AACnC,gBAAA,MAAM,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC;YAC5B;QACF;AAAE,QAAA,MAAM;;QAER;IACF;AACD;;;;"}

package/dist/pompelmi.audit.esm.js DELETED Viewed

@@ -1,107 +0,0 @@
-import * as fs from 'fs';
-/**
- * Audit trail for Pompelmi scan and quarantine events.
- *
- * Produces structured, append-only audit records suitable for:
- *   - compliance logging (HIPAA, SOC 2, ISO 27001)
- *   - SIEM ingestion
- *   - operational dashboards
- *   - incident response
- *
- * Usage:
- * ```ts
- * import { AuditTrail } from 'pompelmi/audit';
- *
- * const audit = new AuditTrail({ dest: 'file', path: './audit.jsonl' });
- * audit.logScanComplete({ filename: 'upload.zip', verdict: 'suspicious', ... });
- * audit.logQuarantine({ entryId: '...', sha256: '...', ... });
- * ```
- *
- * @module audit
- */
-// ── AuditTrail ────────────────────────────────────────────────────────────────
-class AuditTrail {
-    constructor(options = {}) {
-        this.options = {
-            output: options.output ?? { dest: "console" },
-            pretty: options.pretty ?? false,
-        };
-    }
-    /** Log a completed scan. */
-    logScanComplete(report, extra) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: report.verdict !== "clean" ? "threat.detected" : "scan.complete",
-            verdict: report.verdict,
-            matchCount: report.matches?.length ?? 0,
-            durationMs: report.durationMs,
-            engine: report.engine,
-            mimeType: report.file?.mimeType,
-            ...extra,
-        };
-        void this.write(record);
-    }
-    /** Log a scan error. */
-    logScanError(error, extra) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: "scan.error",
-            verdict: "clean", // unknown at this point
-            matchCount: 0,
-            error: error instanceof Error ? error.message : String(error),
-            ...extra,
-        };
-        void this.write(record);
-    }
-    /** Log a new quarantine entry. */
-    logQuarantine(entry, correlationId) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: "quarantine.created",
-            quarantineId: entry.id,
-            filename: entry.file.originalName,
-            sha256: entry.file.sha256,
-            uploadedBy: entry.file.uploadedBy,
-            correlationId,
-        };
-        void this.write(record);
-    }
-    /** Log a quarantine resolution (promote or delete). */
-    logQuarantineResolved(entry, correlationId) {
-        const record = {
-            timestamp: new Date().toISOString(),
-            event: entry.status === "deleted" ? "quarantine.deleted" : "quarantine.resolved",
-            quarantineId: entry.id,
-            filename: entry.file.originalName,
-            sha256: entry.file.sha256,
-            decision: entry.status === "promoted" ? "promote" : "delete",
-            reviewedBy: entry.reviewedBy,
-            reviewNote: entry.reviewNote,
-            correlationId,
-        };
-        void this.write(record);
-    }
-    async write(record) {
-        const line = this.options.pretty ? JSON.stringify(record, null, 2) : JSON.stringify(record);
-        const { output } = this.options;
-        try {
-            if (output.dest === "console") {
-                process.stdout.write(line + "\n");
-            }
-            else if (output.dest === "file") {
-                // Append a newline-delimited JSON (NDJSON) record.
-                await fs.promises.appendFile(output.path, line + "\n", "utf8");
-            }
-            else if (output.dest === "custom") {
-                await output.write(record);
-            }
-        }
-        catch {
-            // Audit failures must never interrupt the upload pipeline.
-        }
-    }
-}
-export { AuditTrail };
-//# sourceMappingURL=pompelmi.audit.esm.js.map

package/dist/pompelmi.audit.esm.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"pompelmi.audit.esm.js","sources":["../../src/audit.ts"],"sourcesContent":["/**\n * Audit trail for Pompelmi scan and quarantine events.\n *\n * Produces structured, append-only audit records suitable for:\n * - compliance logging (HIPAA, SOC 2, ISO 27001)\n * - SIEM ingestion\n * - operational dashboards\n * - incident response\n *\n * Usage:\n * ```ts\n * import { AuditTrail } from 'pompelmi/audit';\n *\n * const audit = new AuditTrail({ dest: 'file', path: './audit.jsonl' });\n * audit.logScanComplete({ filename: 'upload.zip', verdict: 'suspicious', ... });\n * audit.logQuarantine({ entryId: '...', sha256: '...', ... });\n * ```\n *\n * @module audit\n */\n\nimport * as fs from \"fs\";\nimport type { QuarantineEntry } from \"./quarantine/types\";\nimport type { ScanReport } from \"./types\";\n\n// ── Record types ──────────────────────────────────────────────────────────────\n\nexport type AuditEventType =\n | \"scan.complete\"\n | \"scan.error\"\n | \"threat.detected\"\n | \"quarantine.created\"\n | \"quarantine.resolved\"\n | \"quarantine.deleted\";\n\ninterface BaseAuditRecord {\n /** ISO-8601 timestamp. */\n timestamp: string;\n /** Event type for structured log routing. */\n event: AuditEventType;\n /** Application-assigned session or request id for correlation. */\n correlationId?: string;\n /** Uploader identity. */\n uploadedBy?: string;\n}\n\nexport interface ScanAuditRecord extends BaseAuditRecord {\n event: \"scan.complete\" | \"scan.error\" | \"threat.detected\";\n filename?: string;\n mimeType?: string;\n sizeBytes?: number;\n sha256?: string;\n verdict: ScanReport[\"verdict\"];\n matchCount: number;\n durationMs?: number;\n engine?: string;\n error?: string;\n}\n\nexport interface QuarantineAuditRecord extends BaseAuditRecord {\n event: \"quarantine.created\" | \"quarantine.resolved\" | \"quarantine.deleted\";\n quarantineId: string;\n filename?: string;\n sha256: string;\n decision?: \"promote\" | \"delete\";\n reviewedBy?: string;\n reviewNote?: string;\n}\n\nexport type AuditRecord = ScanAuditRecord | QuarantineAuditRecord;\n\n// ── Destination ───────────────────────────────────────────────────────────────\n\nexport type AuditDest =\n | { dest: \"console\" }\n | { dest: \"file\"; path: string }\n | { dest: \"custom\"; write: (record: AuditRecord) => void | Promise<void> };\n\nexport interface AuditTrailOptions {\n /** Where to write audit records. Default: 'console'. */\n output?: AuditDest;\n /** If true, pretty-print JSON. Useful for debugging. Default: false. */\n pretty?: boolean;\n}\n\n// ── AuditTrail ────────────────────────────────────────────────────────────────\n\nexport class AuditTrail {\n private readonly options: Required<AuditTrailOptions>;\n\n constructor(options: AuditTrailOptions = {}) {\n this.options = {\n output: options.output ?? { dest: \"console\" },\n pretty: options.pretty ?? false,\n };\n }\n\n /** Log a completed scan. */\n logScanComplete(\n report: ScanReport,\n extra?: Pick<\n ScanAuditRecord,\n \"filename\" | \"sizeBytes\" | \"sha256\" | \"correlationId\" | \"uploadedBy\"\n >,\n ): void {\n const record: ScanAuditRecord = {\n timestamp: new Date().toISOString(),\n event: report.verdict !== \"clean\" ? \"threat.detected\" : \"scan.complete\",\n verdict: report.verdict,\n matchCount: report.matches?.length ?? 0,\n durationMs: report.durationMs,\n engine: report.engine,\n mimeType: report.file?.mimeType,\n ...extra,\n };\n void this.write(record);\n }\n\n /** Log a scan error. */\n logScanError(\n error: unknown,\n extra?: Pick<ScanAuditRecord, \"filename\" | \"correlationId\" | \"uploadedBy\">,\n ): void {\n const record: ScanAuditRecord = {\n timestamp: new Date().toISOString(),\n event: \"scan.error\",\n verdict: \"clean\", // unknown at this point\n matchCount: 0,\n error: error instanceof Error ? error.message : String(error),\n ...extra,\n };\n void this.write(record);\n }\n\n /** Log a new quarantine entry. */\n logQuarantine(entry: QuarantineEntry, correlationId?: string): void {\n const record: QuarantineAuditRecord = {\n timestamp: new Date().toISOString(),\n event: \"quarantine.created\",\n quarantineId: entry.id,\n filename: entry.file.originalName,\n sha256: entry.file.sha256,\n uploadedBy: entry.file.uploadedBy,\n correlationId,\n };\n void this.write(record);\n }\n\n /** Log a quarantine resolution (promote or delete). */\n logQuarantineResolved(entry: QuarantineEntry, correlationId?: string): void {\n const record: QuarantineAuditRecord = {\n timestamp: new Date().toISOString(),\n event: entry.status === \"deleted\" ? \"quarantine.deleted\" : \"quarantine.resolved\",\n quarantineId: entry.id,\n filename: entry.file.originalName,\n sha256: entry.file.sha256,\n decision: entry.status === \"promoted\" ? \"promote\" : \"delete\",\n reviewedBy: entry.reviewedBy,\n reviewNote: entry.reviewNote,\n correlationId,\n };\n void this.write(record);\n }\n\n private async write(record: AuditRecord): Promise<void> {\n const line = this.options.pretty ? JSON.stringify(record, null, 2) : JSON.stringify(record);\n\n const { output } = this.options;\n\n try {\n if (output.dest === \"console\") {\n process.stdout.write(line + \"\\n\");\n } else if (output.dest === \"file\") {\n // Append a newline-delimited JSON (NDJSON) record.\n await fs.promises.appendFile(output.path, line + \"\\n\", \"utf8\");\n } else if (output.dest === \"custom\") {\n await output.write(record);\n }\n } catch {\n // Audit failures must never interrupt the upload pipeline.\n }\n }\n}\n"],"names":[],"mappings":";;AAAA;;;;;;;;;;;;;;;;;;;AAmBG;AAkEH;MAEa,UAAU,CAAA;AAGrB,IAAA,WAAA,CAAY,UAA6B,EAAE,EAAA;QACzC,IAAI,CAAC,OAAO,GAAG;YACb,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE;AAC7C,YAAA,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;SAChC;IACH;;IAGA,eAAe,CACb,MAAkB,EAClB,KAGC,EAAA;AAED,QAAA,MAAM,MAAM,GAAoB;AAC9B,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,MAAM,CAAC,OAAO,KAAK,OAAO,GAAG,iBAAiB,GAAG,eAAe;YACvE,OAAO,EAAE,MAAM,CAAC,OAAO;AACvB,YAAA,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;YACvC,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,MAAM,EAAE,MAAM,CAAC,MAAM;AACrB,YAAA,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,QAAQ;AAC/B,YAAA,GAAG,KAAK;SACT;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;;IAGA,YAAY,CACV,KAAc,EACd,KAA0E,EAAA;AAE1E,QAAA,MAAM,MAAM,GAAoB;AAC9B,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,YAAY;YACnB,OAAO,EAAE,OAAO;AAChB,YAAA,UAAU,EAAE,CAAC;AACb,YAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC7D,YAAA,GAAG,KAAK;SACT;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;;IAGA,aAAa,CAAC,KAAsB,EAAE,aAAsB,EAAA;AAC1D,QAAA,MAAM,MAAM,GAA0B;AACpC,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,oBAAoB;YAC3B,YAAY,EAAE,KAAK,CAAC,EAAE;AACtB,YAAA,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY;AACjC,YAAA,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM;AACzB,YAAA,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,UAAU;YACjC,aAAa;SACd;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;;IAGA,qBAAqB,CAAC,KAAsB,EAAE,aAAsB,EAAA;AAClE,QAAA,MAAM,MAAM,GAA0B;AACpC,YAAA,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;AACnC,YAAA,KAAK,EAAE,KAAK,CAAC,MAAM,KAAK,SAAS,GAAG,oBAAoB,GAAG,qBAAqB;YAChF,YAAY,EAAE,KAAK,CAAC,EAAE;AACtB,YAAA,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY;AACjC,YAAA,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM;AACzB,YAAA,QAAQ,EAAE,KAAK,CAAC,MAAM,KAAK,UAAU,GAAG,SAAS,GAAG,QAAQ;YAC5D,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,aAAa;SACd;AACD,QAAA,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IACzB;IAEQ,MAAM,KAAK,CAAC,MAAmB,EAAA;AACrC,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;AAE3F,QAAA,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO;AAE/B,QAAA,IAAI;AACF,YAAA,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE;gBAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC;YACnC;AAAO,iBAAA,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE;;AAEjC,gBAAA,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,EAAE,MAAM,CAAC;YAChE;AAAO,iBAAA,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE;AACnC,gBAAA,MAAM,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC;YAC5B;QACF;AAAE,QAAA,MAAM;;QAER;IACF;AACD;;;;"}