npm - pompelmi - Versions diffs - 1.7.0 → 1.8.0 - Mend

pompelmi 1.7.0 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/BADGE.md ADDED Viewed

@@ -0,0 +1,29 @@
+# Scanned by pompelmi — Badge
+Add this badge to your repository's `README.md` to show that your file uploads are scanned with pompelmi.
+## Markdown
+```markdown
+[![Scanned by pompelmi](https://img.shields.io/badge/scanned%20by-pompelmi-orange?logo=github)](https://github.com/pompelmi/pompelmi)
+```
+## HTML
+```html
+<a href="https://github.com/pompelmi/pompelmi">
+  <img src="https://img.shields.io/badge/scanned%20by-pompelmi-orange?logo=github" alt="Scanned by pompelmi">
+</a>
+```
+## RST (reStructuredText)
+```rst
+.. image:: https://img.shields.io/badge/scanned%20by-pompelmi-orange?logo=github
+   :target: https://github.com/pompelmi/pompelmi
+   :alt: Scanned by pompelmi
+```
+## Preview
+[![Scanned by pompelmi](https://img.shields.io/badge/scanned%20by-pompelmi-orange?logo=github)](https://github.com/pompelmi/pompelmi)

package/README.md CHANGED Viewed

@@ -15,6 +15,7 @@
   <img src="https://img.shields.io/badge/license-ISC-blue" alt="license">
   <a href="https://github.com/pompelmi/pompelmi/actions/workflows/ci.yml"><img src="https://github.com/pompelmi/pompelmi/actions/workflows/ci.yml/badge.svg" alt="CI"></a>
   <a href="https://github.com/pompelmi/pompelmi/actions/workflows/release.yml"><img src="https://github.com/pompelmi/pompelmi/actions/workflows/release.yml/badge.svg" alt="npm publish"></a>
+  <a href="https://github.com/pompelmi/pompelmi"><img src="https://img.shields.io/badge/scanned%20by-pompelmi-orange?logo=github" alt="Scanned by pompelmi"></a>
 </p>
 ---

package/action/Dockerfile CHANGED Viewed

@@ -1,24 +1,18 @@
 FROM node:20-slim
-ENV DEBIAN_FRONTEND=noninteractive
 RUN apt-get update && \
-    apt-get install -y --no-install-recommends \
-        clamav \
-        clamav-freshclam \
-    && rm -rf /var/lib/apt/lists/* \
-    && sed -i 's/^Example/#Example/' /etc/clamav/freshclam.conf \
-    && mkdir -p /var/lib/clamav /run/clamav
+    apt-get install -y --no-install-recommends clamav clamav-freshclam && \
+    rm -rf /var/lib/apt/lists/* && \
+    sed -i 's/^Example/#Example/' /etc/clamav/freshclam.conf && \
+    mkdir -p /var/lib/clamav /run/clamav
 WORKDIR /action
-# Bundle the pompelmi library from this repository
-COPY src/ ./src/
-COPY package.json ./
+RUN npm install pompelmi
+COPY entrypoint.sh ./entrypoint.sh
+COPY scanner.js ./scanner.js
-# Action scripts
-COPY action/entrypoint.sh ./entrypoint.sh
-COPY action/scanner.js    ./scanner.js
 RUN chmod +x ./entrypoint.sh
 ENTRYPOINT ["/action/entrypoint.sh"]

package/action/package.json ADDED Viewed

@@ -0,0 +1,11 @@
+{
+  "name": "pompelmi-action",
+  "version": "1.8.0",
+  "private": true,
+  "description": "GitHub Action entrypoint for pompelmi ClamAV scanner",
+  "main": "scanner.js",
+  "scripts": {},
+  "dependencies": {
+    "@actions/artifact": "^2.1.11"
+  }
+}

package/action/scanner.js CHANGED Viewed

@@ -2,11 +2,82 @@
 const fs   = require('fs');
 const path = require('path');
-const { scan, scanDirectory, Verdict } = require('./src/index.js');
+const { scan, scanDirectory, Verdict } = require('pompelmi');
 const scanPath    = process.argv[2] || '.';
 const failOnVirus = process.argv[3] !== 'false';
+async function writeReport(clean, malicious, errors, outputDir) {
+    const total  = clean.length + malicious.length + errors.length;
+    const status = malicious.length > 0 ? 'infected' : 'clean';
+    const rows = [
+        ...clean.map(f => ({ file: f, status: 'clean', verdict: 'Clean' })),
+        ...malicious.map(f => ({ file: f, status: 'infected', verdict: 'Malicious' })),
+        ...errors.map(f => ({ file: f, status: 'error', verdict: 'ScanError' })),
+    ];
+    const json = JSON.stringify({ status, total, clean: clean.length, malicious: malicious.length, errors: errors.length, files: rows }, null, 2);
+    fs.writeFileSync(path.join(outputDir, 'report.json'), json);
+    const tableRows = rows.map(r => {
+        const color = r.status === 'clean' ? '#22c55e' : r.status === 'infected' ? '#ef4444' : '#f59e0b';
+        return `<tr><td>${escHtml(r.file)}</td><td style="color:${color};font-weight:bold">${r.verdict}</td></tr>`;
+    }).join('\n');
+    const html = `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<title>Pompelmi Scan Report</title>
+<style>
+  body { font-family: sans-serif; max-width: 900px; margin: 40px auto; padding: 0 20px; }
+  h1 { font-size: 1.5rem; }
+  .summary { display: flex; gap: 24px; margin: 16px 0; }
+  .stat { background: #f1f5f9; border-radius: 8px; padding: 12px 20px; text-align: center; }
+  .stat span { display: block; font-size: 1.8rem; font-weight: bold; }
+  table { width: 100%; border-collapse: collapse; margin-top: 24px; }
+  th { background: #0f172a; color: #fff; text-align: left; padding: 8px 12px; }
+  td { padding: 8px 12px; border-bottom: 1px solid #e2e8f0; word-break: break-all; }
+  tr:hover td { background: #f8fafc; }
+</style>
+</head>
+<body>
+<h1>${status === 'clean' ? '✅' : '❌'} Pompelmi Scan Report</h1>
+<div class="summary">
+  <div class="stat"><span>${total}</span>Total</div>
+  <div class="stat"><span style="color:#22c55e">${clean.length}</span>Clean</div>
+  <div class="stat"><span style="color:#ef4444">${malicious.length}</span>Infected</div>
+  <div class="stat"><span style="color:#f59e0b">${errors.length}</span>Errors</div>
+</div>
+<table>
+<thead><tr><th>File</th><th>Verdict</th></tr></thead>
+<tbody>
+${tableRows}
+</tbody>
+</table>
+</body>
+</html>`;
+    fs.writeFileSync(path.join(outputDir, 'report.html'), html);
+    return { jsonPath: path.join(outputDir, 'report.json'), htmlPath: path.join(outputDir, 'report.html') };
+}
+function escHtml(s) {
+    return s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+}
+async function uploadArtifact(jsonPath, htmlPath) {
+    try {
+        const { DefaultArtifactClient } = require('@actions/artifact');
+        const client = new DefaultArtifactClient();
+        await client.uploadArtifact('pompelmi-scan-report', [jsonPath, htmlPath], path.dirname(jsonPath));
+        console.log('Scan report artifact uploaded: pompelmi-scan-report');
+    } catch (err) {
+        console.warn(`Could not upload artifact (not running in Actions?): ${err.message}`);
+    }
+}
 async function main() {
     const resolved = path.resolve(scanPath);
@@ -66,6 +137,11 @@ async function main() {
         fs.appendFileSync(summaryFile, rows.join('\n') + '\n');
     }
+    // --- Report artifact ---
+    const reportDir = process.env.RUNNER_TEMP || '/tmp';
+    const { jsonPath, htmlPath } = await writeReport(clean, malicious, errors, reportDir);
+    await uploadArtifact(jsonPath, htmlPath);
     // --- Console ---
     console.log(`\nScan complete — ${total} file(s) scanned`);
     console.log(`  Clean:    ${clean.length}`);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pompelmi",
-  "version": "1.7.0",
+  "version": "1.8.0",
   "description": "ClamAV for humans — scan any file and get back Clean, Malicious, or ScanError. No daemons. No cloud. No native bindings.",
   "license": "ISC",
   "author": "pompelmi contributors",

package/src/index.js CHANGED Viewed

@@ -1,4 +1,5 @@
 const { scan, scanBuffer, scanStream, scanDirectory } = require('./ClamAVScanner.js');
 const { Verdict }                                     = require('./verdicts.js');
+const { middleware }                                  = require('./middleware.js');
-module.exports = { scan, scanBuffer, scanStream, scanDirectory, Verdict };
+module.exports = { scan, scanBuffer, scanStream, scanDirectory, Verdict, middleware };

package/src/middleware.js ADDED Viewed

@@ -0,0 +1,36 @@
+'use strict';
+const { scanBuffer, Verdict } = require('./ClamAVScanner.js');
+function middleware(opts = {}) {
+    const field = opts.uploadField || 'file';
+    return async function pompelmiMiddleware(req, res, next) {
+        let buffers = [];
+        if (req.file) {
+            buffers = [req.file.buffer];
+        } else if (req.files) {
+            const files = Array.isArray(req.files)
+                ? req.files
+                : (req.files[field] || Object.values(req.files).flat());
+            buffers = files.map(f => f.buffer).filter(Boolean);
+        }
+        if (buffers.length === 0) return next();
+        try {
+            for (const buf of buffers) {
+                const verdict = await scanBuffer(buf, opts);
+                if (verdict === Verdict.Malicious) {
+                    return res.status(403).json({ error: 'Malicious file detected' });
+                }
+            }
+            next();
+        } catch (err) {
+            next(err);
+        }
+    };
+}
+module.exports = { middleware };

package/pr_info.tmp DELETED Viewed

	@@ -1,2 +0,0 @@
1	- {"branch":null,"number":null,"url":null}
2	- EOF