ยซ Changelog History


pompelmi v1.20.0 Release Notes

Release Date: 2026-05-15 // about 1 month ago

  • โž• Added

    • ๐Ÿ‘ท Star prompt printed to stderr on first import (skipped in CI and non-TTY environments), with a ~/.pompelmi/.starred marker so it shows only once.
    • ๐Ÿ–จ scripts/postinstall.js โ€” prints a GitHub star nudge to stdout after npm install in interactive terminals.

    ๐Ÿ”„ Changed

    • ๐Ÿ“ฆ package.json โ€” added postinstall script pointing to scripts/postinstall.js; bumped version to 1.20.0.

Previous changes from v1.19.0

  • Title:

    v1.19.0 โ€” Scan Cache, Policies, Multi-Engine, Directory Streaming

    Body:

    ## What's New### SHA256 Scan CacheSkip rescanning files that have already been verified.
Cache results in memory or on disk with configurable TTL and LRU eviction.```jsconst{createCache}=require('pompelmi')constcache=createCache({ ttl:3600000, maxSize:1000})constresult=awaitcache.scan(filePath, options)// Second call with same file content: instant, no clamd roundtripcache.stats()// { hits: 42, misses: 8, size: 50, hitRate: 0.84 }

    File-based persistence across restarts:

    constcache=createCache({storage:'file',filePath:'./.pompelmi-cache.json',ttl:86400000})

    Scan Policies

    ๐Ÿ”’ Define all upload security rules in one place โ€” size, MIME type,
    extension, and virus scanning โ€” and apply them with a single call.

    const{createPolicy}=require('pompelmi')constpolicy=createPolicy({scan:{host:'localhost',port:3310},maxSize:10\*1024\*1024,allowedMimeTypes:['image/jpeg','image/png','application/pdf'],allowedExtensions:['.jpg','.jpeg','.png','.pdf'],rejectEncrypted:true,onScannerUnavailable:'reject'})constresult=awaitpolicy.check(buffer,{filename:'upload.pdf',mimeType:'application/pdf',size:buffer.length})// { allowed: true, reason: null, verdict: Verdict.Clean }// Express middlewareapp.post('/upload',upload.single('file'),policy.middleware(),handler)

    Multi-Engine Scanning

    Combine ClamAV with VirusTotal for higher confidence results.

    const{createMultiEngine}=require('pompelmi')constscanner=createMultiEngine({engines:[{type:'clamav',host:'localhost',port:3310},{type:'virustotal',apiKey:process.env.VIRUSTOTAL\_API\_KEY}],consensus:'any'})constresult=awaitscanner.scanBuffer(buffer)// {// verdict: Verdict.Malicious,// engines: [// { name: 'clamav', verdict: Verdict.Malicious, virus: 'Win.Malware.Agent' },// { name: 'virustotal', verdict: Verdict.Clean, detections: 0 }//]// }

    Consensus modes: any (strict) ยท all (lenient) ยท majority

    Directory Streaming with Progress Events

    Scan large directories with real-time progress via async iteration:

    forawait(consteventofscanDirectory.stream('/uploads',options)){if(event.type==='progress'){console.log(`${event.scanned}/${event.total} โ€” ${event.file}`)}if(event.type==='result'){console.log(event.file,event.verdict)}if(event.type==='complete'){console.log('Done:',event.summary)}}

    ๐Ÿ”„ Changes

    • src/ScanCache.js โ€” SHA256 cache with TTL, LRU, memory and file storage
    • ๐Ÿ”’ src/Policy.js โ€” unified upload security policy
    • src/MultiEngine.js โ€” multi-engine scanning with consensus modes
    • src/DirectoryScanner.js โ€” streaming async iterator with progress events
    • src/index.js โ€” exports createCache, createPolicy, createMultiEngine
    • types/index.d.ts โ€” full type declarations for all new exports
    • ๐Ÿ“„ docs/cache.html โ€” cache API reference
    • ๐Ÿ“„ docs/policy.html โ€” policy API reference
    • ๐Ÿ“„ docs/multi-engine.html โ€” multi-engine guide
    • โšก๏ธ docs/*.html โ€” navbar updated

    Full Changelog

    v1.18.0...v1.19.0