Skip to content

Pompelmi

v1.14.0 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 28d Vulnerability Scanning
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

antivirus clamav clamscan docker express file-scanner
+8 more
malware nodejs npm security typescript upload-file virus virus-scan

Summary

AI summary

Added HTML security dashboard, SVG share card, CLI reporting flags, Next.js integration package, GitHub App configuration, and updated documentation.

Full changelog

Added

  • HTML security dashboardgenerateDashboard(scanResults, options) generates a self-contained HTML report with summary stats, colour-coded status banner, file table with verdict badges, infected files section, scan metadata, dark mode via prefers-color-scheme, and print-friendly CSS. No external dependencies.
  • SVG share cardgenerateShareCard(scanResults, options) generates a 560 × 200 px SVG card showing the scan summary. Suitable for embedding in READMEs or sharing on social media. Green theme for clean scans, red for infected.
  • CLI --report flagpompelmi scan ./uploads --report saves pompelmi-report.html after scanning. Use --output <path> to customise the filename.
  • CLI --share-card flagpompelmi scan ./uploads --share-card saves pompelmi-scan-card.svg after scanning. Use --output <path> to customise the filename.
  • @pompelmi/nextjs — new package providing withPompelmi(handler, options) (App Router / Next.js 13+) and withPompelmiHandler(handler, options) (Pages Router). Scans the raw request body before the handler runs; returns HTTP 400 on malicious files. Full TypeScript declarations included.
  • GitHub App configuration.github/app.yml describes the pompelmi GitHub App that organizations can install for zero-config virus scanning on every pull request. Posts native check runs with pass/fail status and inline diff annotations for infected files.
  • docs/dashboard.html — new documentation page covering generateDashboard, generateShareCard, CLI flags, options reference, and usage examples.
  • docs/github-app.html — new documentation page explaining the GitHub App, the Action vs App comparison table, installation steps, permissions, check run flow, and self-hosting instructions.
  • Navbar updated across all docs/ HTML pages to include Dashboard and GitHub App links.
  • docs/cli.html updated — added --report, --share-card, and --output to the options table and added dedicated #report and #share-card sections.
  • README.md updated — added HTML dashboard, SVG share card, and GitHub App to the Features list; added GitHub App callout under the GitHub Action section.

Changed

  • src/index.js — exports generateDashboard and generateShareCard alongside existing API.
  • types/index.d.ts — full TypeScript declarations for generateDashboard, DashboardOptions, generateShareCard, ShareCardOptions, and ScanRow.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Pompelmi

Get notified when new releases ship.

Sign up free

About Pompelmi

Open-source file upload security for Node.js. Scan files before storage to detect malware, MIME spoofing, and risky archives.

All releases →

Related context

Beta — feedback welcome: [email protected]