Pompelmi

v1.20.0 Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 19d Vulnerability Scanning

✓ No known CVEs patched

✓ No known CVEs patched in this version

Topics

antivirus clamav clamscan docker express file-scanner

+8 more

malware nodejs npm security typescript upload-file virus virus-scan

Summary

AI summary

Added star prompt on first import and post‑install GitHub star nudge.

Type	Severity	Summary	CVE
Feature	Medium	Star prompt printed to stderr on first import, with ~/.pompelmi/.starred marker. Star prompt printed to stderr on first import, with ~/.pompelmi/.starred marker. Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	`scripts/postinstall.js` prints GitHub star nudge after `npm install` in interactive terminals. `scripts/postinstall.js` prints GitHub star nudge after `npm install` in interactive terminals. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	`package.json` added postinstall script pointing to scripts/postinstall.js; bumped version to 1.20.0. `package.json` added postinstall script pointing to scripts/postinstall.js; bumped version to 1.20.0. Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

Star prompt printed to stderr on first import (skipped in CI and non-TTY environments), with a ~/.pompelmi/.starred marker so it shows only once.
scripts/postinstall.js — prints a GitHub star nudge to stdout after npm install in interactive terminals.

package.json — added postinstall script pointing to scripts/postinstall.js; bumped version to 1.20.0.

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Track Pompelmi

Get notified when new releases ship.

About Pompelmi

Open-source file upload security for Node.js. Scan files before storage to detect malware, MIME spoofing, and risky archives.