feat: add pompelmi to Security section #961
Conversation
Adding pompelmi, a malware scanner for Node.js.
There was a problem hiding this comment.
Pull request overview
This PR adds pompelmi, a malware scanner for Node.js file uploads, to the Security section of the awesome-javascript list. The addition expands the security tooling coverage beyond XSS sanitizers to include file upload protection.
- Adds pompelmi library to the Security section
- Follows the repository's contribution guidelines by placing the entry at the end of its section
- Provides a clear, concise description consistent with other entries
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
gokaygurcan
left a comment
gokaygurcan
left a comment
There was a problem hiding this comment.
Interesting.
Developer using pompelmi in production
|
How did the copilot get involved? Why the PR template is broken? I have so many questions. |
|
Haha, sorry for the confusion 😅 Copilot got involved because I clicked the “AI review” button on my fork before opening the PR. When I opened the PR here, GitHub automatically attached that Copilot review and its “PR overview” comment. The PR template looks a bit broken because I edited the description a couple of times and Copilot also injected its own summary block. The actual change is just the single line in the Security section, and the checklist at the bottom is from your contributing guidelines. If you’d like, I can clean up the PR description or open a fresh PR so it looks more “normal” on your side. |
|
Thanks for the review! 🙌 |
|
No, no worries, it's all fine. Just getting used to seeing all kinds of AI tools messing up with everything in the way they see fit and it's confusing. Give it a year or two, it'll all be fine. Thanks for suggesting a cleanup tho. Let's get this in. Thanks again for the contribution. |
|
Thanks! |
2 participants
pompelmi is a fast, open-source malware scanner for Node.js that runs entirely locally without third-party cloud dependencies. It is private by design (perfect for GDPR/HIPAA compliance) and includes deep ZIP inspection (anti-zip-bomb), optional YARA rule integration, and drop-in adapters for Express, Koa, and Next.js.
I am adding this to the Security section as it provides a lightweight, zero-dependency alternative for secure file uploads in JavaScript environments.
Total stars now: 391
Link repo: https://github.com/pompelmi/pompelmi/
Link docs https://pompelmi.github.io/pompelmi/
Checklist:
I've read and understood Contributing Guidelines.
I've added the new resource at the end of its section.
This resource is out there for a while, and actively maintained.
This resource is popular enough and has at least a few hundred stars on GitHub.