I built a private file upload scanner for Node.js

Most apps treat file uploads like a boring feature. A user picks a file, the backend saves it, and everyone moves on. But uploads are part of your attack surface. That’s why I built pompelmi : an open-source file upload scanner for Node.js that scans files before they touch disk , runs in-process , and keeps everything local . GitHub • Docs Why I made it A lot of upload pipelines still rely on very weak checks: file extension user-provided MIME type maybe a size limit maybe a scan later in the pipeline The problem is simple: by the time many systems inspect the file properly, it may already be saved, forwarded, or stored somewhere else. I wanted the opposite approach. I wanted scanning to happen early . Not in some remote API. Not in a separate daemon. Not after the risky part. Right where the upload enters the app. What pompelmi is pompelmi is a privacy-first file upload scanner for Node.js. It is designed for developers who want a cleaner default: scan locally block early keep file b

I built a private file upload scanner for Node.js

Related Articles

Things That Shocked Me in My First Month as a Developer

What Are We Actually Measuring?

Benchmarking lies: What Go’s benchmark tool isn’t telling you

PWP Unit 1 Lesson 2

The History of Workday

Related Articles

News
Things That Shocked Me in My First Month as a Developer
Medium Programming • 14h ago

News
What Are We Actually Measuring?
Dev.to • 14h ago

News
Benchmarking lies: What Go’s benchmark tool isn’t telling you
Medium Programming • 14h ago

News
PWP Unit 1 Lesson 2
Medium Programming • 15h ago

News
The History of Workday
Medium Programming • 16h ago