docs(ecosystem): add @pompelmi/fastify-plugin#6610
Conversation
## Summary Add `@pompelmi/fastify-plugin` to the Fastify community ecosystem list. ## What it does `@pompelmi/fastify-plugin` adds in-process upload scanning for Fastify: - MIME and magic-byte validation - ZIP bomb / archive abuse checks - size limits - optional YARA scanning Repo: https://github.com/pompelmi/pompelmi Package path: https://github.com/pompelmi/pompelmi/tree/main/packages/fastify-plugin Signed-off-by: Tommaso Bertocchi <148005572+SonoTommy@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Adds @pompelmi/fastify-plugin to the Fastify documentation’s community ecosystem list, making the in-process upload scanning plugin discoverable alongside other community tools.
Changes:
- Add a new Community Tools entry linking to
@pompelmi/fastify-plugin. - Document the plugin’s capabilities (MIME/magic-byte validation, ZIP bomb protection, size limits, optional YARA).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Tommaso Bertocchi <148005572+SonoTommy@users.noreply.github.com>
|
@copilot open a new pull request to apply changes based on the comments in this thread |
metcoder95
left a comment
There was a problem hiding this comment.
Thanks for the contribution!
Reviewing the plugin, I just have a couple of suggestions
- Just a small heads up for unnecessary promises, that can add some overhead (https://github.com/pompelmi/pompelmi/blob/6491e3f6cf7e39995e7637b1d250b677ab7db157/packages/fastify-plugin/src/index.ts#L110)
- The plugin seems to have a dependency on
fastify/multipart, i'd suggest to set that on yourpluginscope sofastifycan detect the dependency and act upon it
|
Thanks @metcoder95 for the review — I addressed both points in pompelmi.
I also kept createUploadGuard for compatibility and added tests for the updated behavior. |
metcoder95
left a comment
There was a problem hiding this comment.
lgtm, just lint seems failing
This commit fixes the failing "Lint Ecosystem Order" CI workflow. The `@pompelmi/fastify-plugin` entry has been moved to its strict alphabetical position in the Community section of `Ecosystem.md`, right between `@mgcrea/pino-pretty-compact` and `@pybot/fastify-autoload`. Signed-off-by: Tommaso Bertocchi <148005572+SonoTommy@users.noreply.github.com>
SonoTommy
left a comment
There was a problem hiding this comment.
@metcoder95 I've updated the file and moved the plugin to the correct alphabetical position. The Lint Ecosystem Order check is now passing and all CI jobs are green! ✅
Let me know if there's anything else needed for this PR. Thanks for your patience!
|
Hi, thanks again for the review and approval. Just following up here in case anything else is needed from my side for this PR. If not, happy to wait for maintainer merge whenever it fits your workflow. |
Summary
Add
@pompelmi/fastify-pluginto the Fastify community ecosystem list.What it does
@pompelmi/fastify-pluginadds in-process upload scanning for Fastify:Repo:
https://github.com/pompelmi/pompelmi
Package path:
https://github.com/pompelmi/pompelmi/tree/main/packages/fastify-plugin
Checklist
npm run test && npm run benchmark --if-presentand the Code of conduct