{"id":20840063,"url":"https://github.com/ackama/activestorage-clamav-analyzer","last_synced_at":"2025-05-08T21:44:58.485Z","repository":{"id":39976293,"uuid":"494310520","full_name":"ackama/activestorage-clamav-analyzer","owner":"ackama","description":"Performs anti-virus scans on ActiveStorage::Blob objects using ClamAV","archived":false,"fork":false,"pushed_at":"2025-03-11T19:30:06.000Z","size":70,"stargazers_count":2,"open_issues_count":1,"forks_count":0,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-04-13T12:17:54.820Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ackama.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-05-20T03:43:49.000Z","updated_at":"2025-03-11T19:30:09.000Z","dependencies_parsed_at":"2024-02-29T02:44:07.272Z","dependency_job_id":"de0b78d3-198e-4101-b1f0-448a65f02b18","html_url":"https://github.com/ackama/activestorage-clamav-analyzer","commit_stats":{"total_commits":13,"total_committers":2,"mean_commits":6.5,"dds":0.07692307692307687,"last_synced_commit":"d8f7274c55a8666c0d602672804929964c5c4f1f"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Factivestorage-clamav-analyzer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Factivestorage-clamav-analyzer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Factivestorage-clamav-analyzer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ackama%2Factivestorage-clamav-analyzer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ackama","download_url":"https://codeload.github.com/ackama/activestorage-clamav-analyzer/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253154259,"owners_count":21862489,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T01:15:09.327Z","updated_at":"2025-05-08T21:44:58.467Z","avatar_url":"https://github.com/ackama.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ActiveStorage::ClamAV::Analyzer\n\n[![Ruby](https://github.com/ackama/activestorage-clamav-analyzer/actions/workflows/ruby.yml/badge.svg)](https://github.com/ackama/activestorage-clamav-analyzer/actions/workflows/ruby.yml)\n\n[![Gem Version](https://badge.fury.io/rb/activestorage-clamav-analyzer.svg)](https://badge.fury.io/rb/activestorage-clamav-analyzer)\n\nThis gem packages an analyzer to perform ClamAV virus scans on uploaded ActiveStorage::Blob objects, adding the results of the scan to the blob metadata.\n\nThe actual analyzer is very simple, and can be found in `lib/active_storage/clamav/analyzer` if you would prefer to just drop this in `app/analyzers` in your codebase and prepend it to the analyzers list yourself.\n\n## Installing ClamAV\n\nEnsure you have ClamAV installed. This gem uses these commands, but does not\nset them up if they are missing. On your path you should have:\n\n- `clamav`\n- `clamscan`\n\nOn most platforms, you can install ClamAV with the package name:\n\n- Mac OS: `brew install clamav` (Further setup steps are necessary with Homebrewed ClamAV, see https://gist.github.com/mendozao/3ea393b91f23a813650baab9964425b9)\n- Debian/Ubuntu: `apt install clamav`\n\nThere are plenty of other installation methods and platforms available. More information about these is available on [ClamAV's website](https://docs.clamav.net/manual/Installing.html)\n\nYou can also run ClamAV scans in a Docker container. The [ClamAV documentation] has [an installation page](https://docs.clamav.net/manual/Installing/Docker.html) dedicated to this. While you will have to tune `ActiveStorage::ClamAV::Analyzer.command` for this, it should work with this gem.\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'activestorage-clamav-analyzer', require: \"active_storage/clamav/analyzer\"\n```\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install activestorage-clamav-analyzer\n\nThis gem will automatically add itself to the analyzer pipeline and run across any\nsupported image files. If you wish to control the precise analyzer order, you can\nmanipulate the `ActiveStorage.analyzers` array.\n\n## Usage\n\nThis gem automatically adds itself to the analysis pipeline, simply ensure that analysis is run on your uploaded files.\n\nTo manually analyze a particular blob, simply grab an attachment and pass the\nblob directly to the analyzer:\n\n```ruby\nActiveStorage::ClamAV::Analyzer.new(ActiveStorage::Attachment.first.blob).metadata\n =\u003e  {\n    \"analyzed\"=\u003etrue,\n    \"clamav\": {\n        \"detection\": true,\n        \"output\": \"test.txt: Eicar-Signature FOUND\\n\\n-------\" #...\n    }}\n```\n\n## Recipes\n\n#### Scan with ClamD\n\n`clamscan` is the default command, but starts up ClamAV from scratch each time it is run, which takes several seconds.\nUsing `clamd` is much faster, but requires you to have started `clamd` ahead of time.\n\nAn example of the speedups that are possible:\n\n- `clamscan README.md 9.68s user 0.36s system 96% cpu 10.400 total`\n- `clamdscan README.md 0.01s user 0.00s system 36% cpu 0.026 total`\n\nIf your infrastructure set up allows you to run `clamd`, you can adjust the command to use `clamdscan`, which will\nscan files in a fraction of the time:\n\n```ruby\n# config/initializers/active_storage.rb\nActiveStorage::ClamAV::Analyzer.command = \"clamdscan\"\n```\n\n#### Scan with a Docker container\n\nClamAV has comprehensive documentation on [how to scan files in a Docker container](https://docs.clamav.net/manual/Installing/Docker.html).\nIf you'd like to do this yourself using the ClamAV analyzer, that's no problem! You'll need to build a custom\ncommand to mount the blob's tempfile into your container to get the result. `ActiveStorage::ClamAV::Analyzer.command` accepts anything\nthat responds to `#call`, so you can customise your command:\n\n```ruby\n# config/initializers/active_storage.rb\n\nclamav_command = (tempfile) -\u003e { \"docker run --rm -v #{tempfile.path}:#{tempfile.path} clamav/clamav clamscan\" }\nActiveStorage::ClamAV::Analyzer.command = clamav_command\n```\n\n#### Report detections as an exception\n\nThe `on_detection` setting on `ActiveSupport::ClamAV::Analyzer` can be used to take some\naction when a detection occurs. Your application may not have a defined code path for virus\ndetections, but you still want to know when it happens. You can use `on_detection` for this\nto report detections to your exception monitoring tool of choice.\n\n```ruby\nActiveStorage::ClamAV::Analyzer.on_detection = lambda do |blob|\n  err = StandardError.new(\"Virus detected in ActiveStorage::Blob ##{blob.id}\")\n  ExceptionMonitoringService.capture_exception(err)\nend\n```\n\n#### Remove blobs that have a detection\n\nThis analyzer records detections, but by default takes no action. Destroying blobs from a library could surprise some\nusers, stops further analyzers and processing from running, and also would prevent any investigation of the blob, who uploaded it, and what the exact detection is.\n\nThe analyzer does however call a callable (Proc, lambda, etc) when a detection occurs, passing the blob - so it's very simple\nto remove the blob automatically when a detection occurs.\n\n```ruby\nActiveStorage::ClamAV::Analyzer.on_detection = (blob) -\u003e { blob.destroy }\n```\n\nYou can use the same technique to take some other action - perhaps quarantine the blob in some way (make it inactive), or\nadd it to a moderation or alert queue.\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `rake` to run the lint checks and tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/ackama/activestorage-clamav-analyzer.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fackama%2Factivestorage-clamav-analyzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fackama%2Factivestorage-clamav-analyzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fackama%2Factivestorage-clamav-analyzer/lists"}