@SonoTommy

Tommaso Bertocchi

@SonoTommy

Joined February 2026

About

Nothing here yet.

Available for

Nothing here yet.

Tommaso Bertocchi's blogs

SonoTommysonotommy.hashnode.dev7 posts

pompelmipompelmi.hashnode.dev2 posts

Articles Threads Comments

Recently published

TBTommaso Bertocchisonotommy.hashnode.dev

Add Virus Scanning to Your Node.js App in 5 Minutes

3d ago · 5 min read · https://giphy.com/gifs/siliconvalleyhbo-silicon-valley-hbo-l0HlNQ03J5JxX6lva File uploads are everywhere. Profile pictures, PDF invoices, CSV imports, document management systems. Every one of them i

Join discussion

TBTommaso Bertocchisonotommy.hashnode.dev

How We Built Framework Plugins for an npm Library

4d ago · 7 min read · pompelmi started as a single function. scan(filePath) — that was the entire API. Nine months later it ships with dedicated plugins for NestJS, Fastify, Next.js, and Hono. Here's how we approached buil

Join discussion

TBTommaso Bertocchisonotommy.hashnode.dev

Stop Accepting Dangerous File Uploads. Here's How to Fix It in Node.js.

5d ago · 4 min read · Someone is uploading malware to your app right now. Not maybe. Not eventually. File uploads are one of the top attack vectors in web applications, and most Node.js tutorials show you how to accept t

Join discussion

TBTommaso Bertocchisonotommy.hashnode.dev

Your File Uploads Are a Security Nightmare. Here's the Fix.

6d ago · 4 min read · Every day, developers ship upload endpoints that accept literally anything. PDFs that are actually executables. ZIPs containing ransomware. Images with embedded scripts. Most apps have zero protection

Join discussion

TBTommaso Bertocchisonotommy.hashnode.dev

How to Grow an Open Source Project in 2026

May 2 · 5 min read · Nine months ago I published the first version of pompelmi — a zero-dependency ClamAV virus scanner for Node.js. No audience, no followers, no budget. Today it has 600+ GitHub stars, is listed in Nod

Join discussion

Tommaso Bertocchi

About

Available for

Tommaso Bertocchi's blogs

Recently published

Add Virus Scanning to Your Node.js App in 5 Minutes

How We Built Framework Plugins for an npm Library

Stop Accepting Dangerous File Uploads. Here's How to Fix It in Node.js.

Your File Uploads Are a Security Nightmare. Here's the Fix.

How to Grow an Open Source Project in 2026

Search Hashnode

Tommaso Bertocchi

About

Available for

Tommaso Bertocchi's blogs

Recently published

Add Virus Scanning to Your Node.js App in 5 Minutes

How We Built Framework Plugins for an npm Library

Stop Accepting Dangerous File Uploads. Here's How to Fix It in Node.js.

Your File Uploads Are a Security Nightmare. Here's the Fix.

How to Grow an Open Source Project in 2026