Skip to content
povimd9 edited this page May 14, 2023 · 13 revisions

Introduction

Welcome

FileChampion4j is a Java library for validating and processing files. It can be used to check files for a variety of properties, including mime type, magic bytes, header signatures, footer signatures, maximum size, and more. The library can also execute extension plugins that are defined for the file type.

Benefits of using FileChampion4j

  • Easy to use: FileChampion4j is easy to use and can be integrated into any Java project.
  • Flexible: FileChampion4j can be used to validate and process any structured file.
  • Powerful: FileChampion4j can be used to check files for a variety of properties.
  • Secure: FileChampion4j makes use of a minimal amount of 3rd party libraries for easy upgrades and maintenance.

Who is FileChampion4j for?

FileChampion4j is for developers and security engineers who need to validate and process files. It is a valuable tool for protecting your system from malicious files and ensuring that files are of the correct type and size.

FileChampion4j Roadmap

  • v0.9.0 - Done
    • Complete file validations
    • Complete ACL related tasks
    • Reduce cognitive complexity
    • Design plugins support and structure
  • v0.9.8 - Done
    • Add plugin loading class
    • Define injections/extractions
    • Add CLI plugin support
    • Add documentations
    • v0.9.8.2 - Done
      • Add option to call file validation with file path
      • Add option to call file validation with MIME string extracted from request/content
      • Add option for 'fail fast' so first failed test returns results
      • Support concurrent checksum calculation for large files
      • Add option to disable checksum calculation for specific files
      • Improve code readability
    • v0.9.8.3 - Done
      • Add support of multiple checksum hashing algorithms
      • Add support of injekting multiple algorithms checksum values into plugin
      • Update resources to latest version
  • v0.9.9 - In Progress
    • Add secure credentials load/inject
    • Add http plugin support
    • Modify logger methods to actively remove credential values if returned in stacks
    • Publish to Maven Central
  • v1.0.0 - Planning
    • Allow json definitions of sensitive data patterns to be removed from messages/logs
    • Define and prioritize file sanitization helper plugins

Contributing

If you would like to contribute to the development of FileChampion4j, you can do so by submitting bug reports, feature requests, and pull requests. Contact the team via email for any other intentions.

Contribution standards are still work-in-progress, but here are some resources to get you started:

  • Project Wiki - Starting point to understand project goals, releases, roadmap, usage, and more.
  • Security Standard - Security policy of the project - contributors dedicated section coming soon
  • Code of Conduct - Project expected code of conduct
  • Technical Stack - Doxygen/Graphviz/plantuml generated comprehensive documentation of library code
  • Discussions Board - Where we can discuss anything relevant to the project

High Level Flow

FileChampion4j-0.9.8.1

Contact

If you have any questions or feedback about FileChampion4j, you can contact the project team by email as [email protected] or through the project's issues.