Add uvx support

Add uvx as a supported package manager so that `uvx` commands are routed through safe-chain's MITM proxy for malware detection, just like `uv`. Previously, `uvx` bypassed all safe-chain protections. The uvx package manager reuses the existing uv command runner since uvx is functionally equivalent to `uv tool run`. Fixes #268 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-26 12:10:49 +00:00 · 2026-03-17 17:12:42 -04:00 · 2026-03-17 17:12:42 -04:00 · 14c8abffea
commit 14c8abffea
parent 83f9f378f6
12 changed files with 82 additions and 9 deletions
--- a/packages/safe-chain/bin/aikido-uvx.js
+++ b/packages/safe-chain/bin/aikido-uvx.js
@ -0,0 +1,16 @@
+#!/usr/bin/env node
+
+import { main } from "../src/main.js";
+import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
+import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
+
+// Set eco system
+setEcoSystem(ECOSYSTEM_PY);
+
+initializePackageManager("uvx");
+
+(async () => {
+  // Pass through only user-supplied uvx args
+  var exitCode = await main(process.argv.slice(2));
+  process.exit(exitCode);
+})();
--- a/packages/safe-chain/package.json
+++ b/packages/safe-chain/package.json
@ -16,6 +16,7 @@
    "aikido-bun": "bin/aikido-bun.js",
    "aikido-bunx": "bin/aikido-bunx.js",
    "aikido-uv": "bin/aikido-uv.js",
+    "aikido-uvx": "bin/aikido-uvx.js",
    "aikido-pip": "bin/aikido-pip.js",
    "aikido-pip3": "bin/aikido-pip3.js",
    "aikido-python": "bin/aikido-python.js",
@ -36,7 +37,7 @@
  "keywords": [],
  "author": "Aikido Security",
  "license": "AGPL-3.0-or-later",
-  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), and [pip](https://pip.pypa.io/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, bunx, uv, or pip/pip3 from downloading or running the malware.",
+  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), and [pip](https://pip.pypa.io/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, bunx, uv, uvx, or pip/pip3 from downloading or running the malware.",
  "dependencies": {
    "certifi": "14.5.15",
    "chalk": "5.4.1",
--- a/packages/safe-chain/src/packagemanager/currentPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/currentPackageManager.js
@ -13,6 +13,7 @@ import { createPipPackageManager } from "./pip/createPackageManager.js";
 import { createUvPackageManager } from "./uv/createUvPackageManager.js";
 import { createPoetryPackageManager } from "./poetry/createPoetryPackageManager.js";
 import { createPipXPackageManager } from "./pipx/createPipXPackageManager.js";
+import { createUvxPackageManager } from "./uvx/createUvxPackageManager.js";

 /**
 * @type {{packageManagerName: PackageManager | null}}
@ -60,6 +61,8 @@ export function initializePackageManager(packageManagerName, context) {
    state.packageManagerName = createPipPackageManager(context);
  } else if (packageManagerName === "uv") {
    state.packageManagerName = createUvPackageManager();
+  } else if (packageManagerName === "uvx") {
+    state.packageManagerName = createUvxPackageManager();
  } else if (packageManagerName === "poetry") {
    state.packageManagerName = createPoetryPackageManager();
  } else if (packageManagerName === "pipx") {
--- a/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.js
@ -0,0 +1,18 @@
+import { runUv } from "../uv/runUvCommand.js";
+
+/**
+ * @returns {import("../currentPackageManager.js").PackageManager}
+ */
+export function createUvxPackageManager() {
+  return {
+    /**
+     * @param {string[]} args
+     */
+    runCommand: (args) => {
+      return runUv("uvx", args);
+    },
+    // For uvx, rely solely on MITM
+    isSupportedCommand: () => false,
+    getDependencyUpdatesForCommand: () => [],
+  };
+}
--- a/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.spec.js
+++ b/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.spec.js
@ -0,0 +1,14 @@
+import { test } from "node:test";
+import assert from "node:assert";
+import { createUvxPackageManager } from "./createUvxPackageManager.js";
+
+test("createUvxPackageManager returns valid package manager interface", () => {
+  const pm = createUvxPackageManager();
+
+  assert.ok(pm);
+  assert.strictEqual(typeof pm.runCommand, "function");
+  assert.strictEqual(typeof pm.isSupportedCommand, "function");
+  assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
+  assert.strictEqual(pm.isSupportedCommand(), false);
+  assert.deepStrictEqual(pm.getDependencyUpdatesForCommand(), []);
+});
--- a/packages/safe-chain/src/shell-integration/helpers.js
+++ b/packages/safe-chain/src/shell-integration/helpers.js
@ -66,6 +66,12 @@ export const knownAikidoTools = [
    ecoSystem: ECOSYSTEM_PY,
    internalPackageManagerName: "uv",
  },
+  {
+    tool: "uvx",
+    aikidoCommand: "aikido-uvx",
+    ecoSystem: ECOSYSTEM_PY,
+    internalPackageManagerName: "uvx",
+  },
  {
    tool: "pip",
    aikidoCommand: "aikido-pip",
--- a/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish
+++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish
@ -51,6 +51,10 @@ function uv
    wrapSafeChainCommand "uv" $argv
 end

+function uvx
+    wrapSafeChainCommand "uvx" $argv
+end
+
 function poetry
    wrapSafeChainCommand "poetry" $argv
 end
--- a/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh
+++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh
@ -47,6 +47,10 @@ function uv() {
  wrapSafeChainCommand "uv" "$@"
 }

+function uvx() {
+  wrapSafeChainCommand "uvx" "$@"
+}
+
 function poetry() {
  wrapSafeChainCommand "poetry" "$@"
 }
--- a/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1
+++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1
@ -52,6 +52,10 @@ function uv {
    Invoke-WrappedCommand "uv" $args $MyInvocation.Line $MyInvocation.OffsetInLine
 }

+function uvx {
+    Invoke-WrappedCommand "uvx" $args $MyInvocation.Line $MyInvocation.OffsetInLine
+}
+
 function poetry {
    Invoke-WrappedCommand "poetry" $args $MyInvocation.Line $MyInvocation.OffsetInLine
 }