milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add uvx support

Browse source 
Add uvx as a supported package manager so that `uvx` commands are
routed through safe-chain's MITM proxy for malware detection, just
like `uv`. Previously, `uvx` bypassed all safe-chain protections.

The uvx package manager reuses the existing uv command runner since
uvx is functionally equivalent to `uv tool run`.

Fixes #268

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Stephen Benjamin 2026-03-17 17:12:42 -04:00
parent 83f9f378f6
commit 14c8abffea
12 changed files with 82 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

3
packages/safe-chain/src/packagemanager/currentPackageManager.js
View file

@ -13,6 +13,7 @@ import { createPipPackageManager } from "./pip/createPackageManager.js";
import { createUvPackageManager } from "./uv/createUvPackageManager.js";
import { createPoetryPackageManager } from "./poetry/createPoetryPackageManager.js";
import { createPipXPackageManager } from "./pipx/createPipXPackageManager.js";
import { createUvxPackageManager } from "./uvx/createUvxPackageManager.js";
/**
* @type {{packageManagerName: PackageManager | null}}
@ -60,6 +61,8 @@ export function initializePackageManager(packageManagerName, context) {
state.packageManagerName = createPipPackageManager(context);
} else if (packageManagerName === "uv") {
state.packageManagerName = createUvPackageManager();
} else if (packageManagerName === "uvx") {
state.packageManagerName = createUvxPackageManager();
} else if (packageManagerName === "poetry") {
state.packageManagerName = createPoetryPackageManager();
} else if (packageManagerName === "pipx") {