Retry downloading the malware database 3 times

2026-05-26 12:10:49 +00:00 · 2026-01-14 14:02:27 +01:00 · 2026-01-14 14:02:27 +01:00 · 14e94dcb62
commit 14e94dcb62
parent 7377b5577a
2 changed files with 77 additions and 34 deletions
--- a/packages/safe-chain/src/api/aikido.js
+++ b/packages/safe-chain/src/api/aikido.js
@ -1,5 +1,9 @@
 import fetch from "make-fetch-happen";
-import { getEcoSystem, ECOSYSTEM_JS, ECOSYSTEM_PY } from "../config/settings.js";
+import {
+  getEcoSystem,
+  ECOSYSTEM_JS,
+  ECOSYSTEM_PY,
+} from "../config/settings.js";

 const malwareDatabaseUrls = {
  [ECOSYSTEM_JS]: "https://malware-list.aikido.dev/malware_predictions.json",
@ -17,38 +21,77 @@ const malwareDatabaseUrls = {
 * @returns {Promise<{malwareDatabase: MalwarePackage[], version: string | undefined}>}
 */
 export async function fetchMalwareDatabase() {
-  const ecosystem = getEcoSystem();
-  const malwareDatabaseUrl = malwareDatabaseUrls[/** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)];
-  const response = await fetch(malwareDatabaseUrl);
-  if (!response.ok) {
-    throw new Error(`Error fetching ${ecosystem} malware database: ${response.statusText}`);
-  }
+  return retry(async () => {
+    const ecosystem = getEcoSystem();
+    const malwareDatabaseUrl =
+      malwareDatabaseUrls[
+        /** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)
+      ];
+    const response = await fetch(malwareDatabaseUrl);
+    if (!response.ok) {
+      throw new Error(
+        `Error fetching ${ecosystem} malware database: ${response.statusText}`
+      );
+    }

-  try {
-    let malwareDatabase = await response.json();
-    return {
-      malwareDatabase: malwareDatabase,
-      version: response.headers.get("etag") || undefined,
-    };
-  } catch (/** @type {any} */ error) {
-    throw new Error(`Error parsing malware database: ${error.message}`);
-  }
+    try {
+      let malwareDatabase = await response.json();
+      return {
+        malwareDatabase: malwareDatabase,
+        version: response.headers.get("etag") || undefined,
+      };
+    } catch (/** @type {any} */ error) {
+      throw new Error(`Error parsing malware database: ${error.message}`);
+    }
+  }, 3);
 }

 /**
 * @returns {Promise<string | undefined>}
 */
 export async function fetchMalwareDatabaseVersion() {
-  const ecosystem = getEcoSystem();
-  const malwareDatabaseUrl = malwareDatabaseUrls[/** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)];
-  const response = await fetch(malwareDatabaseUrl, {
-    method: "HEAD",
-  });
+  return retry(async () => {
+    const ecosystem = getEcoSystem();
+    const malwareDatabaseUrl =
+      malwareDatabaseUrls[
+        /** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)
+      ];
+    const response = await fetch(malwareDatabaseUrl, {
+      method: "HEAD",
+    });

-  if (!response.ok) {
-    throw new Error(
-      `Error fetching ${ecosystem} malware database version: ${response.statusText}`
-    );
-  }
-  return response.headers.get("etag") || undefined;
+    if (!response.ok) {
+      throw new Error(
+        `Error fetching ${ecosystem} malware database version: ${response.statusText}`
+      );
+    }
+    return response.headers.get("etag") || undefined;
+  }, 3);
+}
+
+/**
+ * Retries an asynchronous function multiple times until it succeeds or exhausts all attempts.
+ *
+ * @template T
+ * @param {() => Promise<T>} func - The asynchronous function to retry
+ * @param {number} times - The number of retry attempts (will execute times + 1 total attempts)
+ * @returns {Promise<T>} The return value of the function if successful
+ * @throws {Error} The last error encountered if all retry attempts fail
+ */
+async function retry(func, times) {
+  let lastError;
+
+  for (let i = 0; i <= times; i++) {
+    try {
+      return await func();
+    } catch (error) {
+      lastError = error;
+    }
+
+    if (i < times) {
+      await new Promise((resolve) => setTimeout(resolve, Math.pow(2, i) * 500));
+    }
+  }
+
+  throw lastError;
 }
--- a/packages/safe-chain/src/scanning/malwareDatabase.js
+++ b/packages/safe-chain/src/scanning/malwareDatabase.js
@ -48,13 +48,13 @@ export async function openMalwareDatabase() {
   */
  function getPackageStatus(name, version) {
    const normalizedName = normalizePackageName(name);
-    const packageData = malwareDatabase.find(
-      (pkg) => {
-        const normalizedPkgName = normalizePackageName(pkg.package_name);
-        return normalizedPkgName === normalizedName &&
-          (pkg.version === version || pkg.version === "*");
-      }
-    );
+    const packageData = malwareDatabase.find((pkg) => {
+      const normalizedPkgName = normalizePackageName(pkg.package_name);
+      return (
+        normalizedPkgName === normalizedName &&
+        (pkg.version === version || pkg.version === "*")
+      );
+    });

    if (!packageData) {
      return MALWARE_STATUS_OK;