milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Make sure we use a different version.txt to prevent having to redownload DB

Browse source
This commit is contained in:
Reinier Criel 2025-10-24 09:59:53 -07:00
parent b5988e19c1
commit 15785fad73
4 changed files with 28 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

24
packages/safe-chain/src/scanning/malwareDatabase.js
View file

@ -7,9 +7,24 @@ import {
writeDatabaseToLocalCache,
} from "../config/configFile.js";
import { ui } from "../environment/userInteraction.js";
import { getEcoSystem } from "../config/settings.js";
let cachedMalwareDatabase = null;
/**
* Normalize package name for comparison.
* For Python packages (PEP-503): lowercase and replace _, -, . with -
* For js packages: keep as-is (case-sensitive)
*/
function normalizePackageName(name) {
const ecosystem = getEcoSystem();
if (ecosystem === "py") {
return name.toLowerCase().replace(/[-_.]+/g, "-");
}
return name;
}
export async function openMalwareDatabase() {
if (cachedMalwareDatabase) {
return cachedMalwareDatabase;
@ -18,10 +33,13 @@ export async function openMalwareDatabase() {
const malwareDatabase = await getMalwareDatabase();
function getPackageStatus(name, version) {
const normalizedName = normalizePackageName(name);
const packageData = malwareDatabase.find(
(pkg) =>
pkg.package_name === name &&
(pkg.version === version || pkg.version === "*")
(pkg) => {
const normalizedPkgName = normalizePackageName(pkg.package_name);
return normalizedPkgName === normalizedName &&
(pkg.version === version || pkg.version === "*");
}
);
if (!packageData) {