mirror of
https://github.com/AikidoSec/safe-chain.git
synced 2026-05-26 12:10:49 +00:00
Make sure we use a different version.txt to prevent having to redownload DB
This commit is contained in:
Reinier Criel
parent
b5988e19c1
commit
15785fad73
4 changed files with 28 additions and 22 deletions
|
|
@ -3,22 +3,13 @@ import { getEcoSystem } from "../config/settings.js";
|
|||
|
||||
const malwareDatabaseUrls = {
|
||||
js: "https://malware-list.aikido.dev/malware_predictions.json",
|
||||
py: "https://malware-list.aikido.dev/malware_predictions_python.json",
|
||||
py: "https://malware-list.aikido.dev/malware_pypi.json",
|
||||
};
|
||||
|
||||
export async function fetchMalwareDatabase() {
|
||||
const ecosystem = getEcoSystem() || "js";
|
||||
const malwareDatabaseUrl = malwareDatabaseUrls[ecosystem];
|
||||
const response = await fetch(malwareDatabaseUrl);
|
||||
|
||||
// Python malware database doesn't exist yet, return empty database
|
||||
if (!response.ok && ecosystem === "py" && response.status === 403) {
|
||||
return {
|
||||
malwareDatabase: [],
|
||||
version: undefined,
|
||||
};
|
||||
}
|
||||
|
||||
if (!response.ok) {
|
||||
throw new Error(`Error fetching ${ecosystem} malware database: ${response.statusText}`);
|
||||
}
|
||||
|
|
@ -42,11 +33,6 @@ export async function fetchMalwareDatabaseVersion() {
|
|||
method: "HEAD",
|
||||
});
|
||||
|
||||
// Python malware database doesn't exist yet, return undefined
|
||||
if (!response.ok && ecosystem === "py" && response.status === 403) {
|
||||
return undefined;
|
||||
}
|
||||
|
||||
if (!response.ok) {
|
||||
throw new Error(
|
||||
`Error fetching ${ecosystem} malware database version: ${response.statusText}`
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ import fs from "fs";
|
|||
import path from "path";
|
||||
import os from "os";
|
||||
import { ui } from "../environment/userInteraction.js";
|
||||
import { getEcoSystem } from "./settings.js";
|
||||
|
||||
export function getScanTimeout() {
|
||||
const config = readConfigFile();
|
||||
|
|
@ -68,12 +69,14 @@ function readConfigFile() {
|
|||
|
||||
function getDatabasePath() {
|
||||
const aikidoDir = getAikidoDirectory();
|
||||
return path.join(aikidoDir, "malwareDatabase.json");
|
||||
const ecosystem = getEcoSystem() || "js";
|
||||
return path.join(aikidoDir, `malwareDatabase_${ecosystem}.json`);
|
||||
}
|
||||
|
||||
function getDatabaseVersionPath() {
|
||||
const aikidoDir = getAikidoDirectory();
|
||||
return path.join(aikidoDir, "version.txt");
|
||||
const ecosystem = getEcoSystem() || "js";
|
||||
return path.join(aikidoDir, `version_${ecosystem}.txt`);
|
||||
}
|
||||
|
||||
function getConfigFilePath() {
|
||||
|
|
|
|||
|
|
@ -111,7 +111,6 @@ function handleConnect(req, clientSocket, head) {
|
|||
// CONNECT method is used for HTTPS requests
|
||||
// It establishes a tunnel to the server identified by the request URL
|
||||
|
||||
console.log("**registryProxy.js** Handling CONNECT request for:", req.url);
|
||||
if ((knownJsRegistries.some((reg) => req.url.includes(reg)))
|
||||
|| (knownPipRegistries.some((reg) => req.url.includes(reg)))) {
|
||||
mitmConnect(req, clientSocket, isAllowedUrl);
|
||||
|
|
|
|||
|
|
@ -7,9 +7,24 @@ import {
|
|||
writeDatabaseToLocalCache,
|
||||
} from "../config/configFile.js";
|
||||
import { ui } from "../environment/userInteraction.js";
|
||||
import { getEcoSystem } from "../config/settings.js";
|
||||
|
||||
let cachedMalwareDatabase = null;
|
||||
|
||||
/**
|
||||
* Normalize package name for comparison.
|
||||
* For Python packages (PEP-503): lowercase and replace _, -, . with -
|
||||
* For js packages: keep as-is (case-sensitive)
|
||||
*/
|
||||
function normalizePackageName(name) {
|
||||
const ecosystem = getEcoSystem();
|
||||
if (ecosystem === "py") {
|
||||
return name.toLowerCase().replace(/[-_.]+/g, "-");
|
||||
}
|
||||
|
||||
return name;
|
||||
}
|
||||
|
||||
export async function openMalwareDatabase() {
|
||||
if (cachedMalwareDatabase) {
|
||||
return cachedMalwareDatabase;
|
||||
|
|
@ -18,10 +33,13 @@ export async function openMalwareDatabase() {
|
|||
const malwareDatabase = await getMalwareDatabase();
|
||||
|
||||
function getPackageStatus(name, version) {
|
||||
const normalizedName = normalizePackageName(name);
|
||||
const packageData = malwareDatabase.find(
|
||||
(pkg) =>
|
||||
pkg.package_name === name &&
|
||||
(pkg.version === version || pkg.version === "*")
|
||||
(pkg) => {
|
||||
const normalizedPkgName = normalizePackageName(pkg.package_name);
|
||||
return normalizedPkgName === normalizedName &&
|
||||
(pkg.version === version || pkg.version === "*");
|
||||
}
|
||||
);
|
||||
|
||||
if (!packageData) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue