add a configuration option for custom malwaredb and newpackagelist urls.

2026-05-26 20:20:49 +00:00 · 2026-03-31 11:52:26 +00:00 · 2026-03-31 11:52:26 +00:00 · 1abe5932ad
commit 1abe5932ad
parent 5bc8b39f56
8 changed files with 219 additions and 19 deletions
--- a/packages/safe-chain/src/api/aikido.js
+++ b/packages/safe-chain/src/api/aikido.js
@ -3,17 +3,18 @@ import {
  getEcoSystem,
  ECOSYSTEM_JS,
  ECOSYSTEM_PY,
+  getMalwareListBaseUrl,
 } from "../config/settings.js";
 import { ui } from "../environment/userInteraction.js";

-const malwareDatabaseUrls = {
-  [ECOSYSTEM_JS]: "https://malware-list.aikido.dev/malware_predictions.json",
-  [ECOSYSTEM_PY]: "https://malware-list.aikido.dev/malware_pypi.json",
+const malwareDatabasePaths = {
+  [ECOSYSTEM_JS]: "malware_predictions.json",
+  [ECOSYSTEM_PY]: "malware_pypi.json",
 };

-const newPackagesListUrls = {
-  [ECOSYSTEM_JS]: "https://malware-list.aikido.dev/releases/npm.json",
-  [ECOSYSTEM_PY]: "https://malware-list.aikido.dev/releases/pypi.json",
+const newPackagesListPaths = {
+  [ECOSYSTEM_JS]: "releases/npm.json",
+  [ECOSYSTEM_PY]: "releases/pypi.json",
 };

 const DEFAULT_FETCH_RETRY_ATTEMPTS = 4;
@ -40,10 +41,11 @@ const DEFAULT_FETCH_RETRY_ATTEMPTS = 4;
 export async function fetchMalwareDatabase() {
  return retry(async () => {
    const ecosystem = getEcoSystem();
-    const malwareDatabaseUrl =
-      malwareDatabaseUrls[
-        /** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)
-      ];
+    const baseUrl = getMalwareListBaseUrl();
+    const path = malwareDatabasePaths[
+      /** @type {keyof typeof malwareDatabasePaths} */ (ecosystem)
+    ];
+    const malwareDatabaseUrl = `${baseUrl}/${path}`;
    const response = await fetch(malwareDatabaseUrl);
    if (!response.ok) {
      throw new Error(
@ -69,10 +71,11 @@ export async function fetchMalwareDatabase() {
 export async function fetchMalwareDatabaseVersion() {
  return retry(async () => {
    const ecosystem = getEcoSystem();
-    const malwareDatabaseUrl =
-      malwareDatabaseUrls[
-        /** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)
-      ];
+    const baseUrl = getMalwareListBaseUrl();
+    const path = malwareDatabasePaths[
+      /** @type {keyof typeof malwareDatabasePaths} */ (ecosystem)
+    ];
+    const malwareDatabaseUrl = `${baseUrl}/${path}`;
    const response = await fetch(malwareDatabaseUrl, {
      method: "HEAD",
    });
@ -92,8 +95,9 @@ export async function fetchMalwareDatabaseVersion() {
 export async function fetchNewPackagesList() {
  return retry(async () => {
    const ecosystem = getEcoSystem();
-    const url =
-      newPackagesListUrls[/** @type {keyof typeof newPackagesListUrls} */ (ecosystem)];
+    const baseUrl = getMalwareListBaseUrl();
+    const path = newPackagesListPaths[/** @type {keyof typeof newPackagesListPaths} */ (ecosystem)];
+    const url = `${baseUrl}/${path}`;

    if (!url) {
      return { newPackagesList: [], version: undefined };
@ -124,8 +128,9 @@ export async function fetchNewPackagesList() {
 export async function fetchNewPackagesListVersion() {
  return retry(async () => {
    const ecosystem = getEcoSystem();
-    const url =
-      newPackagesListUrls[/** @type {keyof typeof newPackagesListUrls} */ (ecosystem)];
+    const baseUrl = getMalwareListBaseUrl();
+    const path = newPackagesListPaths[/** @type {keyof typeof newPackagesListPaths} */ (ecosystem)];
+    const url = `${baseUrl}/${path}`;

    if (!url) {
      return undefined;
--- a/packages/safe-chain/src/api/aikido.spec.js
+++ b/packages/safe-chain/src/api/aikido.spec.js
@ -22,6 +22,7 @@ describe("aikido API", async () => {
      getEcoSystem: () => ecosystem,
      ECOSYSTEM_JS: "js",
      ECOSYSTEM_PY: "py",
+      getMalwareListBaseUrl: () => "https://malware-list.aikido.dev",
    },
  });