add a configuration option for custom malwaredb and newpackagelist urls.

2026-05-26 12:10:49 +00:00 · 2026-03-31 11:52:26 +00:00 · 2026-03-31 11:52:26 +00:00 · 1abe5932ad
commit 1abe5932ad
parent 5bc8b39f56
8 changed files with 219 additions and 19 deletions
--- a/packages/safe-chain/src/config/configFile.js
+++ b/packages/safe-chain/src/config/configFile.js
@ -10,6 +10,7 @@ import { getEcoSystem } from "./settings.js";
 * We cannot trust the input and should add the necessary validations
 * @property {unknown | Number} scanTimeout
 * @property {unknown | Number} minimumPackageAgeHours
+ * @property {unknown | string} malwareListBaseUrl
 * @property {unknown | SafeChainRegistryConfiguration} npm
 * @property {unknown | SafeChainRegistryConfiguration} pip
 *
@ -84,6 +85,18 @@ export function getMinimumPackageAgeHours() {
  return undefined;
 }

+/**
+ * Gets the malware list base URL from config file only
+ * @returns {string | undefined}
+ */
+export function getMalwareListBaseUrl() {
+  const config = readConfigFile();
+  if (config.malwareListBaseUrl && typeof config.malwareListBaseUrl === "string") {
+    return config.malwareListBaseUrl;
+  }
+  return undefined;
+}
+
 /**
 * Gets the custom npm registries from the config file (format parsing only, no validation)
 * @returns {string[]}
@ -214,6 +227,7 @@ function readConfigFile() {
  const emptyConfig = {
    scanTimeout: undefined,
    minimumPackageAgeHours: undefined,
+    malwareListBaseUrl: undefined,
    npm: {
      customRegistries: undefined,
    },