mirror of
https://github.com/AikidoSec/safe-chain.git
synced 2026-05-26 12:10:49 +00:00
Update screenshot in README
This commit is contained in:
Sander Declerck
parent
5006bc6194
commit
28d5cb1741
2 changed files with 45 additions and 5 deletions
50
README.md
50
README.md
|
|
@ -4,7 +4,7 @@ The Aikido Safe Chain **prevents developers from installing malware** on their w
|
|||
|
||||
The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), and [pnpx](https://pnpm.io/cli/dlx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm or pnpx from downloading or running the malware.
|
||||
|
||||
|
||||
|
||||
|
||||
Aikido Safe Chain works on Node.js version 18 and above and supports the following package managers:
|
||||
|
||||
|
|
@ -57,6 +57,50 @@ The Aikido Safe Chain integrates with your shell to provide a seamless experienc
|
|||
|
||||
More information about the shell integration can be found in the [shell integration documentation](docs/shell-integration.md).
|
||||
|
||||
## Usage in CI/CD
|
||||
|
||||
[Learn more about Safe Chain CI/CD integration in the Aikido docs.](https://help.aikido.dev/code-scanning/aikido-malware-scanning/malware-scanning-with-safe-chain-in-ci-cd-environments)
|
||||
|
||||
## Usage in Docker
|
||||
|
||||
To use the Aikido Safe Chain in a Docker container, you can follow these steps:
|
||||
|
||||
1. **Install the Aikido Safe Chain package** in your Dockerfile:
|
||||
|
||||
```dockerfile
|
||||
RUN npm install -g @aikidosec/safe-chain
|
||||
```
|
||||
|
||||
2. **Setup the shell integration** by running:
|
||||
|
||||
```dockerfile
|
||||
RUN safe-chain setup-ci
|
||||
```
|
||||
|
||||
3. **Add the shims directory to your PATH** to ensure the aliases are available in your Docker container:
|
||||
|
||||
```dockerfile
|
||||
ENV PATH="~/.safe-chain/shims:${PATH}"
|
||||
```
|
||||
|
||||
4. **Verify the installation** by running:
|
||||
```dockerfile
|
||||
RUN npm install safe-chain-test
|
||||
```
|
||||
|
||||
Example Dockerfile:
|
||||
|
||||
```dockerfile
|
||||
FROM node:24
|
||||
RUN npm install -g @aikidosec/safe-chain
|
||||
RUN safe-chain setup-ci
|
||||
ENV PATH="~/.safe-chain/shims:${PATH}"
|
||||
WORKDIR /app
|
||||
|
||||
RUN npm init -y
|
||||
RUN npm install safe-chain-test
|
||||
```
|
||||
|
||||
## Uninstallation
|
||||
|
||||
To uninstall the Aikido Safe Chain, you can run the following command:
|
||||
|
|
@ -85,7 +129,3 @@ Example usage:
|
|||
```shell
|
||||
npm install suspicious-package --safe-chain-malware-action=prompt
|
||||
```
|
||||
|
||||
# Usage in CI/CD
|
||||
|
||||
[Learn more about Safe Chain CI/CD integration in the Aikido docs.](https://help.aikido.dev/code-scanning/aikido-malware-scanning/malware-scanning-with-safe-chain-in-ci-cd-environments)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue