milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #59 from AikidoSec/only-strict-dependency-versions

Browse source 
Use strict dependency versions
This commit is contained in:
Sander Declerck 2025-09-17 16:26:58 +02:00 committed by GitHub
commit 3777bfa9c4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 13 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

17
package-lock.json generated
View file

@ -4875,12 +4875,12 @@
"version": "1.0.0",
"license": "AGPL-3.0-or-later",
"dependencies": {
"abbrev": "^3.0.1",
"chalk": "^5.4.1",
"make-fetch-happen": "^14.0.3",
"npm-registry-fetch": "^18.0.2",
"ora": "^8.2.0",
"semver": "^7.7.2"
"abbrev": "3.0.1",
"chalk": "5.4.1",
"make-fetch-happen": "14.0.3",
"npm-registry-fetch": "18.0.2",
"ora": "8.2.0",
"semver": "7.7.2"
},
"bin": {
"aikido-npm": "bin/aikido-npm.js",
@ -4896,8 +4896,7 @@
"version": "1.0.0",
"license": "AGPL-3.0-or-later",
"dependencies": {
"@aikidosec/safe-chain": "file:../safe-chain",
"make-fetch-happen": "^14.0.3"
"@aikidosec/safe-chain": "file:../safe-chain"
},
"peerDependencies": {
"bun": ">=1.2.21"
@ -4908,8 +4907,6 @@
"version": "1.0.0",
"license": "AGPL-3.0-or-later",
"dependencies": {
"@aikidosec/safe-chain": "file:../../packages/safe-chain",
"make-fetch-happen": "^14.0.3",
"node-pty": "^1.0.0"
}
}

12
packages/safe-chain/package.json
View file

@ -28,12 +28,12 @@
"license": "AGPL-3.0-or-later",
"description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), and [pnpx](https://pnpm.io/cli/dlx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, or pnpx from downloading or running the malware.",
"dependencies": {
"abbrev": "^3.0.1",
"chalk": "^5.4.1",
"make-fetch-happen": "^14.0.3",
"npm-registry-fetch": "^18.0.2",
"ora": "^8.2.0",
"semver": "^7.7.2"
"abbrev": "3.0.1",
"chalk": "5.4.1",
"make-fetch-happen": "14.0.3",
"npm-registry-fetch": "18.0.2",
"ora": "8.2.0",
"semver": "7.7.2"
},
"main": "src/main.js",
"bugs": {

32
test/e2e/package-lock.json generated
View file

@ -1,32 +0,0 @@
{
"name": "@aikidosec/safe-chain-e2e-tests",
"version": "1.0.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "@aikidosec/safe-chain-e2e-tests",
"version": "1.0.0",
"license": "AGPL-3.0-or-later",
"dependencies": {
"node-pty": "^1.0.0"
}
},
"node_modules/nan": {
"version": "2.23.0",
"resolved": "https://registry.npmjs.org/nan/-/nan-2.23.0.tgz",
"integrity": "sha512-1UxuyYGdoQHcGg87Lkqm3FzefucTa0NAiOcuRsDmysep3c1LVCRK2krrUDafMWtjSG04htvAmvg96+SDknOmgQ==",
"license": "MIT"
},
"node_modules/node-pty": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/node-pty/-/node-pty-1.0.0.tgz",
"integrity": "sha512-wtBMWWS7dFZm/VgqElrTvtfMq4GzJ6+edFI0Y0zyzygUSZMgZdraDUMUhCIvkjhJjme15qWmbyJbtAx4ot4uZA==",
"hasInstallScript": true,
"license": "MIT",
"dependencies": {
"nan": "^2.17.0"
}
}
}
}