diff --git a/build.js b/build.js index 24230cd..235968b 100644 --- a/build.js +++ b/build.js @@ -11,12 +11,21 @@ if (!target) { process.exit(1); } -(async function () { +(async function main() { await clearOutputFolder(); + + // Esbuild creates a single safe-chain.cjs with all dependencies included await bundleSafeChain(); + + // Copy assets that need to be included in the binary + // - All shell scripts that are used to setup safe-chain + // - Certifi because it contains static root certs for Python + // - Package.json for its metadata (package name, version, ...) await copyShellScripts(); await copyCertifi(); await copyAndModifyPackageJson(); + + // Creates a single binary with safe-chain.cjs and the copied assets await buildSafeChainBinary(target); })(); diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish index 81e28ef..4c881ba 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish +++ b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish @@ -1,36 +1,5 @@ set -gx PATH $PATH $HOME/.safe-chain/bin -function printSafeChainWarning - set original_cmd $argv[1] - - # Fish equivalent of ANSI color codes: yellow background, black text for "Warning:" - set_color -b yellow black - printf "Warning:" - set_color normal - printf " safe-chain is not available to protect you from installing malware. %s will run without it.\n" $original_cmd - - # Cyan text for the install command - printf "Install safe-chain by using " - set_color cyan - printf "npm install -g @aikidosec/safe-chain" - set_color normal - printf ".\n" -end - -function wrapSafeChainCommand - set original_cmd $argv[1] - set cmd_args $argv[2..-1] - - if type -q safe-chain - # If the safe-chain command is available, just run it with the provided arguments - safe-chain $original_cmd $cmd_args - else - # If the safe-chain command is not available, print a warning and run the original command - printSafeChainWarning $original_cmd - command $original_cmd $cmd_args - end -end - function npx wrapSafeChainCommand "npx" $argv end @@ -92,3 +61,34 @@ end function python3 wrapSafeChainCommand "python3" $argv end + +function printSafeChainWarning + set original_cmd $argv[1] + + # Fish equivalent of ANSI color codes: yellow background, black text for "Warning:" + set_color -b yellow black + printf "Warning:" + set_color normal + printf " safe-chain is not available to protect you from installing malware. %s will run without it.\n" $original_cmd + + # Cyan text for the install command + printf "Install safe-chain by using " + set_color cyan + printf "npm install -g @aikidosec/safe-chain" + set_color normal + printf ".\n" +end + +function wrapSafeChainCommand + set original_cmd $argv[1] + set cmd_args $argv[2..-1] + + if type -q safe-chain + # If the safe-chain command is available, just run it with the provided arguments + safe-chain $original_cmd $cmd_args + else + # If the safe-chain command is not available, print a warning and run the original command + printSafeChainWarning $original_cmd + command $original_cmd $cmd_args + end +end diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh index fd844fc..af5b18e 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh +++ b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh @@ -1,27 +1,5 @@ export PATH="$PATH:$HOME/.safe-chain/bin" -function printSafeChainWarning() { - # \033[43;30m is used to set the background color to yellow and text color to black - # \033[0m is used to reset the text formatting - printf "\033[43;30mWarning:\033[0m safe-chain is not available to protect you from installing malware. %s will run without it.\n" "$1" - # \033[36m is used to set the text color to cyan - printf "Install safe-chain by using \033[36mnpm install -g @aikidosec/safe-chain\033[0m.\n" -} - -function wrapSafeChainCommand() { - local original_cmd="$1" - - if command -v safe-chain > /dev/null 2>&1; then - # If the aikido command is available, just run it with the provided arguments - safe-chain "$@" - else - # If the aikido command is not available, print a warning and run the original command - printSafeChainWarning "$original_cmd" - - command "$original_cmd" "$@" - fi -} - function npx() { wrapSafeChainCommand "npx" "$@" } @@ -79,3 +57,25 @@ function python() { function python3() { wrapSafeChainCommand "python3" "$@" } + +function printSafeChainWarning() { + # \033[43;30m is used to set the background color to yellow and text color to black + # \033[0m is used to reset the text formatting + printf "\033[43;30mWarning:\033[0m safe-chain is not available to protect you from installing malware. %s will run without it.\n" "$1" + # \033[36m is used to set the text color to cyan + printf "Install safe-chain by using \033[36mnpm install -g @aikidosec/safe-chain\033[0m.\n" +} + +function wrapSafeChainCommand() { + local original_cmd="$1" + + if command -v safe-chain > /dev/null 2>&1; then + # If the aikido command is available, just run it with the provided arguments + safe-chain "$@" + else + # If the aikido command is not available, print a warning and run the original command + printSafeChainWarning "$original_cmd" + + command "$original_cmd" "$@" + fi +} diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 index 50a6d0b..2edc93b 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 +++ b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 @@ -3,59 +3,6 @@ $pathSeparator = if ($IsWindows) { ';' } else { ':' } $safeChainBin = Join-Path $HOME '.safe-chain' 'bin' $env:PATH = "$env:PATH$pathSeparator$safeChainBin" -function Write-SafeChainWarning { - param([string]$Command) - - # PowerShell equivalent of ANSI color codes: yellow background, black text for "Warning:" - Write-Host "Warning:" -BackgroundColor Yellow -ForegroundColor Black -NoNewline - Write-Host " safe-chain is not available to protect you from installing malware. $Command will run without it." - - # Cyan text for the install command - Write-Host "Install safe-chain by using " -NoNewline - Write-Host "npm install -g @aikidosec/safe-chain" -ForegroundColor Cyan -NoNewline - Write-Host "." -} - -function Test-CommandAvailable { - param([string]$Command) - - try { - Get-Command $Command -ErrorAction Stop | Out-Null - return $true - } - catch { - return $false - } -} - -function Invoke-RealCommand { - param( - [string]$Command, - [string[]]$Arguments - ) - - # Find the real executable to avoid calling our wrapped functions - $realCommand = Get-Command -Name $Command -CommandType Application | Select-Object -First 1 - if ($realCommand) { - & $realCommand.Source @Arguments - } -} - -function Invoke-WrappedCommand { - param( - [string]$OriginalCmd, - [string[]]$Arguments - ) - - if (Test-CommandAvailable "safe-chain") { - & safe-chain $OriginalCmd @Arguments - } - else { - Write-SafeChainWarning $OriginalCmd - Invoke-RealCommand $OriginalCmd $Arguments - } -} - function npx { Invoke-WrappedCommand "npx" $args } @@ -113,3 +60,56 @@ function python3 { Invoke-WrappedCommand 'python3' $args } + +function Write-SafeChainWarning { + param([string]$Command) + + # PowerShell equivalent of ANSI color codes: yellow background, black text for "Warning:" + Write-Host "Warning:" -BackgroundColor Yellow -ForegroundColor Black -NoNewline + Write-Host " safe-chain is not available to protect you from installing malware. $Command will run without it." + + # Cyan text for the install command + Write-Host "Install safe-chain by using " -NoNewline + Write-Host "npm install -g @aikidosec/safe-chain" -ForegroundColor Cyan -NoNewline + Write-Host "." +} + +function Test-CommandAvailable { + param([string]$Command) + + try { + Get-Command $Command -ErrorAction Stop | Out-Null + return $true + } + catch { + return $false + } +} + +function Invoke-RealCommand { + param( + [string]$Command, + [string[]]$Arguments + ) + + # Find the real executable to avoid calling our wrapped functions + $realCommand = Get-Command -Name $Command -CommandType Application | Select-Object -First 1 + if ($realCommand) { + & $realCommand.Source @Arguments + } +} + +function Invoke-WrappedCommand { + param( + [string]$OriginalCmd, + [string[]]$Arguments + ) + + if (Test-CommandAvailable "safe-chain") { + & safe-chain $OriginalCmd @Arguments + } + else { + Write-SafeChainWarning $OriginalCmd + Invoke-RealCommand $OriginalCmd $Arguments + } +} diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish b/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish index f697da2..b18ff96 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish +++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish @@ -1,36 +1,5 @@ set -gx PATH $PATH $HOME/.safe-chain/bin -function printSafeChainWarning - set original_cmd $argv[1] - - # Fish equivalent of ANSI color codes: yellow background, black text for "Warning:" - set_color -b yellow black - printf "Warning:" - set_color normal - printf " safe-chain is not available to protect you from installing malware. %s will run without it.\n" $original_cmd - - # Cyan text for the install command - printf "Install safe-chain by using " - set_color cyan - printf "npm install -g @aikidosec/safe-chain" - set_color normal - printf ".\n" -end - -function wrapSafeChainCommand - set original_cmd $argv[1] - set cmd_args $argv[2..-1] - - if type -q safe-chain - # If the safe-chain command is available, just run it with the provided arguments - safe-chain $original_cmd $cmd_args - else - # If the safe-chain command is not available, print a warning and run the original command - printSafeChainWarning $original_cmd - command $original_cmd $cmd_args - end -end - function npx wrapSafeChainCommand "npx" $argv end @@ -69,3 +38,34 @@ function npm wrapSafeChainCommand "npm" $argv end + +function printSafeChainWarning + set original_cmd $argv[1] + + # Fish equivalent of ANSI color codes: yellow background, black text for "Warning:" + set_color -b yellow black + printf "Warning:" + set_color normal + printf " safe-chain is not available to protect you from installing malware. %s will run without it.\n" $original_cmd + + # Cyan text for the install command + printf "Install safe-chain by using " + set_color cyan + printf "npm install -g @aikidosec/safe-chain" + set_color normal + printf ".\n" +end + +function wrapSafeChainCommand + set original_cmd $argv[1] + set cmd_args $argv[2..-1] + + if type -q safe-chain + # If the safe-chain command is available, just run it with the provided arguments + safe-chain $original_cmd $cmd_args + else + # If the safe-chain command is not available, print a warning and run the original command + printSafeChainWarning $original_cmd + command $original_cmd $cmd_args + end +end diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh b/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh index 6d426c5..5c32143 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh +++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh @@ -1,27 +1,5 @@ export PATH="$PATH:$HOME/.safe-chain/bin" -function printSafeChainWarning() { - # \033[43;30m is used to set the background color to yellow and text color to black - # \033[0m is used to reset the text formatting - printf "\033[43;30mWarning:\033[0m safe-chain is not available to protect you from installing malware. %s will run without it.\n" "$1" - # \033[36m is used to set the text color to cyan - printf "Install safe-chain by using \033[36mnpm install -g @aikidosec/safe-chain\033[0m.\n" -} - -function wrapSafeChainCommand() { - local original_cmd="$1" - - if command -v safe-chain > /dev/null 2>&1; then - # If the aikido command is available, just run it with the provided arguments - safe-chain "$@" - else - # If the aikido command is not available, print a warning and run the original command - printSafeChainWarning "$original_cmd" - - command "$original_cmd" "$@" - fi -} - function npx() { wrapSafeChainCommand "npx" "$@" } @@ -56,3 +34,25 @@ function npm() { wrapSafeChainCommand "npm" "$@" } + +function printSafeChainWarning() { + # \033[43;30m is used to set the background color to yellow and text color to black + # \033[0m is used to reset the text formatting + printf "\033[43;30mWarning:\033[0m safe-chain is not available to protect you from installing malware. %s will run without it.\n" "$1" + # \033[36m is used to set the text color to cyan + printf "Install safe-chain by using \033[36mnpm install -g @aikidosec/safe-chain\033[0m.\n" +} + +function wrapSafeChainCommand() { + local original_cmd="$1" + + if command -v safe-chain > /dev/null 2>&1; then + # If the aikido command is available, just run it with the provided arguments + safe-chain "$@" + else + # If the aikido command is not available, print a warning and run the original command + printSafeChainWarning "$original_cmd" + + command "$original_cmd" "$@" + fi +} diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 b/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 index 0b7f5ee..4f58406 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 +++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 @@ -3,6 +3,41 @@ $pathSeparator = if ($IsWindows) { ';' } else { ':' } $safeChainBin = Join-Path $HOME '.safe-chain' 'bin' $env:PATH = "$env:PATH$pathSeparator$safeChainBin" +function npx { + Invoke-WrappedCommand "npx" $args +} + +function yarn { + Invoke-WrappedCommand "yarn" $args +} + +function pnpm { + Invoke-WrappedCommand "pnpm" $args +} + +function pnpx { + Invoke-WrappedCommand "pnpx" $args +} + +function bun { + Invoke-WrappedCommand "bun" $args +} + +function bunx { + Invoke-WrappedCommand "bunx" $args +} + +function npm { + # If args is just -v or --version and nothing else, just run the npm version command + # This is because nvm uses this to check the version of npm + if (($args.Length -eq 1) -and (($args[0] -eq "-v") -or ($args[0] -eq "--version"))) { + Invoke-RealCommand "npm" $args + return + } + + Invoke-WrappedCommand "npm" $args +} + function Write-SafeChainWarning { param([string]$Command) @@ -55,38 +90,3 @@ function Invoke-WrappedCommand { Invoke-RealCommand $OriginalCmd $Arguments } } - -function npx { - Invoke-WrappedCommand "npx" $args -} - -function yarn { - Invoke-WrappedCommand "yarn" $args -} - -function pnpm { - Invoke-WrappedCommand "pnpm" $args -} - -function pnpx { - Invoke-WrappedCommand "pnpx" $args -} - -function bun { - Invoke-WrappedCommand "bun" $args -} - -function bunx { - Invoke-WrappedCommand "bunx" $args -} - -function npm { - # If args is just -v or --version and nothing else, just run the npm version command - # This is because nvm uses this to check the version of npm - if (($args.Length -eq 1) -and (($args[0] -eq "-v") -or ($args[0] -eq "--version"))) { - Invoke-RealCommand "npm" $args - return - } - - Invoke-WrappedCommand "npm" $args -}