Merge remote-tracking branch 'origin/main' into feature/pypi

2026-05-26 12:10:49 +00:00 · 2025-11-03 06:49:53 -08:00 · 2025-11-03 06:49:53 -08:00 · 548d416996
commit 548d416996
parent be5c4fb382 e0fbb7e18a
64 changed files with 1689 additions and 381 deletions
--- a/packages/safe-chain/src/scanning/audit/index.js
+++ b/packages/safe-chain/src/scanning/audit/index.js
@ -3,6 +3,25 @@ import {
  openMalwareDatabase,
 } from "../malwareDatabase.js";

+/**
+ * @typedef {Object} PackageChange
+ * @property {string} name
+ * @property {string} version
+ * @property {string} type
+ */
+
+/**
+ * @typedef {Object} AuditResult
+ * @property {PackageChange[]} allowedChanges
+ * @property {(PackageChange & {reason: string})[]} disallowedChanges
+ * @property {boolean} isAllowed
+ */
+
+/**
+ * @param {PackageChange[]} changes
+ *
+ * @returns {Promise<AuditResult>}
+ */
 export async function auditChanges(changes) {
  const allowedChanges = [];
  const disallowedChanges = [];
@ -36,6 +55,10 @@ export async function auditChanges(changes) {
  return auditResults;
 }

+/**
+ * @param {{name: string, version: string, type: string}[]} changes
+ * @returns {Promise<{name: string, version: string, status: string}[]>}
+ */
 async function getPackagesWithMalware(changes) {
  if (changes.length === 0) {
    return [];