Merge remote-tracking branch 'origin/main' into feature/pypi

2026-05-26 12:10:49 +00:00 · 2025-11-03 06:49:53 -08:00 · 2025-11-03 06:49:53 -08:00 · 548d416996
commit 548d416996
parent be5c4fb382 e0fbb7e18a
64 changed files with 1689 additions and 381 deletions
--- a/packages/safe-chain/src/scanning/malwareDatabase.js
+++ b/packages/safe-chain/src/scanning/malwareDatabase.js
@ -9,6 +9,13 @@ import {
 import { ui } from "../environment/userInteraction.js";
 import { getEcoSystem, ECOSYSTEM_PY } from "../config/settings.js";

+/**
+ * @typedef {Object} MalwareDatabase
+ * @property {function(string, string): string} getPackageStatus
+ * @property {function(string, string): boolean} isMalware
+ */
+
+/** @type {MalwareDatabase | null} */
 let cachedMalwareDatabase = null;

 /**
@ -32,6 +39,11 @@ export async function openMalwareDatabase() {

  const malwareDatabase = await getMalwareDatabase();

+  /**
+   * @param {string} name
+   * @param {string} version
+   * @returns {string}
+   */
  function getPackageStatus(name, version) {
    const normalizedName = normalizePackageName(name);
    const packageData = malwareDatabase.find(
@ -49,7 +61,7 @@ export async function openMalwareDatabase() {
    return packageData.reason;
  }

-  // This implicitely caches the malware database
+  // This implicitly caches the malware database
  //  that's closed over by the getPackageStatus function
  cachedMalwareDatabase = {
    getPackageStatus,
@ -61,6 +73,9 @@ export async function openMalwareDatabase() {
  return cachedMalwareDatabase;
 }

+/**
+ * @returns {Promise<import("../api/aikido.js").MalwarePackage[]>}
+ */
 async function getMalwareDatabase() {
  const { malwareDatabase: cachedDatabase, version: cachedVersion } =
    readDatabaseFromLocalCache();
@ -74,10 +89,11 @@ async function getMalwareDatabase() {
    }

    const { malwareDatabase, version } = await fetchMalwareDatabase();
+    // @ts-expect-error version can be undefined
    writeDatabaseToLocalCache(malwareDatabase, version);

    return malwareDatabase;
-  } catch (error) {
+  } catch (/** @type any */ error) {
    if (cachedDatabase) {
      ui.writeWarning(
        "Failed to fetch the latest malware database. Using cached version."
@ -88,6 +104,11 @@ async function getMalwareDatabase() {
  }
 }

+/**
+ * @param {string} status
+ *
+ * @returns {boolean}
+ */
 function isMalwareStatus(status) {
  let malwareStatus = status.toUpperCase();
  return malwareStatus === MALWARE_STATUS_MALWARE;