milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Notify the user when we modified the package versions

Browse source
This commit is contained in:
Sander Declerck 2025-11-13 17:10:22 +01:00
parent dc6f37b3ec
commit 59fa76a42f
No known key found for this signature in database
3 changed files with 26 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
packages/safe-chain/src/main.js
View file

@ -72,6 +72,19 @@ export async function main(args) {
); );
} }
if (proxy.hasSuppressedVersions()) {
ui.writeInformation(
`${chalk.yellow(
""
)} Safe-chain: Some package versions were suppressed due to minimum age requirement.`
);
ui.writeInformation(
` To disable this check, use: ${chalk.cyan(
"--safe-chain-skip-minimum-package-age"
)}`
);
}
// Returning the exit code back to the caller allows the promise // Returning the exit code back to the caller allows the promise
// to be awaited in the bin files and return the correct exit code // to be awaited in the bin files and return the correct exit code
return packageManagerResult.status; return packageManagerResult.status;

11
packages/safe-chain/src/registryProxy/interceptors/npm/modifyNpmInfo.js
View file

@ -1,6 +1,8 @@
import { getMinimumPackageAgeHours } from "../../../config/settings.js"; import { getMinimumPackageAgeHours } from "../../../config/settings.js";
import { ui } from "../../../environment/userInteraction.js"; import { ui } from "../../../environment/userInteraction.js";
let hasSuppressedVersions = false;
/** /**
* @param {NodeJS.Dict<string | string[]>} headers * @param {NodeJS.Dict<string | string[]>} headers
*/ */
@ -100,6 +102,8 @@ export function modifyNpmInfoResponse(body, headers) {
* @param {string} version * @param {string} version
*/ */
function deleteVersionFromJson(json, version) { function deleteVersionFromJson(json, version) {
hasSuppressedVersions = true;
ui.writeVerbose( ui.writeVerbose(
`Safe-chain: ${version} is newer than ${getMinimumPackageAgeHours()} hours and was removed (minimumPackageAgeInHours setting).` `Safe-chain: ${version} is newer than ${getMinimumPackageAgeHours()} hours and was removed (minimumPackageAgeInHours setting).`
); );
@ -152,3 +156,10 @@ function getMostRecentTag(tagList) {
return current; return current;
} }
/**
* @returns {boolean}
*/
export function getHasSuppressedVersions() {
return hasSuppressedVersions;
}

2
packages/safe-chain/src/registryProxy/registryProxy.js
View file

@ -6,6 +6,7 @@ import { getCaCertPath } from "./certUtils.js";
import { ui } from "../environment/userInteraction.js"; import { ui } from "../environment/userInteraction.js";
import chalk from "chalk"; import chalk from "chalk";
import { createInterceptorForUrl } from "./interceptors/createInterceptorForEcoSystem.js"; import { createInterceptorForUrl } from "./interceptors/createInterceptorForEcoSystem.js";
import { getHasSuppressedVersions } from "./interceptors/npm/modifyNpmInfo.js";
const SERVER_STOP_TIMEOUT_MS = 1000; const SERVER_STOP_TIMEOUT_MS = 1000;
/** /**
@ -23,6 +24,7 @@ export function createSafeChainProxy() {
startServer: () => startServer(server), startServer: () => startServer(server),
stopServer: () => stopServer(server), stopServer: () => stopServer(server),
verifyNoMaliciousPackages, verifyNoMaliciousPackages,
hasSuppressedVersions: getHasSuppressedVersions,
}; };
} }