From 4be1f7900dca84ba159d6a63b45b63eb8b74351c Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Tue, 16 Dec 2025 12:56:03 +0100 Subject: [PATCH 1/4] Use the standalone binary in our own pipelines --- .github/workflows/build-and-release.yml | 4 +--- .github/workflows/create-artifact.yml | 4 +--- .github/workflows/test-on-pr.yml | 4 +--- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build-and-release.yml b/.github/workflows/build-and-release.yml index f9ca4da..a35144f 100644 --- a/.github/workflows/build-and-release.yml +++ b/.github/workflows/build-and-release.yml @@ -44,9 +44,7 @@ jobs: NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }} - name: Setup safe-chain - run: | - npm i -g @aikidosec/safe-chain - safe-chain setup-ci + run: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci - name: Set the version in safe-chain package run: npm --no-git-tag-version version ${{ needs.set-version.outputs.version }} --workspace=packages/safe-chain diff --git a/.github/workflows/create-artifact.yml b/.github/workflows/create-artifact.yml index 5aa6422..2465aee 100644 --- a/.github/workflows/create-artifact.yml +++ b/.github/workflows/create-artifact.yml @@ -60,9 +60,7 @@ jobs: node-version: "20.x" - name: Setup safe-chain - run: | - npm i -g @aikidosec/safe-chain - safe-chain setup-ci + run: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci - name: Install dependencies run: npm ci --ignore-scripts diff --git a/.github/workflows/test-on-pr.yml b/.github/workflows/test-on-pr.yml index f754931..8811944 100644 --- a/.github/workflows/test-on-pr.yml +++ b/.github/workflows/test-on-pr.yml @@ -110,9 +110,7 @@ jobs: node-version: "lts/*" - name: Setup safe-chain - run: | - npm i -g @aikidosec/safe-chain@1.0.24 - safe-chain setup-ci + run: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci - name: Install dependencies (root) run: npm ci From 5e28190d871f7b4839b1308d27064636040224cd Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Tue, 16 Dec 2025 13:01:04 +0100 Subject: [PATCH 2/4] Split up setup step for Windows runner --- .github/workflows/create-artifact.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/create-artifact.yml b/.github/workflows/create-artifact.yml index 2465aee..d57bce9 100644 --- a/.github/workflows/create-artifact.yml +++ b/.github/workflows/create-artifact.yml @@ -59,9 +59,15 @@ jobs: with: node-version: "20.x" - - name: Setup safe-chain + - name: Setup safe-chain (Mac/Linux) + if: runner.os != 'Windows' run: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci + - name: Setup safe-chain (Windows) + if: runner.os == 'Windows' + shell: pwsh + run: iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1' -UseBasicParsing) } -ci" + - name: Install dependencies run: npm ci --ignore-scripts From 7b8a94587520f6c98c56248082bb3e6ddbf9418f Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Tue, 16 Dec 2025 13:34:14 +0100 Subject: [PATCH 3/4] Add safe-chain-test for verification --- package-lock.json | 6 ++++++ packages/safe-chain/package.json | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/package-lock.json b/package-lock.json index 30f47e4..aef9fd8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2639,6 +2639,11 @@ "dev": true, "license": "MIT" }, + "node_modules/safe-chain-test": { + "version": "0.0.1-security", + "resolved": "https://registry.npmjs.org/safe-chain-test/-/safe-chain-test-0.0.1-security.tgz", + "integrity": "sha512-nJoRuRb52IWYNLNX/Bpwot6w+1U1cykpp08eTUdqZOoJ3AcJkiOi4hrHJx4OtT/c4wbK7MoDlKi763DP8BgD2Q==" + }, "node_modules/safer-buffer": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", @@ -3122,6 +3127,7 @@ "make-fetch-happen": "15.0.3", "node-forge": "1.3.2", "npm-registry-fetch": "19.1.1", + "safe-chain-test": "0.0.1-security", "semver": "7.7.2" }, "bin": { diff --git a/packages/safe-chain/package.json b/packages/safe-chain/package.json index d0e0e91..dc1c553 100644 --- a/packages/safe-chain/package.json +++ b/packages/safe-chain/package.json @@ -44,7 +44,8 @@ "make-fetch-happen": "15.0.3", "node-forge": "1.3.2", "npm-registry-fetch": "19.1.1", - "semver": "7.7.2" + "semver": "7.7.2", + "safe-chain-test": "0.0.1-security" }, "devDependencies": { "@types/ini": "^4.1.1", From b060cec580e7679711ebc4367d68102c75a98165 Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Tue, 16 Dec 2025 13:35:41 +0100 Subject: [PATCH 4/4] Revert "Add safe-chain-test for verification" This reverts commit 7b8a94587520f6c98c56248082bb3e6ddbf9418f. --- package-lock.json | 6 ------ packages/safe-chain/package.json | 3 +-- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index aef9fd8..30f47e4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2639,11 +2639,6 @@ "dev": true, "license": "MIT" }, - "node_modules/safe-chain-test": { - "version": "0.0.1-security", - "resolved": "https://registry.npmjs.org/safe-chain-test/-/safe-chain-test-0.0.1-security.tgz", - "integrity": "sha512-nJoRuRb52IWYNLNX/Bpwot6w+1U1cykpp08eTUdqZOoJ3AcJkiOi4hrHJx4OtT/c4wbK7MoDlKi763DP8BgD2Q==" - }, "node_modules/safer-buffer": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", @@ -3127,7 +3122,6 @@ "make-fetch-happen": "15.0.3", "node-forge": "1.3.2", "npm-registry-fetch": "19.1.1", - "safe-chain-test": "0.0.1-security", "semver": "7.7.2" }, "bin": { diff --git a/packages/safe-chain/package.json b/packages/safe-chain/package.json index dc1c553..d0e0e91 100644 --- a/packages/safe-chain/package.json +++ b/packages/safe-chain/package.json @@ -44,8 +44,7 @@ "make-fetch-happen": "15.0.3", "node-forge": "1.3.2", "npm-registry-fetch": "19.1.1", - "semver": "7.7.2", - "safe-chain-test": "0.0.1-security" + "semver": "7.7.2" }, "devDependencies": { "@types/ini": "^4.1.1",