milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move safe-chain package to packages/safe-chain

Browse source
This commit is contained in:
Sander Declerck 2025-09-05 11:19:37 +02:00
parent fc9a9ca129
commit 7673d32912
No known key found for this signature in database
68 changed files with 85 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

7
.gitignore vendored
View file

@ -138,4 +138,9 @@ dist
# Vite logs files # Vite logs files
vite.config.js.timestamp-* vite.config.js.timestamp-*
vite.config.ts.timestamp-* vite.config.ts.timestamp-*
# AI
Claude.md
.claude
.reference

2
eslint.config.js
View file

@ -22,5 +22,5 @@ export default defineConfig([
}, },
rules: {}, rules: {},
}, },
globalIgnores(['test/e2e']), globalIgnores(['test/e2e', 'node_modules']),
]); ]);

49
package-lock.json generated
View file

@ -1,29 +1,15 @@
{ {
"name": "@aikidosec/safe-chain", "name": "aikido-safe-chain-workspace",
"version": "1.0.0", "version": "1.0.0",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "@aikidosec/safe-chain", "name": "aikido-safe-chain-workspace",
"version": "1.0.0",
"license": "AGPL-3.0-or-later", "license": "AGPL-3.0-or-later",
"dependencies": { "workspaces": [
"@inquirer/prompts": "^7.4.1", "packages/*"
"abbrev": "^3.0.1", ],
"chalk": "^5.4.1",
"npm-registry-fetch": "^18.0.2",
"ora": "^8.2.0",
"semver": "^7.7.2"
},
"bin": {
"aikido-npm": "bin/aikido-npm.js",
"aikido-npx": "bin/aikido-npx.js",
"aikido-pnpm": "bin/aikido-pnpm.js",
"aikido-pnpx": "bin/aikido-pnpx.js",
"aikido-yarn": "bin/aikido-yarn.js",
"safe-chain": "bin/safe-chain.js"
},
"devDependencies": { "devDependencies": {
"@eslint/js": "^9.26.0", "@eslint/js": "^9.26.0",
"eslint": "^9.26.0", "eslint": "^9.26.0",
@ -32,6 +18,10 @@
"typescript-eslint": "^8.32.0" "typescript-eslint": "^8.32.0"
} }
}, },
"node_modules/@aikidosec/safe-chain": {
"resolved": "packages/safe-chain",
"link": true
},
"node_modules/@eslint-community/eslint-utils": { "node_modules/@eslint-community/eslint-utils": {
"version": "4.7.0", "version": "4.7.0",
"resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.7.0.tgz", "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.7.0.tgz",
@ -5764,6 +5754,27 @@
"peerDependencies": { "peerDependencies": {
"zod": "^3.24.1" "zod": "^3.24.1"
} }
},
"packages/safe-chain": {
"name": "@aikidosec/safe-chain",
"version": "1.0.0",
"license": "AGPL-3.0-or-later",
"dependencies": {
"@inquirer/prompts": "^7.4.1",
"abbrev": "^3.0.1",
"chalk": "^5.4.1",
"npm-registry-fetch": "^18.0.2",
"ora": "^8.2.0",
"semver": "^7.7.2"
},
"bin": {
"aikido-npm": "bin/aikido-npm.js",
"aikido-npx": "bin/aikido-npx.js",
"aikido-pnpm": "bin/aikido-pnpm.js",
"aikido-pnpx": "bin/aikido-pnpx.js",
"aikido-yarn": "bin/aikido-yarn.js",
"safe-chain": "bin/safe-chain.js"
}
} }
} }
} }

39
package.json
View file

@ -1,49 +1,26 @@
{ {
"name": "@aikidosec/safe-chain", "name": "aikido-safe-chain-workspace",
"version": "1.0.0", "private": true,
"type": "module",
"workspaces": ["packages/*"],
"scripts": { "scripts": {
"test": "node --test --experimental-test-module-mocks 'src/**/*.spec.js'", "test": "npm run test --workspace=packages/safe-chain",
"test:watch": "node --test --watch --experimental-test-module-mocks 'src/**/*.spec.js'", "lint": "npm run lint --workspace=packages/safe-chain"
"lint": "eslint ."
}, },
"repository": { "repository": {
"type": "git", "type": "git",
"url": "git+https://github.com/AikidoSec/safe-chain.git" "url": "git+https://github.com/AikidoSec/safe-chain.git"
}, },
"bin": {
"aikido-npm": "bin/aikido-npm.js",
"aikido-npx": "bin/aikido-npx.js",
"aikido-yarn": "bin/aikido-yarn.js",
"aikido-pnpm": "bin/aikido-pnpm.js",
"aikido-pnpx": "bin/aikido-pnpx.js",
"safe-chain": "bin/safe-chain.js"
},
"type": "module",
"keywords": [],
"author": "Aikido Security", "author": "Aikido Security",
"license": "AGPL-3.0-or-later", "license": "AGPL-3.0-or-later",
"description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), and [pnpx](https://pnpm.io/cli/dlx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, or pnpx from downloading or running the malware.",
"dependencies": {
"@inquirer/prompts": "^7.4.1",
"abbrev": "^3.0.1",
"chalk": "^5.4.1",
"npm-registry-fetch": "^18.0.2",
"ora": "^8.2.0",
"semver": "^7.7.2"
},
"devDependencies": { "devDependencies": {
"@eslint/js": "^9.26.0", "@eslint/js": "^9.26.0",
"eslint": "^9.26.0", "eslint": "^9.26.0",
"eslint-plugin-import": "^2.31.0", "eslint-plugin-import": "^2.31.0",
"globals": "^16.1.0", "globals": "^16.1.0",
"typescript-eslint": "^8.32.0" "typescript-eslint": "^8.32.0"
}, },
"main": "eslint.config.js",
"bugs": {
"url": "https://github.com/AikidoSec/safe-chain/issues"
},
"homepage": "https://github.com/AikidoSec/safe-chain#readme",
"overrides": { "overrides": {
"brace-expansion@<=2.0.2": "2.0.2" "brace-expansion@<=2.0.2": "2.0.2"
} }
} }

0
bin/aikido-npm.js → packages/safe-chain/bin/aikido-npm.js
View file

0
bin/aikido-npx.js → packages/safe-chain/bin/aikido-npx.js
View file

0
bin/aikido-pnpm.js → packages/safe-chain/bin/aikido-pnpm.js
View file

0
bin/aikido-pnpx.js → packages/safe-chain/bin/aikido-pnpx.js
View file

0
bin/aikido-yarn.js → packages/safe-chain/bin/aikido-yarn.js
View file

0
bin/safe-chain.js → packages/safe-chain/bin/safe-chain.js
View file

40
packages/safe-chain/package.json Normal file
View file

@ -0,0 +1,40 @@
{
"name": "@aikidosec/safe-chain",
"version": "1.0.0",
"scripts": {
"test": "node --test --experimental-test-module-mocks 'src/**/*.spec.js'",
"test:watch": "node --test --watch --experimental-test-module-mocks 'src/**/*.spec.js'",
"lint": "eslint ."
},
"bin": {
"aikido-npm": "bin/aikido-npm.js",
"aikido-npx": "bin/aikido-npx.js",
"aikido-yarn": "bin/aikido-yarn.js",
"aikido-pnpm": "bin/aikido-pnpm.js",
"aikido-pnpx": "bin/aikido-pnpx.js",
"safe-chain": "bin/safe-chain.js"
},
"type": "module",
"keywords": [],
"author": "Aikido Security",
"license": "AGPL-3.0-or-later",
"description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), and [pnpx](https://pnpm.io/cli/dlx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, or pnpx from downloading or running the malware.",
"dependencies": {
"@inquirer/prompts": "^7.4.1",
"abbrev": "^3.0.1",
"chalk": "^5.4.1",
"npm-registry-fetch": "^18.0.2",
"ora": "^8.2.0",
"semver": "^7.7.2"
},
"main": "src/main.js",
"bugs": {
"url": "https://github.com/AikidoSec/safe-chain/issues"
},
"homepage": "https://github.com/AikidoSec/safe-chain#readme",
"repository": {
"type": "git",
"url": "git+https://github.com/AikidoSec/safe-chain.git",
"directory": "packages/safe-chain"
}
}

0
src/api/aikido.js → packages/safe-chain/src/api/aikido.js
View file

0
src/api/npmApi.js → packages/safe-chain/src/api/npmApi.js
View file

0
src/config/configFile.js → packages/safe-chain/src/config/configFile.js
View file

0
src/environment/environment.js → packages/safe-chain/src/environment/environment.js
View file

0
src/environment/userInteraction.js → packages/safe-chain/src/environment/userInteraction.js
View file

0
src/main.js → packages/safe-chain/src/main.js
View file

0
src/packagemanager/_shared/matchesCommand.js → packages/safe-chain/src/packagemanager/_shared/matchesCommand.js
View file

0
src/packagemanager/currentPackageManager.js → packages/safe-chain/src/packagemanager/currentPackageManager.js
View file

0
src/packagemanager/npm/createPackageManager.js → packages/safe-chain/src/packagemanager/npm/createPackageManager.js
View file

0
src/packagemanager/npm/dependencyScanner/commandArgumentScanner.js → packages/safe-chain/src/packagemanager/npm/dependencyScanner/commandArgumentScanner.js
View file

0
src/packagemanager/npm/dependencyScanner/dryRunScanner.js → packages/safe-chain/src/packagemanager/npm/dependencyScanner/dryRunScanner.js
View file

0
src/packagemanager/npm/dependencyScanner/nullScanner.js → packages/safe-chain/src/packagemanager/npm/dependencyScanner/nullScanner.js
View file

0
src/packagemanager/npm/parsing/parseNpmInstallDryRunOutput.js → packages/safe-chain/src/packagemanager/npm/parsing/parseNpmInstallDryRunOutput.js
View file

0
src/packagemanager/npm/parsing/parseNpmInstallDryRunOutput.spec.js → packages/safe-chain/src/packagemanager/npm/parsing/parseNpmInstallDryRunOutput.spec.js
View file

0
src/packagemanager/npm/parsing/parsePackagesFromInstallArgs.js → packages/safe-chain/src/packagemanager/npm/parsing/parsePackagesFromInstallArgs.js
View file

0
src/packagemanager/npm/parsing/parsePackagesFromInstallArgs.spec.js → packages/safe-chain/src/packagemanager/npm/parsing/parsePackagesFromInstallArgs.spec.js
View file

0
src/packagemanager/npm/runNpmCommand.js → packages/safe-chain/src/packagemanager/npm/runNpmCommand.js
View file

0
src/packagemanager/npm/utils/cmd-list.js → packages/safe-chain/src/packagemanager/npm/utils/cmd-list.js
View file

0
src/packagemanager/npm/utils/npmCommands.js → packages/safe-chain/src/packagemanager/npm/utils/npmCommands.js
View file

0
src/packagemanager/npx/createPackageManager.js → packages/safe-chain/src/packagemanager/npx/createPackageManager.js
View file

0
src/packagemanager/npx/dependencyScanner/commandArgumentScanner.js → packages/safe-chain/src/packagemanager/npx/dependencyScanner/commandArgumentScanner.js
View file

0
src/packagemanager/npx/parsing/parsePackagesFromArguments.js → packages/safe-chain/src/packagemanager/npx/parsing/parsePackagesFromArguments.js
View file

0
src/packagemanager/npx/parsing/parsePackagesFromArguments.spec.js → packages/safe-chain/src/packagemanager/npx/parsing/parsePackagesFromArguments.spec.js
View file

0
src/packagemanager/npx/runNpxCommand.js → packages/safe-chain/src/packagemanager/npx/runNpxCommand.js
View file

0
src/packagemanager/pnpm/createPackageManager.js → packages/safe-chain/src/packagemanager/pnpm/createPackageManager.js
View file

0
src/packagemanager/pnpm/dependencyScanner/commandArgumentScanner.js → packages/safe-chain/src/packagemanager/pnpm/dependencyScanner/commandArgumentScanner.js
View file

0
src/packagemanager/pnpm/parsing/parsePackagesFromArguments.js → packages/safe-chain/src/packagemanager/pnpm/parsing/parsePackagesFromArguments.js
View file

0
src/packagemanager/pnpm/parsing/parsePackagesFromArguments.spec.js → packages/safe-chain/src/packagemanager/pnpm/parsing/parsePackagesFromArguments.spec.js
View file

0
src/packagemanager/pnpm/runPnpmCommand.js → packages/safe-chain/src/packagemanager/pnpm/runPnpmCommand.js
View file

0
src/packagemanager/yarn/createPackageManager.js → packages/safe-chain/src/packagemanager/yarn/createPackageManager.js
View file

0
src/packagemanager/yarn/dependencyScanner/commandArgumentScanner.js → packages/safe-chain/src/packagemanager/yarn/dependencyScanner/commandArgumentScanner.js
View file

0
src/packagemanager/yarn/parsing/parsePackagesFromArguments.js → packages/safe-chain/src/packagemanager/yarn/parsing/parsePackagesFromArguments.js
View file

0
src/packagemanager/yarn/parsing/parsePackagesFromArguments.spec.js → packages/safe-chain/src/packagemanager/yarn/parsing/parsePackagesFromArguments.spec.js
View file

0
src/packagemanager/yarn/runYarnCommand.js → packages/safe-chain/src/packagemanager/yarn/runYarnCommand.js
View file

0
src/scanning/audit/index.js → packages/safe-chain/src/scanning/audit/index.js
View file

0
src/scanning/index.js → packages/safe-chain/src/scanning/index.js
View file

0
src/scanning/index.scanCommand.spec.js → packages/safe-chain/src/scanning/index.scanCommand.spec.js
View file

0
src/scanning/index.shouldScanCommand.spec.js → packages/safe-chain/src/scanning/index.shouldScanCommand.spec.js
View file

0
src/scanning/malwareDatabase.js → packages/safe-chain/src/scanning/malwareDatabase.js
View file

0
src/shell-integration/helpers.js → packages/safe-chain/src/shell-integration/helpers.js
View file

0
src/shell-integration/helpers.spec.js → packages/safe-chain/src/shell-integration/helpers.spec.js
View file

0
src/shell-integration/setup.js → packages/safe-chain/src/shell-integration/setup.js
View file

0
src/shell-integration/shellDetection.js → packages/safe-chain/src/shell-integration/shellDetection.js
View file

0
src/shell-integration/startup-scripts/init-fish.fish → packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish
View file

0
src/shell-integration/startup-scripts/init-posix.sh → packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh
View file

0
src/shell-integration/startup-scripts/init-pwsh.ps1 → packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1
View file

0
src/shell-integration/supported-shells/bash.js → packages/safe-chain/src/shell-integration/supported-shells/bash.js
View file

0
src/shell-integration/supported-shells/bash.spec.js → packages/safe-chain/src/shell-integration/supported-shells/bash.spec.js
View file

0
src/shell-integration/supported-shells/fish.js → packages/safe-chain/src/shell-integration/supported-shells/fish.js
View file

0
src/shell-integration/supported-shells/fish.spec.js → packages/safe-chain/src/shell-integration/supported-shells/fish.spec.js
View file

0
src/shell-integration/supported-shells/powershell.js → packages/safe-chain/src/shell-integration/supported-shells/powershell.js
View file

0
src/shell-integration/supported-shells/powershell.spec.js → packages/safe-chain/src/shell-integration/supported-shells/powershell.spec.js
View file

0
src/shell-integration/supported-shells/windowsPowershell.js → packages/safe-chain/src/shell-integration/supported-shells/windowsPowershell.js
View file

0
src/shell-integration/supported-shells/windowsPowershell.spec.js → packages/safe-chain/src/shell-integration/supported-shells/windowsPowershell.spec.js
View file

0
src/shell-integration/supported-shells/zsh.js → packages/safe-chain/src/shell-integration/supported-shells/zsh.js
View file

0
src/shell-integration/supported-shells/zsh.spec.js → packages/safe-chain/src/shell-integration/supported-shells/zsh.spec.js
View file

0
src/shell-integration/teardown.js → packages/safe-chain/src/shell-integration/teardown.js
View file