milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Restore old "how it works" text in Readme.md

Browse source
This commit is contained in:
Sander Declerck 2025-11-24 14:44:01 +01:00
parent e02e36cfea
commit 78c8da6fae
No known key found for this signature in database
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -29,16 +29,19 @@ Installing the Aikido Safe Chain is easy. You just need 3 simple steps:
npm install -g @aikidosec/safe-chain npm install -g @aikidosec/safe-chain
``` ```
2. **Setup the shell integration** by running: 2. **Setup the shell integration** by running:
```shell ```shell
safe-chain setup safe-chain setup
``` ```
To enable Python (pip/pip3) support (beta), use the `--include-python` flag: To enable Python (pip/pip3) support (beta), use the `--include-python` flag:
```shell ```shell
safe-chain setup --include-python safe-chain setup --include-python
``` ```
3. **❗Restart your terminal** to start using the Aikido Safe Chain. 3. **❗Restart your terminal** to start using the Aikido Safe Chain.
- This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, bunx, and pip/pip3 are loaded correctly. If you do not restart your terminal, the aliases will not be available. - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, bunx, and pip/pip3 are loaded correctly. If you do not restart your terminal, the aliases will not be available.
4. **Verify the installation** by running one of the following commands: 4. **Verify the installation** by running one of the following commands:
@ -50,6 +53,7 @@ Installing the Aikido Safe Chain is easy. You just need 3 simple steps:
``` ```
For Python (beta): For Python (beta):
```shell ```shell
pip3 install safe-chain-pi-test pip3 install safe-chain-pi-test
``` ```
@ -68,7 +72,7 @@ safe-chain --version
### Malware Blocking ### Malware Blocking
The Aikido Safe Chain runs a lightweight proxy server that intercepts package downloads from the npm registry and PyPI. When you run npm, npx, yarn, pnpm, pnpx, bun, bunx, `pip`, or `pip3` commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine. The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry and PyPI. When you run npm, npx, yarn, pnpm, pnpx, bun, bunx, `pip`, or `pip3` commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
### Minimum package age (npm only) ### Minimum package age (npm only)