From d9ea0e2efca4055347a0fbacc721411733e9811a Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Thu, 24 Jul 2025 16:57:10 +0200 Subject: [PATCH] Modify posix script: don't automatically install --- package.json | 3 +- .../startup-scripts/init-posix.sh | 75 +++++-------------- 2 files changed, 22 insertions(+), 56 deletions(-) diff --git a/package.json b/package.json index 4ab4c95..7bd518b 100644 --- a/package.json +++ b/package.json @@ -42,5 +42,6 @@ "bugs": { "url": "https://github.com/AikidoSec/safe-chain/issues" }, - "homepage": "https://github.com/AikidoSec/safe-chain#readme" + "homepage": "https://github.com/AikidoSec/safe-chain#readme", + "packageManager": "npm@11.4.1+sha512.fcee43884166b6f9c5d04535fb95650e9708b6948a1f797eddf40e9778646778a518dfa32651b1c62ff36f4ac42becf177ca46ca27d53f24b539190c8d91802b" } diff --git a/src/shell-integration/startup-scripts/init-posix.sh b/src/shell-integration/startup-scripts/init-posix.sh index 09a5926..3b6d13b 100644 --- a/src/shell-integration/startup-scripts/init-posix.sh +++ b/src/shell-integration/startup-scripts/init-posix.sh @@ -1,80 +1,45 @@ -function installIfCommandNotFound() { - local cmd="$1" - - # Check if the command already exists - if command -v "$cmd" > /dev/null 2>&1; then - return 0 - fi - - # Check if Node.js version is below 18 - # Safe-chain requires Node.js 18 or higher - local node_version=$(node -v | sed 's/v//' | cut -d'.' -f1) - if [ "$node_version" -lt 18 ]; then - return 2 - fi - - # Command not found, ask user if they want to install safe-chain - printf "The command '%s' is not available. Do you want to install safe-chain to provide it? (y/N): " "$cmd" - read -r response - - if [[ "$response" =~ ^[Yy]$ ]]; then - printf "Installing safe-chain...\n" - installSafeChain - - if [ $? -ne 0 ]; then - printf "\nFailed to install safe-chain. Exiting.\n" - return 1 - fi - - return 0 - else - printf "Skipping safe-chain installation. Using original command instead.\n" - return 2 - fi +function printSafeChainWarning() { + # \033[43;30m is used to set the background color to yellow and text color to black + # \033[0m is used to reset the text formatting + printf "\033[43;30mWarning:\033[0m safe-chain is not available to protect you from installing malware. %s will be run directly.\n" "$1" + # \033[36m is used to set the text color to cyan + printf "Install safe-chain by using \033[36mnpm install -g @aikidosec/safe-chain\033[0m.\n" } -function installSafeChain() { - command npm install -g @aikidosec/safe-chain - - if [ $? -ne 0 ]; then - return 1 - fi - - printf "------\n" -} - -function wrapCommand() { +function wrapSafeChainCommand() { local original_cmd="$1" local aikido_cmd="$2" # Remove the first 2 arguments (original_cmd and aikido_cmd) from $@ # so that "$@" now contains only the arguments passed to the original command shift 2 - - installIfCommandNotFound "$aikido_cmd" - local install_result=$? - if [ $install_result -eq 2 ]; then - command "$original_cmd" "$@" - else + + if command -v "$aikido_cmd" > /dev/null 2>&1; then + # If the aikido command is available, just run it with the provided arguments "$aikido_cmd" "$@" + else + # If the aikido command is not available, print a warning and run the original command + printSafeChainWarning "$original_cmd" + + command "$original_cmd" "$@" fi } function npx() { - wrapCommand "npx" "aikido-npx" "$@" + wrapSafeChainCommand "npx" "aikido-npx" "$@" } function yarn() { - wrapCommand "yarn" "aikido-yarn" "$@" + wrapSafeChainCommand "yarn" "aikido-yarn" "$@" } function pnpm() { - wrapCommand "pnpm" "aikido-pnpm" "$@" + wrapSafeChainCommand "pnpm" "aikido-pnpm" "$@" } function pnpx() { - wrapCommand "pnpx" "aikido-pnpx" "$@" + wrapSafeChainCommand "pnpx" "aikido-pnpx" "$@" } function npm() { @@ -85,5 +50,5 @@ function npm() { return fi - wrapCommand "npm" "aikido-npm" "$@" + wrapSafeChainCommand "npm" "aikido-npm" "$@" }