milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add command to verify safe-chain is intercepting the package managers commands

Browse source
This commit is contained in:
Sander Declerck 2025-12-19 16:18:21 +01:00
parent 53c59e35e9
commit b571aad6a0
No known key found for this signature in database
3 changed files with 32 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

15
README.md
View file

@ -71,7 +71,20 @@ You can find all available versions on the [releases page](https://github.com/Ai
- This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, bunx, pip, pip3, poetry, uv and pipx are loaded correctly. If you do not restart your terminal, the aliases will not be available. - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, bunx, pip, pip3, poetry, uv and pipx are loaded correctly. If you do not restart your terminal, the aliases will not be available.
2. **Verify the installation** by running one of the following commands: 2. **Verify the installation** by running the verification command:
```shell
npm safe-chain-verify
pnpm safe-chain-verify
pip safe-chain-verify
uv safe-chain-verify
# Any other supported package manager: {packagemanager} safe-chain-verify
```
- The output should display "OK: Safe-chain works!" confirming that Aikido Safe Chain is properly installed and running.
3. **(Optional) Test malware blocking** by attempting to install a test package:
For JavaScript/Node.js: For JavaScript/Node.js:

7
packages/safe-chain/bin/safe-chain.js
View file

@ -3,7 +3,10 @@
import chalk from "chalk"; import chalk from "chalk";
import { ui } from "../src/environment/userInteraction.js"; import { ui } from "../src/environment/userInteraction.js";
import { setup } from "../src/shell-integration/setup.js"; import { setup } from "../src/shell-integration/setup.js";
import { teardown, teardownDirectories } from "../src/shell-integration/teardown.js"; import {
teardown,
teardownDirectories,
} from "../src/shell-integration/teardown.js";
import { setupCi } from "../src/shell-integration/setup-ci.js"; import { setupCi } from "../src/shell-integration/setup-ci.js";
import { initializeCliArguments } from "../src/config/cliArguments.js"; import { initializeCliArguments } from "../src/config/cliArguments.js";
import { setEcoSystem } from "../src/config/settings.js"; import { setEcoSystem } from "../src/config/settings.js";
@ -45,7 +48,7 @@ if (tool) {
const args = process.argv.slice(3); const args = process.argv.slice(3);
setEcoSystem(tool.ecoSystem); setEcoSystem(tool.ecoSystem);
// Provide tool context to PM (pip uses this; others ignore) // Provide tool context to PM (pip uses this; others ignore)
const toolContext = { tool: tool.tool, args }; const toolContext = { tool: tool.tool, args };
initializePackageManager(tool.internalPackageManagerName, toolContext); initializePackageManager(tool.internalPackageManagerName, toolContext);

13
packages/safe-chain/src/main.js
View file

@ -13,6 +13,10 @@ import { getAuditStats } from "./scanning/audit/index.js";
* @returns {Promise<number>} * @returns {Promise<number>}
*/ */
export async function main(args) { export async function main(args) {
if (isSafeChainVerify(args)) {
return 0;
}
process.on("SIGINT", handleProcessTermination); process.on("SIGINT", handleProcessTermination);
process.on("SIGTERM", handleProcessTermination); process.on("SIGTERM", handleProcessTermination);
@ -104,3 +108,12 @@ export async function main(args) {
function handleProcessTermination() { function handleProcessTermination() {
ui.writeBufferedLogsAndStopBuffering(); ui.writeBufferedLogsAndStopBuffering();
} }
/** @param {string[]} args */
function isSafeChainVerify(args) {
const safeChainCheckCommand = "safe-chain-verify";
if (args.length > 0 && args[0] === safeChainCheckCommand) {
ui.writeInformation("OK: Safe-chain works!");
return true;
}
}