milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into verbose-logging

Browse source
This commit is contained in:
Sander Declerck 2025-11-03 11:37:47 +01:00
commit be6a6dccd9
No known key found for this signature in database
62 changed files with 1243 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

23
packages/safe-chain/src/scanning/audit/index.js
View file

@ -4,6 +4,25 @@ import {
openMalwareDatabase,
} from "../malwareDatabase.js";
/**
* @typedef {Object} PackageChange
* @property {string} name
* @property {string} version
* @property {string} type
*/
/**
* @typedef {Object} AuditResult
* @property {PackageChange[]} allowedChanges
* @property {(PackageChange & {reason: string})[]} disallowedChanges
* @property {boolean} isAllowed
*/
/**
* @param {PackageChange[]} changes
*
* @returns {Promise<AuditResult>}
*/
export async function auditChanges(changes) {
const allowedChanges = [];
const disallowedChanges = [];
@ -41,6 +60,10 @@ export async function auditChanges(changes) {
return auditResults;
}
/**
* @param {{name: string, version: string, type: string}[]} changes
* @returns {Promise<{name: string, version: string, status: string}[]>}
*/
async function getPackagesWithMalware(changes) {
if (changes.length === 0) {
return [];