milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into test-on-win

Browse source
This commit is contained in:
Sander Declerck 2025-12-05 18:05:02 +01:00
commit bf674a0e5c
No known key found for this signature in database
142 changed files with 11833 additions and 5161 deletions
Download patch file Download diff file Expand all files Collapse all files

62
.github/workflows/build-and-release.yml vendored
View file

@ -5,8 +5,30 @@ on:
tags:
- "*"
permissions:
id-token: write
contents: write
jobs:
set-version:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.get_version.outputs.tag }}
steps:
- name: Set version number
id: get_version
run: |
version="${{ github.ref_name }}"
echo "tag=$version" >> $GITHUB_OUTPUT
create-binaries:
needs: set-version
uses: ./.github/workflows/create-artifact.yml
with:
version: ${{ needs.set-version.outputs.version }}
build:
needs: [set-version, create-binaries]
runs-on: ubuntu-latest
steps:
@ -26,14 +48,8 @@ jobs:
npm i -g @aikidosec/safe-chain
safe-chain setup-ci
- name: Set version number
id: get_version
run: |
version="${{ github.ref_name }}"
echo "tag=$version" >> $GITHUB_OUTPUT
- name: Set the version in safe-chain package
run: npm --no-git-tag-version version ${{ steps.get_version.outputs.tag }} --workspace=packages/safe-chain
run: npm --no-git-tag-version version ${{ needs.set-version.outputs.version }} --workspace=packages/safe-chain
- name: Install dependencies
run: npm ci
@ -49,7 +65,33 @@ jobs:
- name: Publish to npm
run: |
echo "Publishing version ${{ steps.get_version.outputs.tag }} to NPM"
npm publish --workspace=packages/safe-chain --access public
echo "Publishing version ${{ needs.set-version.outputs.version }} to NPM"
npm publish --workspace=packages/safe-chain --access public --provenance
- name: Download all binary artifacts
uses: actions/download-artifact@v4
with:
path: binaries/
pattern: safe-chain-*
merge-multiple: false
- name: Rename binaries to include platform and architecture
run: |
mv binaries/safe-chain-macos-x64/safe-chain binaries/safe-chain-macos-x64/safe-chain-macos-x64
mv binaries/safe-chain-macos-arm64/safe-chain binaries/safe-chain-macos-arm64/safe-chain-macos-arm64
mv binaries/safe-chain-linux-x64/safe-chain binaries/safe-chain-linux-x64/safe-chain-linux-x64
mv binaries/safe-chain-linux-arm64/safe-chain binaries/safe-chain-linux-arm64/safe-chain-linux-arm64
mv binaries/safe-chain-win-x64/safe-chain.exe binaries/safe-chain-win-x64/safe-chain-win-x64.exe
mv binaries/safe-chain-win-arm64/safe-chain.exe binaries/safe-chain-win-arm64/safe-chain-win-arm64.exe
- name: Upload binaries to existing GitHub Release
env:
NPM_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release upload ${{ needs.set-version.outputs.version }} \
binaries/safe-chain-macos-x64/* \
binaries/safe-chain-macos-arm64/* \
binaries/safe-chain-linux-x64/* \
binaries/safe-chain-linux-arm64/* \
binaries/safe-chain-win-x64/* \
binaries/safe-chain-win-arm64/*

82
.github/workflows/create-artifact.yml vendored Normal file
View file

@ -0,0 +1,82 @@
name: Create binaries
on:
pull_request:
workflow_call:
inputs:
version:
description: 'Version to set in package.json'
required: false
type: string
jobs:
create-binaries:
name: Create binary for ${{ matrix.os }}-${{ matrix.arch }}
runs-on: ${{ matrix.runner }}
strategy:
fail-fast: false
matrix:
include:
- os: macos
arch: x64
runner: macos-15-intel
target: node20-macos-x64
extension: ""
- os: macos
arch: arm64
runner: macos-latest
target: node20-macos-arm64
extension: ""
- os: linux
arch: x64
runner: ubuntu-latest
target: node20-linux-x64
extension: ""
- os: linux
arch: arm64
runner: ubuntu-24.04-arm
target: node20-linux-arm64
extension: ""
- os: win
arch: x64
runner: windows-latest
target: node20-win-x64
extension: ".exe"
- os: win
arch: arm64
runner: windows-11-arm
target: node20-win-arm64
extension: ".exe"
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: "20.x"
- name: Setup safe-chain
run: |
npm i -g @aikidosec/safe-chain
safe-chain setup-ci
- name: Set the version in safe-chain package
if: inputs.version != ''
run: npm --no-git-tag-version version ${{ inputs.version }} --workspace=packages/safe-chain
- name: Install dependencies
run: npm ci --ignore-scripts
- name: Create binary
run: |
node build.js ${{ matrix.target }}
- name: Upload binary artifact
uses: actions/upload-artifact@v4
with:
name: safe-chain-${{ matrix.os }}-${{ matrix.arch }}
path: dist/*

5
.github/workflows/test-on-pr.yml vendored
View file

@ -33,9 +33,12 @@ jobs:
- name: Run unit tests
run: npm test
- name: Run ESLint
- name: Run linting
run: npm run lint
- name: Type check
run: npm run typecheck --workspace=packages/safe-chain
- name: Create package tarball
run: npm pack --workspace=packages/safe-chain

7
.gitignore vendored
View file

@ -144,3 +144,10 @@ vite.config.ts.timestamp-*
Claude.md
.claude
.reference
# Build files
build/
dist/
# Jetbrains IDEs
.idea/**

30
.oxlintrc.json Normal file
View file

@ -0,0 +1,30 @@
{
"$schema": "./node_modules/oxlint/configuration_schema.json",
"plugins": [
"node",
"promise",
"eslint",
"unicorn",
"oxc",
"import"
],
"env": {
"browser": false,
"node": true
},
"rules": {
"eslint/no-console": "error",
"eslint/no-empty": "error",
"eslint/no-undef": "error"
},
"overrides": [
{
"files": [
"*.spec.js"
],
"rules": {
"eslint/no-console": "off"
}
}
]
}

209
README.md
View file

@ -1,50 +1,109 @@
![Aikido Safe Chain](https://raw.githubusercontent.com/AikidoSec/safe-chain/main/docs/banner.svg)
# Aikido Safe Chain
The Aikido Safe Chain **prevents developers from installing malware** on their workstations through npm, npx, yarn, pnpm, pnpx, bun, and bunx. It's **free** to use and does not require any token.
[![NPM Version](https://img.shields.io/npm/v/%40aikidosec%2Fsafe-chain?style=flat-square)](https://www.npmjs.com/package/@aikidosec/safe-chain)
[![NPM Downloads](https://img.shields.io/npm/dw/%40aikidosec%2Fsafe-chain?style=flat-square)](https://www.npmjs.com/package/@aikidosec/safe-chain)
The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), and [bunx](https://bun.sh/docs/cli/bunx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, or bunx from downloading or running the malware.
- ✅ **Block malware on developer laptops and CI/CD**
- ✅ **Supports npm and PyPI** more package managers coming
- ✅ **Blocks packages newer than 24 hours** without breaking your build
- ✅ **Tokenless, free, no build data shared**
![demo](./docs/safe-package-manager-demo.png)
Aikido Safe Chain supports the following package managers:
Aikido Safe Chain works on Node.js version 18 and above and supports the following package managers:
- ✅ **npm**
- ✅ **npx**
- ✅ **yarn**
- ✅ **pnpm**
- ✅ **pnpx**
- ✅ **bun**
- ✅ **bunx**
- 📦 **npm**
- 📦 **npx**
- 📦 **yarn**
- 📦 **pnpm**
- 📦 **pnpx**
- 📦 **bun**
- 📦 **bunx**
- 📦 **pip** (beta)
- 📦 **pip3** (beta)
- 📦 **uv** (beta)
# Usage
## Installation
Installing the Aikido Safe Chain is easy. You just need 3 simple steps:
Installing the Aikido Safe Chain is easy with our one-line installer.
> ⚠️ **Already installed via npm?** See the [migration guide](https://github.com/AikidoSec/safe-chain/blob/main/docs/npm-to-binary-migration.md) to switch to the binary version.
### Unix/Linux/macOS
**Default installation (JavaScript packages only):**
1. **Install the Aikido Safe Chain package globally** using npm:
```shell
npm install -g @aikidosec/safe-chain
curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh
```
2. **Setup the shell integration** by running:
**Include Python support (pip/pip3/uv):**
```shell
safe-chain setup
curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --include-python
```
3. **❗Restart your terminal** to start using the Aikido Safe Chain.
- This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, and bunx are loaded correctly. If you do not restart your terminal, the aliases will not be available.
4. **Verify the installation** by running:
### Windows (PowerShell)
**Default installation (JavaScript packages only):**
```powershell
iex (iwr "https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1" -UseBasicParsing)
```
**Include Python support (pip/pip3/uv):**
```powershell
iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1' -UseBasicParsing) } -includepython"
```
### Verify the installation
1. **❗Restart your terminal** to start using the Aikido Safe Chain.
- This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, bunx, and pip/pip3 are loaded correctly. If you do not restart your terminal, the aliases will not be available.
2. **Verify the installation** by running one of the following commands:
For JavaScript/Node.js:
```shell
npm install safe-chain-test
```
- The output should show that Aikido Safe Chain is blocking the installation of this package as it is flagged as malware.
When running `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, or `bunx` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. If any malware is detected, it will prompt you to exit the command.
For Python (if you enabled Python support):
```shell
pip3 install safe-chain-pi-test
```
- The output should show that Aikido Safe Chain is blocking the installation of these test packages as they are flagged as malware.
When running `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `uv`, `pip`, or `pip3` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. It also intercepts Python module invocations for pip when available (e.g., `python -m pip install ...`, `python3 -m pip download ...`). If any malware is detected, it will prompt you to exit the command.
You can check the installed version by running:
```shell
safe-chain --version
```
## How it works
The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry. When you run npm, npx, yarn, pnpm, pnpx, bun, or bunx commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
### Malware Blocking
The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm, pnpx, bun, and bunx commands. It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which manage the proxy server before executing the original commands. We currently support:
The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry and PyPI. When you run npm, npx, yarn, pnpm, pnpx, bun, bunx, uv, `pip`, or `pip3` commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
### Minimum package age (npm only)
For npm packages, Safe Chain temporarily suppresses packages published within the last 24 hours (by default) until they have been validated against malware. This provides an additional security layer during the critical period when newly published packages are most vulnerable to containing undetected threats. You can configure this threshold or bypass this protection entirely - see the [Minimum Package Age Configuration](#minimum-package-age) section below.
⚠️ This feature **only applies to npm-based package managers** (npm, npx, yarn, pnpm, pnpx, bun, bunx) and does not apply to Python package managers (uv, pip, pip3).
### Shell Integration
The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm, pnpx, bun, bunx, and Python package managers (uv, pip). It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which manage the proxy server before executing the original commands. We currently support:
- ✅ **Bash**
- ✅ **Zsh**
@ -52,7 +111,7 @@ The Aikido Safe Chain integrates with your shell to provide a seamless experienc
- ✅ **PowerShell**
- ✅ **PowerShell Core**
More information about the shell integration can be found in the [shell integration documentation](docs/shell-integration.md).
More information about the shell integration can be found in the [shell integration documentation](https://github.com/AikidoSec/safe-chain/blob/main/docs/shell-integration.md).
## Uninstallation
@ -70,34 +129,90 @@ To uninstall the Aikido Safe Chain, you can run the following command:
# Configuration
## Malware Action
## Logging
You can control how Aikido Safe Chain responds when malware is detected using the `--safe-chain-malware-action` flag:
You can control the output from Aikido Safe Chain using the `--safe-chain-logging` flag:
- `--safe-chain-malware-action=block` (**default**) - Automatically blocks installation and exits with an error when malware is detected
- `--safe-chain-malware-action=prompt` - Prompts the user to decide whether to continue despite the malware detection
- `--safe-chain-logging=silent` - Suppresses all Aikido Safe Chain output except when malware is blocked. The package manager output is written to stdout as normal, and Safe Chain only writes a short message if it has blocked malware and causes the process to exit.
Example usage:
```shell
npm install suspicious-package --safe-chain-malware-action=prompt
npm install express --safe-chain-logging=silent
```
- `--safe-chain-logging=verbose` - Enables detailed diagnostic output from Aikido Safe Chain. Useful for troubleshooting issues or understanding what Safe Chain is doing behind the scenes.
Example usage:
```shell
npm install express --safe-chain-logging=verbose
```
## Minimum Package Age
You can configure how long packages must exist before Safe Chain allows their installation. By default, packages must be at least 24 hours old before they can be installed through npm-based package managers.
### Configuration Options
You can set the minimum package age through multiple sources (in order of priority):
1. **CLI Argument** (highest priority):
```shell
npm install express --safe-chain-minimum-package-age-hours=48
```
2. **Environment Variable**:
```shell
export SAFE_CHAIN_MINIMUM_PACKAGE_AGE_HOURS=48
npm install express
```
3. **Config File** (`~/.aikido/config.json`):
```json
{
"minimumPackageAgeHours": 48
}
```
# Usage in CI/CD
You can protect your CI/CD pipelines from malicious packages by integrating Aikido Safe Chain into your build process. This ensures that any packages installed during your automated builds are checked for malware before installation.
For optimal protection in CI/CD environments, we recommend using **npm >= 10.4.0** as it provides full dependency tree scanning. Other package managers currently offer limited scanning of install command arguments only.
## Installation for CI/CD
## Setup
Use the `--ci` flag to automatically configure Aikido Safe Chain for CI/CD environments. This sets up executable shims in the PATH instead of shell aliases.
To use Aikido Safe Chain in CI/CD environments, run the following command after installing the package:
### Unix/Linux/macOS (GitHub Actions, Azure Pipelines, etc.)
**JavaScript only:**
```shell
safe-chain setup-ci
curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci
```
This automatically configures your CI environment to use Aikido Safe Chain for all package manager commands.
**With Python support:**
```shell
curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci --include-python
```
### Windows (Azure Pipelines, etc.)
**JavaScript only:**
```powershell
iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1' -UseBasicParsing) } -ci"
```
**With Python support:**
```powershell
iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1' -UseBasicParsing) } -ci -includepython"
```
## Supported Platforms
@ -113,16 +228,15 @@ This automatically configures your CI environment to use Aikido Safe Chain for a
node-version: "22"
cache: "npm"
- name: Setup safe-chain
run: |
npm i -g @aikidosec/safe-chain
safe-chain setup-ci
- name: Install safe-chain
run: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci --include-python
- name: Install dependencies
run: |
npm ci
run: npm ci
```
> **Note:** Remove `--include-python` if you don't need Python (pip/pip3/uv) support.
## Azure DevOps Example
```yaml
@ -131,14 +245,13 @@ This automatically configures your CI environment to use Aikido Safe Chain for a
versionSpec: "22.x"
displayName: "Install Node.js"
- script: |
npm i -g @aikidosec/safe-chain
safe-chain setup-ci
displayName: "Install safe chain"
- script: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci --include-python
displayName: "Install safe-chain"
- script: |
npm ci
displayName: "npm install and build"
- script: npm ci
displayName: "Install dependencies"
```
> **Note:** Remove `--include-python` if you don't need Python (pip/pip3/uv) support.
After setup, all subsequent package manager commands in your CI pipeline will automatically be protected by Aikido Safe Chain's malware detection.

139
build.js Normal file
View file

@ -0,0 +1,139 @@
import { build } from "esbuild";
import { mkdir, cp, rm, readFile, writeFile, stat } from "node:fs/promises";
import { spawn } from "node:child_process";
import { resolve } from "node:path";
const target = process.argv[2];
if (!target) {
// eslint-disable-next-line no-console
console.error("Usage: node build.js <target>");
// eslint-disable-next-line no-console
console.error("Example: node build.js node22-macos-arm64");
process.exit(1);
}
(async function main() {
const startBuildTime = performance.now();
await clearOutputFolder();
console.log("- Cleared output folder ✅")
// Esbuild creates a single safe-chain.cjs with all dependencies included
await bundleSafeChain();
console.log("- Bundled safe-chain into safe-chain.cjs (es-build) ✅")
// Copy assets that need to be included in the binary
// - All shell scripts that are used to setup safe-chain
// - Certifi because it contains static root certs for Python
// - Package.json for its metadata (package name, version, ...)
await copyShellScripts();
await copyCertifi();
await copyAndModifyPackageJson();
console.log("- Copied auxiliary resources (shell, package.json,...) ✅")
// Creates a single binary with safe-chain.cjs and the copied assets
await buildSafeChainBinary(target);
console.log(`- Built safe-chain binary for ${target} (pkg) ✅`)
const totalBuildTime = (performance.now() - startBuildTime)/1000;
const totalSizeInMb = (await stat("./dist/safe-chain" + (process.platform === "win32" ? ".exe" : ""))).size / (1024*1024);
console.log(`🏁 Finished build in ${totalBuildTime.toFixed(2)}s, total build size: ${totalSizeInMb.toFixed(2)}MB`);
})();
async function clearOutputFolder() {
await rm("./build", { recursive: true, force: true });
await mkdir("./build");
}
async function bundleSafeChain() {
await build({
entryPoints: ["./packages/safe-chain/bin/safe-chain.js"],
bundle: true,
platform: "node",
target: "node24",
outfile: "./build/bin/safe-chain.cjs",
external: ["certifi"],
});
let bundledContent = await readFile("./build/bin/safe-chain.cjs", "utf-8");
await writeFile("./build/bin/safe-chain.cjs", bundledContent);
}
async function copyShellScripts() {
await mkdir("./build/bin/startup-scripts", { recursive: true });
await cp(
"./packages/safe-chain/src/shell-integration/startup-scripts/",
"./build/bin/startup-scripts",
{ recursive: true }
);
await mkdir("./build/bin/path-wrappers", { recursive: true });
await cp(
"./packages/safe-chain/src/shell-integration/path-wrappers/",
"./build/bin/path-wrappers",
{ recursive: true }
);
}
async function copyCertifi() {
await mkdir("./build/node_modules/certifi", { recursive: true });
await cp("./node_modules/certifi/", "./build/node_modules/certifi", {
recursive: true,
});
}
async function copyAndModifyPackageJson() {
const packageJsonContent = await readFile(
"./packages/safe-chain/package.json",
"utf-8"
);
const packageJson = JSON.parse(packageJsonContent);
delete packageJson.main;
delete packageJson.scripts;
delete packageJson.exports;
delete packageJson.dependencies;
delete packageJson.devDependencies;
packageJson.bin = {
"safe-chain": "bin/safe-chain.cjs",
};
packageJson.type = "commonjs";
packageJson.pkg = {
outputPath: "dist",
assets: [
"node_modules/certifi/**/*",
"bin/startup-scripts/**/*",
"bin/path-wrappers/**/*",
],
};
await writeFile("./build/package.json", JSON.stringify(packageJson, null, 2));
return packageJson;
}
function buildSafeChainBinary(target) {
return new Promise((promiseResolve, reject) => {
// Use .cmd on Windows, resolve to absolute path for cross-platform compatibility
const pkgBin = process.platform === "win32"
? resolve("node_modules/.bin/pkg.cmd")
: resolve("node_modules/.bin/pkg");
let pkgArgs = [];
pkgArgs = pkgArgs.concat(["./build/package.json", "-t", target]);
const pkg = spawn(pkgBin, pkgArgs, {
stdio: "inherit",
shell: true,
});
pkg.on("close", (code) => {
if (code !== 0) {
reject(new Error(`pkg process exited with code ${code}`));
} else {
promiseResolve();
}
});
});
}

151
docs/banner.svg Normal file
View file

File diff suppressed because one or more lines are too long
Side by side

After

Width:  |  Height:  |  Size: 73 KiB

89
docs/npm-to-binary-migration.md Normal file
View file

@ -0,0 +1,89 @@
# Migrating from npm global tool to binary installation
If you previously installed safe-chain as an npm global package, you need to migrate to the binary installation.
Depending on the version manager you're using, the uninstall process differs:
### Standard npm (no version manager)
1. **Clean up shell aliases:**
```bash
safe-chain teardown
```
2. **Restart your terminal**
3. **Uninstall the npm package:**
```bash
npm uninstall -g @aikidosec/safe-chain
```
4. **Install the binary version** (see [Installation](https://github.com/AikidoSec/safe-chain/blob/main/README.md#installation))
### nvm (Node Version Manager)
**Important:** nvm installs global packages separately for each Node version, so safe-chain must be uninstalled from each version where it was installed.
1. **Clean up shell aliases:**
```bash
safe-chain teardown
```
2. **Restart your terminal**
3. **Uninstall from all Node versions:**
**Option A** - Automated script (recommended):
```bash
for version in $(nvm list | grep -oE 'v[0-9]+\.[0-9]+\.[0-9]+'); do nvm use $version && npm uninstall -g @aikidosec/safe-chain; done
```
**Option B** - Manual per version:
```bash
nvm use <version>
npm uninstall -g @aikidosec/safe-chain
```
Repeat for each Node version where safe-chain was installed.
4. **Install the binary version** (see [Installation](https://github.com/AikidoSec/safe-chain/blob/main/README.md#installation))
### Volta
1. **Clean up shell aliases:**
```bash
safe-chain teardown
```
2. **Restart your terminal**
3. **Uninstall the Volta package:**
```bash
volta uninstall @aikidosec/safe-chain
```
4. **Install the binary version** (see [Installation](https://github.com/AikidoSec/safe-chain/blob/main/README.md#installation))
## Troubleshooting
### Shell aliases still present after migration
1. Run `safe-chain teardown` (if the binary is installed)
2. Manually remove any safe-chain entries from your shell config files:
- Bash: `~/.bashrc`
- Zsh: `~/.zshrc`
- Fish: `~/.config/fish/config.fish`
- PowerShell: `$PROFILE`
3. Restart your terminal
4. Re-run the install script
### "command not found: safe-chain" after migration
The binary installation directory (`~/.safe-chain/bin`) may not be in your PATH. Restart your terminal. If the problem persists: re-run the installation of safe-chain.

34
docs/shell-integration.md
View file

@ -2,7 +2,7 @@
## Overview
The shell integration automatically wraps common package manager commands (`npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`) with Aikido's security scanning functionality. This is achieved by sourcing startup scripts that define shell functions to wrap these commands with their Aikido-protected equivalents.
The shell integration automatically wraps common package manager commands (`npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `pip`, `pip3`) with Aikido's security scanning functionality. It also intercepts Python module invocations for pip when available: `python -m pip`, `python -m pip3`, `python3 -m pip`, `python3 -m pip3`. This is achieved by sourcing startup scripts that define shell functions to wrap these commands with their Aikido-protected equivalents.
## Supported Shells
@ -28,7 +28,8 @@ This command:
- Copies necessary startup scripts to Safe Chain's installation directory (`~/.safe-chain/scripts`)
- Detects all supported shells on your system
- Sources each shell's startup file to add Safe Chain functions for `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, and `bunx`
- Sources each shell's startup file to add Safe Chain functions for `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `pip`, and `pip3`
- Adds lightweight interceptors so `python -m pip[...]` and `python3 -m pip[...]` route through Safe Chain when invoked by name
❗ After running this command, **you must restart your terminal** for the changes to take effect. This ensures that the startup scripts are sourced correctly.
@ -77,7 +78,7 @@ The system modifies the following files to source Safe Chain startup scripts:
This means the shell functions are working but the Aikido commands aren't installed or available in your PATH:
- Make sure Aikido Safe Chain is properly installed on your system
- Verify the `aikido-npm`, `aikido-npx`, `aikido-yarn`, `aikido-pnpm`, `aikido-pnpx`, `aikido-bun`, and `aikido-bunx` commands exist
- Verify the `aikido-npm`, `aikido-npx`, `aikido-yarn`, `aikido-pnpm`, `aikido-pnpx`, `aikido-bun`, `aikido-bunx`, `aikido-pip`, and `aikido-pip3` commands exist
- Check that these commands are in your system's PATH
### Manual Verification
@ -120,4 +121,29 @@ npm() {
}
```
Repeat this pattern for `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, and `bunx` using their respective `aikido-*` commands. After adding these functions, restart your terminal to apply the changes.
Repeat this pattern for `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `pip`, and `pip3` using their respective `aikido-*` commands. After adding these functions, restart your terminal to apply the changes.
To intercept Python module invocations for pip without altering Python itself, you can add small forwarding functions:
```bash
# Example for Bash/Zsh
python() {
if [[ "$1" == "-m" && "$2" == pip* ]]; then
local mod="$2"; shift 2
if [[ "$mod" == "pip3" ]]; then aikido-pip3 "$@"; else aikido-pip "$@"; fi
else
command python "$@"
fi
}
python3() {
if [[ "$1" == "-m" && "$2" == pip* ]]; then
local mod="$2"; shift 2
if [[ "$mod" == "pip3" ]]; then aikido-pip3 "$@"; else aikido-pip "$@"; fi
else
command python3 "$@"
fi
}
```
Limitations: these only apply when invoking `python`/`python3` by name. Absolute paths (e.g., `/usr/bin/python -m pip`) bypass shell functions.

26
eslint.config.js
View file

@ -1,26 +0,0 @@
import js from "@eslint/js";
import { defineConfig, globalIgnores } from "@eslint/config-helpers";
import globals from "globals";
import importPlugin from "eslint-plugin-import";
export default defineConfig([
{
files: ["**/*.{js,mjs,cjs,ts}"],
plugins: { js },
extends: ["js/recommended"],
},
{
files: ["**/*.{js,mjs,cjs,ts}"],
languageOptions: { globals: globals.node },
},
importPlugin.flatConfigs.recommended,
{
files: ["**/*.{js,mjs,cjs}"],
languageOptions: {
ecmaVersion: "latest",
sourceType: "module",
},
rules: {},
},
globalIgnores(['test/e2e', 'node_modules']),
]);

217
install-scripts/install-safe-chain.ps1 Normal file
View file

@ -0,0 +1,217 @@
# Downloads and installs safe-chain for Windows
#
# Usage with "iex (iwr {url} -UseBasicParsing)" --> See README.md
param(
[switch]$ci,
[switch]$includepython
)
$Version = $env:SAFE_CHAIN_VERSION # Will be fetched from latest release if not set
$InstallDir = Join-Path $env:USERPROFILE ".safe-chain\bin"
$RepoUrl = "https://github.com/AikidoSec/safe-chain"
# Ensure TLS 1.2 is enabled for downloads
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
# Helper functions
function Write-Info {
param([string]$Message)
Write-Host "[INFO] $Message" -ForegroundColor Green
}
function Write-Warn {
param([string]$Message)
Write-Host "[WARN] $Message" -ForegroundColor Yellow
}
function Write-Error-Custom {
param([string]$Message)
Write-Host "[ERROR] $Message" -ForegroundColor Red
exit 1
}
# Fetch latest release version tag from GitHub
function Get-LatestVersion {
try {
$response = Invoke-RestMethod -Uri "https://api.github.com/repos/AikidoSec/safe-chain/releases/latest" -UseBasicParsing
$latestVersion = $response.tag_name
if ([string]::IsNullOrWhiteSpace($latestVersion)) {
Write-Error-Custom "Failed to fetch latest version from GitHub API. Please set SAFE_CHAIN_VERSION environment variable."
}
return $latestVersion
}
catch {
Write-Error-Custom "Failed to fetch latest version from GitHub API: $($_.Exception.Message). Please set SAFE_CHAIN_VERSION environment variable."
}
}
# Detect architecture
function Get-Architecture {
$arch = $env:PROCESSOR_ARCHITECTURE
switch ($arch) {
"AMD64" { return "x64" }
"ARM64" { return "arm64" }
default { Write-Error-Custom "Unsupported architecture: $arch" }
}
}
# Check and uninstall npm global package if present
function Remove-NpmInstallation {
# Check if npm is available
if (-not (Get-Command npm -ErrorAction SilentlyContinue)) {
return
}
# Check if safe-chain is installed as an npm global package
npm list -g @aikidosec/safe-chain 2>&1 | Out-Null
if ($LASTEXITCODE -eq 0) {
Write-Info "Detected npm global installation of @aikidosec/safe-chain"
Write-Info "Uninstalling npm version before installing binary version..."
npm uninstall -g @aikidosec/safe-chain 2>&1 | Out-Null
if ($LASTEXITCODE -eq 0) {
Write-Info "Successfully uninstalled npm version"
}
else {
Write-Warn "Failed to uninstall npm version automatically"
Write-Warn "Please run: npm uninstall -g @aikidosec/safe-chain"
}
}
}
# Check and uninstall Volta-managed package if present
function Remove-VoltaInstallation {
# Check if Volta is available
if (-not (Get-Command volta -ErrorAction SilentlyContinue)) {
return
}
# Volta manages global packages in its own directory
# Check if safe-chain is installed via Volta
volta list safe-chain 2>&1 | Out-Null
if ($LASTEXITCODE -eq 0) {
Write-Info "Detected Volta installation of @aikidosec/safe-chain"
Write-Info "Uninstalling Volta version before installing binary version..."
volta uninstall @aikidosec/safe-chain 2>&1 | Out-Null
if ($LASTEXITCODE -eq 0) {
Write-Info "Successfully uninstalled Volta version"
}
else {
Write-Warn "Failed to uninstall Volta version automatically"
Write-Warn "Please run: volta uninstall @aikidosec/safe-chain"
}
}
}
# Main installation
function Install-SafeChain {
# Fetch latest version if VERSION is not set
if ([string]::IsNullOrWhiteSpace($Version)) {
Write-Info "Fetching latest release version..."
$Version = Get-LatestVersion
}
# Build installation message
$installMsg = "Installing safe-chain $Version"
if ($includepython) {
$installMsg += " with python"
}
if ($ci) {
$installMsg += " in ci"
}
Write-Info $installMsg
# Check for existing safe-chain installation through npm or volta
Remove-NpmInstallation
Remove-VoltaInstallation
# Detect platform
$arch = Get-Architecture
$binaryName = "safe-chain-win-$arch.exe"
Write-Info "Detected architecture: $arch"
# Create installation directory
if (-not (Test-Path $InstallDir)) {
Write-Info "Creating installation directory: $InstallDir"
try {
New-Item -ItemType Directory -Path $InstallDir -Force | Out-Null
}
catch {
Write-Error-Custom "Failed to create directory $InstallDir : $_"
}
}
# Download binary
$downloadUrl = "$RepoUrl/releases/download/$Version/$binaryName"
$tempFile = Join-Path $InstallDir $binaryName
Write-Info "Downloading from: $downloadUrl"
try {
# Download with progress suppressed for cleaner output
$ProgressPreference = 'SilentlyContinue'
Invoke-WebRequest -Uri $downloadUrl -OutFile $tempFile -UseBasicParsing
$ProgressPreference = 'Continue'
}
catch {
Write-Error-Custom "Failed to download from $downloadUrl : $_"
}
# Rename to final location
$finalFile = Join-Path $InstallDir "safe-chain.exe"
try {
# Remove existing file if present (Move-Item -Force doesn't overwrite)
if (Test-Path $finalFile) {
Remove-Item -Path $finalFile -Force
}
Move-Item -Path $tempFile -Destination $finalFile -Force
}
catch {
Write-Error-Custom "Failed to move binary to $finalFile : $_"
}
Write-Info "Binary installed to: $finalFile"
# Build setup command based on parameters
$setupCmd = if ($ci) { "setup-ci" } else { "setup" }
$setupArgs = @()
if ($includepython) {
$setupArgs += "--include-python"
}
# Execute safe-chain setup
Write-Info "Running safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })..."
try {
$env:Path = "$env:Path;$InstallDir"
if ($setupArgs) {
& $finalFile $setupCmd $setupArgs
}
else {
& $finalFile $setupCmd
}
if ($LASTEXITCODE -ne 0) {
Write-Warn "safe-chain was installed but setup encountered issues."
Write-Warn "You can run 'safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })' manually later."
}
}
catch {
Write-Warn "safe-chain was installed but setup encountered issues: $_"
Write-Warn "You can run 'safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })' manually later."
}
}
# Run installation
try {
Install-SafeChain
}
catch {
Write-Error-Custom "Installation failed: $_"
}

224
install-scripts/install-safe-chain.sh Executable file
View file

@ -0,0 +1,224 @@
#!/bin/sh
# Downloads and installs safe-chain, depending on the operating system and architecture
#
# Usage with "curl -fsSL {url} | sh" --> See README.md
set -e # Exit on error
# Configuration
VERSION="${SAFE_CHAIN_VERSION:-}" # Will be fetched from latest release if not set
INSTALL_DIR="${HOME}/.safe-chain/bin"
REPO_URL="https://github.com/AikidoSec/safe-chain"
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Helper functions
info() {
printf "${GREEN}[INFO]${NC} %s\n" "$1"
}
warn() {
printf "${YELLOW}[WARN]${NC} %s\n" "$1"
}
error() {
printf "${RED}[ERROR]${NC} %s\n" "$1" >&2
exit 1
}
# Detect OS
detect_os() {
case "$(uname -s)" in
Linux*) echo "linux" ;;
Darwin*) echo "macos" ;;
*) error "Unsupported operating system: $(uname -s)" ;;
esac
}
# Detect architecture
detect_arch() {
case "$(uname -m)" in
x86_64|amd64) echo "x64" ;;
aarch64|arm64) echo "arm64" ;;
*) error "Unsupported architecture: $(uname -m)" ;;
esac
}
# Check if command exists
command_exists() {
command -v "$1" >/dev/null 2>&1
}
# Fetch latest release version tag from GitHub
fetch_latest_version() {
# Try using GitHub API to get the latest release tag
if command_exists curl; then
latest_version=$(curl -fsSL "https://api.github.com/repos/AikidoSec/safe-chain/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
elif command_exists wget; then
latest_version=$(wget -qO- "https://api.github.com/repos/AikidoSec/safe-chain/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
else
error "Neither curl nor wget found. Please install one of them or set SAFE_CHAIN_VERSION environment variable."
fi
if [ -z "$latest_version" ]; then
error "Failed to fetch latest version from GitHub API. Please set SAFE_CHAIN_VERSION environment variable."
fi
echo "$latest_version"
}
# Download file
download() {
url="$1"
dest="$2"
if command_exists curl; then
curl -fsSL "$url" -o "$dest" || error "Failed to download from $url"
elif command_exists wget; then
wget -q "$url" -O "$dest" || error "Failed to download from $url"
else
error "Neither curl nor wget found. Please install one of them."
fi
}
# Check and uninstall npm global package if present
remove_npm_installation() {
if ! command_exists npm; then
return
fi
# Check if safe-chain is installed as an npm global package
if npm list -g @aikidosec/safe-chain >/dev/null 2>&1; then
info "Detected npm global installation of @aikidosec/safe-chain"
info "Uninstalling npm version before installing binary version..."
if npm uninstall -g @aikidosec/safe-chain >/dev/null 2>&1; then
info "Successfully uninstalled npm version"
else
warn "Failed to uninstall npm version automatically"
warn "Please run: npm uninstall -g @aikidosec/safe-chain"
fi
fi
}
# Check and uninstall Volta-managed package if present
remove_volta_installation() {
if ! command_exists volta; then
return
fi
# Volta manages global packages in its own directory
# Check if safe-chain is installed via Volta
if volta list safe-chain >/dev/null 2>&1; then
info "Detected Volta installation of @aikidosec/safe-chain"
info "Uninstalling Volta version before installing binary version..."
if volta uninstall @aikidosec/safe-chain >/dev/null 2>&1; then
info "Successfully uninstalled Volta version"
else
warn "Failed to uninstall Volta version automatically"
warn "Please run: volta uninstall @aikidosec/safe-chain"
fi
fi
}
# Parse command-line arguments
parse_arguments() {
for arg in "$@"; do
case "$arg" in
--ci)
USE_CI_SETUP=true
;;
--include-python)
INCLUDE_PYTHON=true
;;
*)
error "Unknown argument: $arg"
;;
esac
done
}
# Main installation
main() {
# Initialize argument flags
USE_CI_SETUP=false
INCLUDE_PYTHON=false
# Parse command-line arguments
parse_arguments "$@"
# Fetch latest version if VERSION is not set
if [ -z "$VERSION" ]; then
info "Fetching latest release version..."
VERSION=$(fetch_latest_version)
fi
# Build installation message
INSTALL_MSG="Installing safe-chain ${VERSION}"
if [ "$INCLUDE_PYTHON" = "true" ]; then
INSTALL_MSG="${INSTALL_MSG} with python"
fi
if [ "$USE_CI_SETUP" = "true" ]; then
INSTALL_MSG="${INSTALL_MSG} in ci"
fi
info "$INSTALL_MSG"
# Check for existing safe-chain installation through npm or volta
remove_npm_installation
remove_volta_installation
# Detect platform
OS=$(detect_os)
ARCH=$(detect_arch)
BINARY_NAME="safe-chain-${OS}-${ARCH}"
info "Detected platform: ${OS}-${ARCH}"
# Create installation directory
if [ ! -d "$INSTALL_DIR" ]; then
info "Creating installation directory: $INSTALL_DIR"
mkdir -p "$INSTALL_DIR" || error "Failed to create directory $INSTALL_DIR"
fi
# Download binary
DOWNLOAD_URL="${REPO_URL}/releases/download/${VERSION}/${BINARY_NAME}"
TEMP_FILE="${INSTALL_DIR}/${BINARY_NAME}"
info "Downloading from: $DOWNLOAD_URL"
download "$DOWNLOAD_URL" "$TEMP_FILE"
# Rename and make executable
FINAL_FILE="${INSTALL_DIR}/safe-chain"
mv "$TEMP_FILE" "$FINAL_FILE" || error "Failed to move binary to $FINAL_FILE"
chmod +x "$FINAL_FILE" || error "Failed to make binary executable"
info "Binary installed to: $FINAL_FILE"
# Build setup command based on arguments
SETUP_CMD="setup"
SETUP_ARGS=""
if [ "$USE_CI_SETUP" = "true" ]; then
SETUP_CMD="setup-ci"
fi
if [ "$INCLUDE_PYTHON" = "true" ]; then
SETUP_ARGS="--include-python"
fi
# Execute safe-chain setup
info "Running safe-chain $SETUP_CMD $SETUP_ARGS..."
if ! "$FINAL_FILE" $SETUP_CMD $SETUP_ARGS; then
warn "safe-chain was installed but setup encountered issues."
warn "You can run 'safe-chain $SETUP_CMD $SETUP_ARGS' manually later."
fi
}
main "$@"

5358
package-lock.json generated
View file

File diff suppressed because it is too large Load diff

16
package.json
View file

@ -7,9 +7,10 @@
"test/e2e"
],
"scripts": {
"test": "npm run test --workspace=packages/safe-chain --workspace=packages/safe-chain-bun",
"test": "npm run test --workspace=packages/safe-chain",
"test:e2e": "npm run test --workspace=test/e2e",
"lint": "npm run lint --workspace=packages/safe-chain"
"lint": "npm run lint --workspace=packages/safe-chain",
"typecheck": "npm run typecheck --workspace=packages/safe-chain"
},
"repository": {
"type": "git",
@ -18,13 +19,8 @@
"author": "Aikido Security",
"license": "AGPL-3.0-or-later",
"devDependencies": {
"@eslint/js": "^9.35.0",
"eslint": "^9.35.0",
"eslint-plugin-import": "^2.32.0",
"globals": "^16.1.0",
"typescript-eslint": "^8.32.0"
},
"overrides": {
"brace-expansion@<=2.0.2": "2.0.2"
"oxlint": "^1.22.0",
"esbuild": "^0.27.0",
"@yao-pkg/pkg": "6.10.1"
}
}

30
packages/safe-chain-bun/package.json
View file

@ -1,30 +0,0 @@
{
"name": "@aikidosec/safe-chain-bun",
"version": "1.0.0",
"type": "module",
"main": "src/index.js",
"scripts": {
"test": "node --test --experimental-test-module-mocks 'src/**/*.spec.js'"
},
"exports": {
".": {
"bun": "./src/index.js",
"default": "./src/index.js"
}
},
"keywords": ["bun", "security", "scanner", "malware", "aikido"],
"author": "Aikido Security",
"license": "AGPL-3.0-or-later",
"description": "Aikido Security Scanner for Bun package manager - detects malware and security threats during package installation",
"repository": {
"type": "git",
"url": "git+https://github.com/AikidoSec/safe-chain.git",
"directory": "packages/safe-chain-bun"
},
"dependencies": {
"@aikidosec/safe-chain": "file:../safe-chain"
},
"peerDependencies": {
"bun": ">=1.2.21"
}
}

37
packages/safe-chain-bun/src/index.js
View file

@ -1,37 +0,0 @@
import { auditChanges } from "@aikidosec/safe-chain/scanning";
// Bun Security Scanner for Safe-Chain
// This is the entry point for Bun's native security scanner integration
export const scanner = {
version: "1", // Our scanner is using version 1 of the bun security scanner API.
async scan({ packages }) {
const advisories = [];
try {
const changes = packages.map((pkg) => ({
name: pkg.name,
version: pkg.version,
type: "add",
}));
const audit = await auditChanges(changes);
if (!audit.isAllowed) {
for (const change of audit.disallowedChanges) {
advisories.push({
level: "fatal", // Fatal will block the installation process, this is what we want for packages that contain malware.
package: change.name,
url: null,
description: `Package ${change.name}@${change.version} contains known security threats (${change.reason}). Installation blocked by Safe-Chain.`,
});
}
}
} catch (error) {
console.warn(`Safe-Chain security scan failed: ${error.message}`);
}
return advisories;
},
};

140
packages/safe-chain-bun/src/index.spec.js
View file

@ -1,140 +0,0 @@
import assert from "node:assert/strict";
import { describe, it, mock } from "node:test";
describe("Bun Scanner", async () => {
const mockAuditChanges = mock.fn();
// Mock the scanning module
mock.module("@aikidosec/safe-chain/scanning", {
namedExports: {
auditChanges: mockAuditChanges,
},
});
const { scanner } = await import("./index.js");
it("should export scanner object with version", () => {
assert.strictEqual(scanner.version, "1");
assert.strictEqual(typeof scanner.scan, "function");
});
it("should return empty advisories for clean packages", async () => {
mockAuditChanges.mock.mockImplementation(() => ({
allowedChanges: [{ name: "express", version: "4.18.2", type: "add" }],
disallowedChanges: [],
isAllowed: true,
}));
const packages = [{ name: "express", version: "4.18.2" }];
const result = await scanner.scan({ packages });
assert.deepEqual(result, []);
assert.strictEqual(mockAuditChanges.mock.callCount(), 1);
assert.deepEqual(mockAuditChanges.mock.calls[0].arguments[0], [
{ name: "express", version: "4.18.2", type: "add" },
]);
});
it("should return fatal advisory for malware packages", async () => {
mockAuditChanges.mock.mockImplementation(() => ({
allowedChanges: [],
disallowedChanges: [
{
name: "malicious-pkg",
version: "1.0.0",
type: "add",
reason: "MALWARE",
},
],
isAllowed: false,
}));
const packages = [{ name: "malicious-pkg", version: "1.0.0" }];
const result = await scanner.scan({ packages });
assert.strictEqual(result.length, 1);
assert.deepEqual(result[0], {
level: "fatal",
package: "malicious-pkg",
url: null,
description: "Package malicious-pkg@1.0.0 contains known security threats (MALWARE). Installation blocked by Safe-Chain.",
});
});
it("should handle multiple packages with mixed results", async () => {
mockAuditChanges.mock.mockImplementation(() => ({
allowedChanges: [{ name: "express", version: "4.18.2", type: "add" }],
disallowedChanges: [
{
name: "malicious-pkg",
version: "1.0.0",
type: "add",
reason: "MALWARE",
},
{
name: "another-bad-pkg",
version: "2.1.0",
type: "add",
reason: "MALWARE",
},
],
isAllowed: false,
}));
const packages = [
{ name: "express", version: "4.18.2" },
{ name: "malicious-pkg", version: "1.0.0" },
{ name: "another-bad-pkg", version: "2.1.0" },
];
const result = await scanner.scan({ packages });
assert.strictEqual(result.length, 2);
assert.strictEqual(result[0].package, "malicious-pkg");
assert.strictEqual(result[0].level, "fatal");
assert.strictEqual(result[1].package, "another-bad-pkg");
assert.strictEqual(result[1].level, "fatal");
});
it("should handle empty package list", async () => {
mockAuditChanges.mock.mockImplementation(() => ({
allowedChanges: [],
disallowedChanges: [],
isAllowed: true,
}));
const result = await scanner.scan({ packages: [] });
assert.deepEqual(result, []);
assert.deepEqual(
mockAuditChanges.mock.calls[mockAuditChanges.mock.callCount() - 1]
.arguments[0],
[]
);
});
it("should convert Bun package format to safe-chain format correctly", async () => {
mockAuditChanges.mock.mockImplementation(() => ({
allowedChanges: [],
disallowedChanges: [],
isAllowed: true,
}));
const bunPackages = [
{ name: "lodash", version: "4.17.21" },
{ name: "@types/node", version: "20.0.0" },
];
await scanner.scan({ packages: bunPackages });
const expectedChanges = [
{ name: "lodash", version: "4.17.21", type: "add" },
{ name: "@types/node", version: "20.0.0", type: "add" },
];
assert.deepEqual(
mockAuditChanges.mock.calls[mockAuditChanges.mock.callCount() - 1]
.arguments[0],
expectedChanges
);
});
});

6
packages/safe-chain/bin/aikido-bun.js
View file

@ -2,9 +2,13 @@
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
setEcoSystem(ECOSYSTEM_JS);
const packageManagerName = "bun";
initializePackageManager(packageManagerName);
var exitCode = await main(process.argv.slice(2));
(async () => {
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

6
packages/safe-chain/bin/aikido-bunx.js
View file

@ -2,9 +2,13 @@
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
setEcoSystem(ECOSYSTEM_JS);
const packageManagerName = "bunx";
initializePackageManager(packageManagerName);
var exitCode = await main(process.argv.slice(2));
(async () => {
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

19
packages/safe-chain/bin/aikido-npm.js
View file

@ -1,21 +1,14 @@
#!/usr/bin/env node
import { execSync } from "child_process";
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
setEcoSystem(ECOSYSTEM_JS);
const packageManagerName = "npm";
initializePackageManager(packageManagerName, getNpmVersion());
initializePackageManager(packageManagerName);
(async () => {
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
function getNpmVersion() {
try {
return execSync("npm --version").toString().trim();
} catch {
// Default to 0.0.0 if npm is not found
// That way we don't use any unsupported features
return "0.0.0";
}
}
})();

8
packages/safe-chain/bin/aikido-npx.js
View file

@ -2,9 +2,13 @@
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
setEcoSystem(ECOSYSTEM_JS);
const packageManagerName = "npx";
initializePackageManager(packageManagerName, process.versions.node);
var exitCode = await main(process.argv.slice(2));
initializePackageManager(packageManagerName);
(async () => {
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

17
packages/safe-chain/bin/aikido-pip.js Executable file
View file

@ -0,0 +1,17 @@
#!/usr/bin/env node
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
import { PIP_PACKAGE_MANAGER, PIP_COMMAND } from "../src/packagemanager/pip/pipSettings.js";
// Set eco system
setEcoSystem(ECOSYSTEM_PY);
initializePackageManager(PIP_PACKAGE_MANAGER, { tool: PIP_COMMAND, args: process.argv.slice(2) });
(async () => {
// Pass through only user-supplied pip args
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

17
packages/safe-chain/bin/aikido-pip3.js Executable file
View file

@ -0,0 +1,17 @@
#!/usr/bin/env node
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
import { PIP_PACKAGE_MANAGER, PIP3_COMMAND } from "../src/packagemanager/pip/pipSettings.js";
// Set eco system
setEcoSystem(ECOSYSTEM_PY);
initializePackageManager(PIP_PACKAGE_MANAGER, { tool: PIP3_COMMAND, args: process.argv.slice(2) });
(async () => {
// Pass through only user-supplied pip args
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

8
packages/safe-chain/bin/aikido-pnpm.js
View file

@ -2,9 +2,13 @@
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
setEcoSystem(ECOSYSTEM_JS);
const packageManagerName = "pnpm";
initializePackageManager(packageManagerName, process.versions.node);
var exitCode = await main(process.argv.slice(2));
initializePackageManager(packageManagerName);
(async () => {
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

8
packages/safe-chain/bin/aikido-pnpx.js
View file

@ -2,9 +2,13 @@
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
setEcoSystem(ECOSYSTEM_JS);
const packageManagerName = "pnpx";
initializePackageManager(packageManagerName, process.versions.node);
var exitCode = await main(process.argv.slice(2));
initializePackageManager(packageManagerName);
(async () => {
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

19
packages/safe-chain/bin/aikido-python.js Executable file
View file

@ -0,0 +1,19 @@
#!/usr/bin/env node
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { PIP_PACKAGE_MANAGER, PYTHON_COMMAND } from "../src/packagemanager/pip/pipSettings.js";
import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
import { main } from "../src/main.js";
// Set eco system
setEcoSystem(ECOSYSTEM_PY);
// Strip nodejs and wrapper script from args
let argv = process.argv.slice(2);
initializePackageManager(PIP_PACKAGE_MANAGER, { tool: PYTHON_COMMAND, args: argv });
(async () => {
var exitCode = await main(argv);
process.exit(exitCode);
})();

19
packages/safe-chain/bin/aikido-python3.js Executable file
View file

@ -0,0 +1,19 @@
#!/usr/bin/env node
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { PIP_PACKAGE_MANAGER, PYTHON3_COMMAND } from "../src/packagemanager/pip/pipSettings.js";
import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
import { main } from "../src/main.js";
// Set eco system
setEcoSystem(ECOSYSTEM_PY);
// Strip nodejs and wrapper script from args
let argv = process.argv.slice(2);
initializePackageManager(PIP_PACKAGE_MANAGER, { tool: PYTHON3_COMMAND, args: argv });
(async () => {
var exitCode = await main(argv);
process.exit(exitCode);
})();

16
packages/safe-chain/bin/aikido-uv.js Executable file
View file

@ -0,0 +1,16 @@
#!/usr/bin/env node
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
// Set eco system
setEcoSystem(ECOSYSTEM_PY);
initializePackageManager("uv");
(async () => {
// Pass through only user-supplied uv args
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

8
packages/safe-chain/bin/aikido-yarn.js
View file

@ -2,9 +2,13 @@
import { main } from "../src/main.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
setEcoSystem(ECOSYSTEM_JS);
const packageManagerName = "yarn";
initializePackageManager(packageManagerName, process.versions.node);
var exitCode = await main(process.argv.slice(2));
initializePackageManager(packageManagerName);
(async () => {
var exitCode = await main(process.argv.slice(2));
process.exit(exitCode);
})();

83
packages/safe-chain/bin/safe-chain.js
View file

@ -5,6 +5,28 @@ import { ui } from "../src/environment/userInteraction.js";
import { setup } from "../src/shell-integration/setup.js";
import { teardown } from "../src/shell-integration/teardown.js";
import { setupCi } from "../src/shell-integration/setup-ci.js";
import { initializeCliArguments } from "../src/config/cliArguments.js";
import { setEcoSystem } from "../src/config/settings.js";
import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
import { main } from "../src/main.js";
import path from "path";
import { fileURLToPath } from "url";
import fs from "fs";
import { knownAikidoTools } from "../src/shell-integration/helpers.js";
/** @type {string} */
// This checks the current file's dirname in a way that's compatible with:
// - Modulejs (import.meta.url)
// - ES modules (__dirname)
// This is needed because safe-chain's npm package is built using ES modules,
// but building the binaries requires commonjs.
let dirname;
if (import.meta.url) {
const filename = fileURLToPath(import.meta.url);
dirname = path.dirname(filename);
} else {
dirname = __dirname;
}
if (process.argv.length < 3) {
ui.writeError("No command provided. Please provide a command to execute.");
@ -13,19 +35,38 @@ if (process.argv.length < 3) {
process.exit(1);
}
initializeCliArguments(process.argv);
const command = process.argv[2];
if (command === "help" || command === "--help" || command === "-h") {
const tool = knownAikidoTools.find((tool) => tool.tool === command);
if (tool) {
const args = process.argv.slice(3);
setEcoSystem(tool.ecoSystem);
// Provide tool context to PM (pip uses this; others ignore)
const toolContext = { tool: tool.tool, args };
initializePackageManager(tool.internalPackageManagerName, toolContext);
(async () => {
var exitCode = await main(args);
process.exit(exitCode);
})();
} else if (command === "help" || command === "--help" || command === "-h") {
writeHelp();
process.exit(0);
}
if (command === "setup") {
} else if (command === "setup") {
setup();
} else if (command === "teardown") {
teardown();
} else if (command === "setup-ci") {
setupCi();
} else if (command === "--version" || command === "-v" || command === "-v") {
(async () => {
ui.writeInformation(`Current safe-chain version: ${await getVersion()}`);
})();
} else {
ui.writeError(`Unknown command: ${command}.`);
ui.emptyLine();
@ -43,13 +84,20 @@ function writeHelp() {
ui.writeInformation(
`Available commands: ${chalk.cyan("setup")}, ${chalk.cyan(
"teardown"
)}, ${chalk.cyan("help")}`
)}, ${chalk.cyan("setup-ci")}, ${chalk.cyan("help")}, ${chalk.cyan(
"--version"
)}`
);
ui.emptyLine();
ui.writeInformation(
`- ${chalk.cyan(
"safe-chain setup"
)}: This will setup your shell to wrap safe-chain around npm, npx, yarn, pnpm and pnpx.`
)}: This will setup your shell to wrap safe-chain around npm, npx, yarn, pnpm, pnpx, bun, bunx, pip and pip3.`
);
ui.writeInformation(
` ${chalk.yellow(
"--include-python"
)}: Experimental: include Python package managers (pip, pip3) in the setup.`
);
ui.writeInformation(
`- ${chalk.cyan(
@ -61,5 +109,28 @@ function writeHelp() {
"safe-chain setup-ci"
)}: This will setup safe-chain for CI environments by creating shims and modifying the PATH.`
);
ui.writeInformation(
` ${chalk.yellow(
"--include-python"
)}: Experimental: include Python package managers (pip, pip3) in the setup.`
);
ui.writeInformation(
`- ${chalk.cyan("safe-chain --version")} (or ${chalk.cyan(
"-v"
)}): Display the current version of safe-chain.`
);
ui.emptyLine();
}
async function getVersion() {
const packageJsonPath = path.join(dirname, "..", "package.json");
const data = await fs.promises.readFile(packageJsonPath);
const json = JSON.parse(data.toString("utf8"));
if (json && json.version) {
return json.version;
}
return "0.0.0";
}

30
packages/safe-chain/package.json
View file

@ -4,7 +4,8 @@
"scripts": {
"test": "node --test --experimental-test-module-mocks 'src/**/*.spec.js'",
"test:watch": "node --test --watch --experimental-test-module-mocks 'src/**/*.spec.js'",
"lint": "eslint ."
"lint": "oxlint --deny-warnings",
"typecheck": "tsc --noEmit"
},
"bin": {
"aikido-npm": "bin/aikido-npm.js",
@ -14,6 +15,11 @@
"aikido-pnpx": "bin/aikido-pnpx.js",
"aikido-bun": "bin/aikido-bun.js",
"aikido-bunx": "bin/aikido-bunx.js",
"aikido-uv": "bin/aikido-uv.js",
"aikido-pip": "bin/aikido-pip.js",
"aikido-pip3": "bin/aikido-pip3.js",
"aikido-python": "bin/aikido-python.js",
"aikido-python3": "bin/aikido-python3.js",
"safe-chain": "bin/safe-chain.js"
},
"type": "module",
@ -28,17 +34,27 @@
"keywords": [],
"author": "Aikido Security",
"license": "AGPL-3.0-or-later",
"description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), and [bunx](https://bun.sh/docs/cli/bunx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, or bunx from downloading or running the malware.",
"description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), and [pip](https://pip.pypa.io/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, bunx, uv, or pip/pip3 from downloading or running the malware.",
"dependencies": {
"abbrev": "3.0.1",
"certifi": "14.5.15",
"chalk": "5.4.1",
"https-proxy-agent": "7.0.6",
"make-fetch-happen": "14.0.3",
"node-forge": "1.3.1",
"npm-registry-fetch": "18.0.2",
"ora": "8.2.0",
"ini": "6.0.0",
"make-fetch-happen": "15.0.3",
"node-forge": "1.3.2",
"npm-registry-fetch": "19.1.1",
"semver": "7.7.2"
},
"devDependencies": {
"@types/ini": "^4.1.1",
"@types/make-fetch-happen": "^10.0.4",
"@types/node": "^18.19.130",
"@types/node-forge": "^1.3.14",
"@types/npm-registry-fetch": "^8.0.9",
"@types/semver": "^7.7.1",
"esbuild": "^0.27.0",
"typescript": "^5.9.3"
},
"main": "src/main.js",
"bugs": {
"url": "https://github.com/AikidoSec/safe-chain/issues"

31
packages/safe-chain/src/api/aikido.js
View file

@ -1,12 +1,27 @@
import fetch from "make-fetch-happen";
import { getEcoSystem, ECOSYSTEM_JS, ECOSYSTEM_PY } from "../config/settings.js";
const malwareDatabaseUrl =
"https://malware-list.aikido.dev/malware_predictions.json";
const malwareDatabaseUrls = {
[ECOSYSTEM_JS]: "https://malware-list.aikido.dev/malware_predictions.json",
[ECOSYSTEM_PY]: "https://malware-list.aikido.dev/malware_pypi.json",
};
/**
* @typedef {Object} MalwarePackage
* @property {string} package_name
* @property {string} version
* @property {string} reason
*/
/**
* @returns {Promise<{malwareDatabase: MalwarePackage[], version: string | undefined}>}
*/
export async function fetchMalwareDatabase() {
const ecosystem = getEcoSystem();
const malwareDatabaseUrl = malwareDatabaseUrls[/** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)];
const response = await fetch(malwareDatabaseUrl);
if (!response.ok) {
throw new Error(`Error fetching malware database: ${response.statusText}`);
throw new Error(`Error fetching ${ecosystem} malware database: ${response.statusText}`);
}
try {
@ -15,18 +30,24 @@ export async function fetchMalwareDatabase() {
malwareDatabase: malwareDatabase,
version: response.headers.get("etag") || undefined,
};
} catch (error) {
} catch (/** @type {any} */ error) {
throw new Error(`Error parsing malware database: ${error.message}`);
}
}
/**
* @returns {Promise<string | undefined>}
*/
export async function fetchMalwareDatabaseVersion() {
const ecosystem = getEcoSystem();
const malwareDatabaseUrl = malwareDatabaseUrls[/** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)];
const response = await fetch(malwareDatabaseUrl, {
method: "HEAD",
});
if (!response.ok) {
throw new Error(
`Error fetching malware database version: ${response.statusText}`
`Error fetching ${ecosystem} malware database version: ${response.statusText}`
);
}
return response.headers.get("etag") || undefined;

29
packages/safe-chain/src/api/npmApi.js
View file

@ -1,6 +1,11 @@
import * as semver from "semver";
import * as npmFetch from "npm-registry-fetch";
/**
* @param {string} packageName
* @param {string | null} [versionRange]
* @returns {Promise<string | null>}
*/
export async function resolvePackageVersion(packageName, versionRange) {
if (!versionRange) {
versionRange = "latest";
@ -11,7 +16,10 @@ export async function resolvePackageVersion(packageName, versionRange) {
return versionRange;
}
const packageInfo = await getPackageInfo(packageName);
const packageInfo = (
/** @type {{"dist-tags"?: Record<string, string>, versions?: Record<string, unknown>} | null} */
await getPackageInfo(packageName)
);
if (!packageInfo) {
// It is possible that no version is found (could be a private package, or a package that doesn't exist)
// In this case, we return null to indicate that we couldn't resolve the version
@ -19,12 +27,16 @@ export async function resolvePackageVersion(packageName, versionRange) {
}
const distTags = packageInfo["dist-tags"];
if (distTags && distTags[versionRange]) {
if (distTags && isDistTags(distTags) && distTags[versionRange]) {
// If the version range is a dist-tag, return the version associated with that tag
// e.g., "latest", "next", etc.
return distTags[versionRange];
}
if (!packageInfo.versions) {
return null;
}
// If the version range is not a dist-tag, we need to resolve the highest version matching the range.
// This is useful for ranges like "^1.0.0" or "~2.3.4".
const availableVersions = Object.keys(packageInfo.versions);
@ -37,6 +49,19 @@ export async function resolvePackageVersion(packageName, versionRange) {
return null;
}
/**
*
* @param {unknown} distTags
* @returns {distTags is Record<string, string>}
*/
function isDistTags(distTags) {
return typeof distTags === "object";
}
/**
* @param {string} packageName
* @returns {Promise<Record<string, unknown> | null>}
*/
async function getPackageInfo(packageName) {
try {
return await npmFetch.json(packageName);

211
packages/safe-chain/src/api/npmApi.spec.js Normal file
View file

@ -0,0 +1,211 @@
import { describe, it, mock } from "node:test";
import assert from "node:assert";
describe("resolvePackageVersion", async () => {
const mockNpmFetchJson = mock.fn();
mock.module("npm-registry-fetch", {
namedExports: {
json: mockNpmFetchJson,
},
});
const { resolvePackageVersion } = await import("./npmApi.js");
it("should return the version if it is already a fixed version", async () => {
const result = await resolvePackageVersion("express", "4.17.1");
assert.strictEqual(result, "4.17.1");
});
it("should use 'latest' as default version range when not provided", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "4.18.2",
},
versions: {
"4.18.2": {},
},
}));
const result = await resolvePackageVersion("express");
assert.strictEqual(result, "4.18.2");
});
it("should resolve dist-tag versions", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "4.18.2",
next: "5.0.0-beta.1",
},
versions: {
"4.18.2": {},
"5.0.0-beta.1": {},
},
}));
const result = await resolvePackageVersion("express", "next");
assert.strictEqual(result, "5.0.0-beta.1");
});
it("should resolve version ranges using semver", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "4.18.2",
},
versions: {
"4.16.0": {},
"4.17.0": {},
"4.17.1": {},
"4.18.0": {},
"4.18.2": {},
},
}));
const result = await resolvePackageVersion("express", "^4.17.0");
assert.strictEqual(result, "4.18.2");
});
it("should resolve tilde ranges correctly", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "4.18.2",
},
versions: {
"4.17.0": {},
"4.17.1": {},
"4.17.3": {},
"4.18.0": {},
},
}));
const result = await resolvePackageVersion("express", "~4.17.0");
assert.strictEqual(result, "4.17.3");
});
it("should return null if package info cannot be fetched", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => {
throw new Error("Package not found");
});
const result = await resolvePackageVersion("non-existent-package", "latest");
assert.strictEqual(result, null);
});
it("should return null if no versions match the range", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "1.0.0",
},
versions: {
"1.0.0": {},
"1.1.0": {},
},
}));
const result = await resolvePackageVersion("express", "^5.0.0");
assert.strictEqual(result, null);
});
it("should return null if dist-tag does not exist", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "4.18.2",
},
versions: {
"4.18.2": {},
},
}));
const result = await resolvePackageVersion("express", "nonexistent-tag");
assert.strictEqual(result, null);
});
it("should return null if package info has no versions property (retracted package)", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
_id: "zenn",
name: "zenn",
time: {
modified: "2021-04-20T16:20:56.084Z",
created: "2017-07-10T19:48:07.891Z",
unpublished: {
time: "2021-04-20T16:20:56.084Z",
versions: [
"0.9.0",
"0.9.1",
"0.9.2",
"0.9.3",
"0.9.4",
"0.9.5",
"0.9.6",
"0.9.8",
"0.9.9",
"0.9.10",
"0.9.11",
"0.9.12",
"0.9.13",
"0.9.14",
],
},
},
}));
const result = await resolvePackageVersion("zenn", "^0.9.0");
assert.strictEqual(result, null);
});
it("should return dist-tag version even if versions property is missing", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "4.18.2",
},
}));
const result = await resolvePackageVersion("express", "latest");
assert.strictEqual(result, "4.18.2");
});
it("should handle scoped packages", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "1.2.3",
},
versions: {
"1.2.3": {},
},
}));
const result = await resolvePackageVersion("@scope/package", "latest");
assert.strictEqual(result, "1.2.3");
});
it("should handle complex version ranges", async () => {
mockNpmFetchJson.mock.mockImplementationOnce(() => ({
"dist-tags": {
latest: "2.5.0",
},
versions: {
"1.0.0": {},
"2.0.0": {},
"2.3.0": {},
"2.4.0": {},
"2.5.0": {},
"3.0.0": {},
},
}));
const result = await resolvePackageVersion("express", ">=2.0.0 <3.0.0");
assert.strictEqual(result, "2.5.0");
});
});

118
packages/safe-chain/src/config/cliArguments.js
View file

@ -1,12 +1,24 @@
/**
* @type {{loggingLevel: string | undefined, skipMinimumPackageAge: boolean | undefined, minimumPackageAgeHours: string | undefined, includePython: boolean}}
*/
const state = {
malwareAction: undefined,
loggingLevel: undefined,
skipMinimumPackageAge: undefined,
minimumPackageAgeHours: undefined,
includePython: false,
};
const SAFE_CHAIN_ARG_PREFIX = "--safe-chain-";
/**
* @param {string[]} args
* @returns {string[]}
*/
export function initializeCliArguments(args) {
// Reset state on each call
state.malwareAction = undefined;
state.loggingLevel = undefined;
state.skipMinimumPackageAge = undefined;
state.minimumPackageAgeHours = undefined;
const safeChainArgs = [];
const remainingArgs = [];
@ -19,21 +31,19 @@ export function initializeCliArguments(args) {
}
}
setMalwareAction(safeChainArgs);
setLoggingLevel(safeChainArgs);
setSkipMinimumPackageAge(safeChainArgs);
setMinimumPackageAgeHours(safeChainArgs);
setIncludePython(args);
return remainingArgs;
}
function setMalwareAction(args) {
const safeChainMalwareActionArg = SAFE_CHAIN_ARG_PREFIX + "malware-action=";
const action = getLastArgEqualsValue(args, safeChainMalwareActionArg);
if (!action) {
return;
}
state.malwareAction = action.toLowerCase();
}
/**
* @param {string[]} args
* @param {string} prefix
* @returns {string | undefined}
*/
function getLastArgEqualsValue(args, prefix) {
for (var i = args.length - 1; i >= 0; i--) {
const arg = args[i];
@ -45,6 +55,84 @@ function getLastArgEqualsValue(args, prefix) {
return undefined;
}
export function getMalwareAction() {
return state.malwareAction;
/**
* @param {string[]} args
* @returns {void}
*/
function setLoggingLevel(args) {
const safeChainLoggingArg = SAFE_CHAIN_ARG_PREFIX + "logging=";
const level = getLastArgEqualsValue(args, safeChainLoggingArg);
if (!level) {
return;
}
state.loggingLevel = level.toLowerCase();
}
export function getLoggingLevel() {
return state.loggingLevel;
}
/**
* @param {string[]} args
* @returns {void}
*/
function setSkipMinimumPackageAge(args) {
const flagName = SAFE_CHAIN_ARG_PREFIX + "skip-minimum-package-age";
if (hasFlagArg(args, flagName)) {
state.skipMinimumPackageAge = true;
}
}
export function getSkipMinimumPackageAge() {
return state.skipMinimumPackageAge;
}
/**
* @param {string[]} args
* @returns {void}
*/
function setMinimumPackageAgeHours(args) {
const argName = SAFE_CHAIN_ARG_PREFIX + "minimum-package-age-hours=";
const value = getLastArgEqualsValue(args, argName);
if (value) {
state.minimumPackageAgeHours = value;
}
}
/**
* @returns {string | undefined}
*/
export function getMinimumPackageAgeHours() {
return state.minimumPackageAgeHours;
}
/**
* @param {string[]} args
*/
function setIncludePython(args) {
// This flag doesn't have the --safe-chain- prefix because
// it is only used for the safe-chain command itself and
// not when wrapped around package manager commands.
state.includePython = hasFlagArg(args, "--include-python");
}
export function includePython() {
return state.includePython;
}
/**
* @param {string[]} args
* @param {string} flagName
* @returns {boolean}
*/
function hasFlagArg(args, flagName) {
for (const arg of args) {
if (arg.toLowerCase() === flagName.toLowerCase()) {
return true;
}
}
return false;
}

226
packages/safe-chain/src/config/cliArguments.spec.js
View file

@ -1,6 +1,11 @@
import { describe, it } from "node:test";
import assert from "node:assert";
import { initializeCliArguments, getMalwareAction } from "./cliArguments.js";
import {
initializeCliArguments,
getLoggingLevel,
getSkipMinimumPackageAge,
getMinimumPackageAgeHours,
} from "./cliArguments.js";
describe("initializeCliArguments", () => {
it("should return all args when no safe-chain args are present", () => {
@ -57,52 +62,213 @@ describe("initializeCliArguments", () => {
assert.deepEqual(result, ["install", "my--safe-chain-package", "--save"]);
});
it("should not set malwareAction when no safe-chain arguments are passed", () => {
it("should not set loggingLevel when no logging argument is passed", () => {
const args = ["install", "express", "--save"];
initializeCliArguments(args);
assert.strictEqual(getLoggingLevel(), undefined);
});
it("should parse logging=silent and set state", () => {
const args = ["--safe-chain-logging=silent", "install", "package"];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "package"]);
assert.strictEqual(getLoggingLevel(), "silent");
});
it("should parse logging=normal and set state", () => {
const args = ["--safe-chain-logging=normal", "install", "package"];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "package"]);
assert.strictEqual(getLoggingLevel(), "normal");
});
it("should handle multiple logging args, using the last one", () => {
const args = [
"--safe-chain-logging=normal",
"--safe-chain-logging=silent",
"install",
];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install"]);
assert.strictEqual(getLoggingLevel(), "silent");
});
it("should handle logging level case-insensitively", () => {
const args = ["--safe-chain-logging=SILENT", "install"];
initializeCliArguments(args);
assert.strictEqual(getLoggingLevel(), "silent");
});
it("should capture invalid logging level as-is (lowercased)", () => {
const args = ["--safe-chain-logging=invalid", "install"];
initializeCliArguments(args);
assert.strictEqual(getLoggingLevel(), "invalid");
});
it("should handle logging with other safe-chain args", () => {
const args = [
"--safe-chain-debug",
"--safe-chain-logging=silent",
"--safe-chain-malware-action=block",
"install",
];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install"]);
assert.strictEqual(getLoggingLevel(), "silent");
});
it("should not set skipMinimumPackageAge when flag is absent", () => {
const args = ["install", "express", "--save"];
initializeCliArguments(args);
assert.strictEqual(getSkipMinimumPackageAge(), undefined);
});
it("should set skipMinimumPackageAge to true when flag is present", () => {
const args = ["--safe-chain-skip-minimum-package-age", "install", "lodash"];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "lodash"]);
assert.strictEqual(getSkipMinimumPackageAge(), true);
});
it("should handle skip-minimum-package-age flag case-insensitively", () => {
const args = ["--SAFE-CHAIN-SKIP-MINIMUM-PACKAGE-AGE", "install"];
initializeCliArguments(args);
assert.strictEqual(getSkipMinimumPackageAge(), true);
});
it("should filter out skip-minimum-package-age flag from returned args", () => {
const args = [
"install",
"--safe-chain-skip-minimum-package-age",
"express",
"--save",
];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "express", "--save"]);
assert.strictEqual(getMalwareAction(), undefined);
});
it("should parse malware-action=block and set state", () => {
const args = ["--safe-chain-malware-action=block", "install", "package"];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "package"]);
assert.strictEqual(getMalwareAction(), "block");
});
it("should parse malware-action=prompt and set state", () => {
const args = ["--safe-chain-malware-action=prompt", "install", "package"];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "package"]);
assert.strictEqual(getMalwareAction(), "prompt");
});
it("should handle multiple malware-action args, using the last valid one", () => {
it("should handle skip-minimum-package-age with other safe-chain arguments", () => {
const args = [
"--safe-chain-malware-action=block",
"--safe-chain-malware-action=prompt",
"--safe-chain-logging=verbose",
"--safe-chain-skip-minimum-package-age",
"install",
"lodash",
];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install"]);
assert.strictEqual(getMalwareAction(), "prompt");
assert.deepEqual(result, ["install", "lodash"]);
assert.strictEqual(getLoggingLevel(), "verbose");
assert.strictEqual(getSkipMinimumPackageAge(), true);
});
it("should handle malware-action with other safe-chain args", () => {
it("should handle skip-minimum-package-age flag in different positions", () => {
const args = ["install", "lodash", "--safe-chain-skip-minimum-package-age"];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "lodash"]);
assert.strictEqual(getSkipMinimumPackageAge(), true);
});
it("should return undefined when no minimum-package-age-hours argument is passed", () => {
const args = ["install", "express", "--save"];
initializeCliArguments(args);
assert.strictEqual(getMinimumPackageAgeHours(), undefined);
});
it("should parse minimum-package-age-hours value and set state", () => {
const args = [
"--safe-chain-debug",
"--safe-chain-malware-action=block",
"--safe-chain-verbose",
"--safe-chain-minimum-package-age-hours=48",
"install",
"lodash",
];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install"]);
assert.strictEqual(getMalwareAction(), "block");
assert.deepEqual(result, ["install", "lodash"]);
assert.strictEqual(getMinimumPackageAgeHours(), "48");
});
it("should handle minimum-package-age-hours with zero value", () => {
const args = ["--safe-chain-minimum-package-age-hours=0", "install"];
initializeCliArguments(args);
assert.strictEqual(getMinimumPackageAgeHours(), "0");
});
it("should handle minimum-package-age-hours with decimal values", () => {
const args = ["--safe-chain-minimum-package-age-hours=1.5", "install"];
initializeCliArguments(args);
assert.strictEqual(getMinimumPackageAgeHours(), "1.5");
});
it("should handle minimum-package-age-hours case-insensitively", () => {
const args = ["--SAFE-CHAIN-MINIMUM-PACKAGE-AGE-HOURS=72", "install"];
initializeCliArguments(args);
assert.strictEqual(getMinimumPackageAgeHours(), "72");
});
it("should use the last minimum-package-age-hours argument when multiple are provided", () => {
const args = [
"--safe-chain-minimum-package-age-hours=12",
"--safe-chain-minimum-package-age-hours=36",
"install",
];
initializeCliArguments(args);
assert.strictEqual(getMinimumPackageAgeHours(), "36");
});
it("should filter out minimum-package-age-hours argument from returned args", () => {
const args = [
"install",
"--safe-chain-minimum-package-age-hours=48",
"express",
"--save",
];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "express", "--save"]);
});
it("should handle minimum-package-age-hours with other safe-chain arguments", () => {
const args = [
"--safe-chain-logging=verbose",
"--safe-chain-minimum-package-age-hours=96",
"install",
"lodash",
];
const result = initializeCliArguments(args);
assert.deepEqual(result, ["install", "lodash"]);
assert.strictEqual(getLoggingLevel(), "verbose");
assert.strictEqual(getMinimumPackageAgeHours(), "96");
});
it("should handle non-numeric values without validation (validation in settings.js)", () => {
const args = ["--safe-chain-minimum-package-age-hours=invalid", "install"];
initializeCliArguments(args);
// cliArguments.js just captures the value; validation is in settings.js
assert.strictEqual(getMinimumPackageAgeHours(), "invalid");
});
it("should handle negative values as strings (validation in settings.js)", () => {
const args = ["--safe-chain-minimum-package-age-hours=-24", "install"];
initializeCliArguments(args);
assert.strictEqual(getMinimumPackageAgeHours(), "-24");
});
});

113
packages/safe-chain/src/config/configFile.js
View file

@ -2,14 +2,88 @@ import fs from "fs";
import path from "path";
import os from "os";
import { ui } from "../environment/userInteraction.js";
import { getEcoSystem } from "./settings.js";
/**
* @typedef {Object} SafeChainConfig
*
* This should be a number, but can be anything because it is user-input.
* We cannot trust the input and should add the necessary validations.
* @property {unknown} scanTimeout
* @property {unknown} minimumPackageAgeHours
*/
/**
* @returns {number}
*/
export function getScanTimeout() {
const config = readConfigFile();
return (
parseInt(process.env.AIKIDO_SCAN_TIMEOUT_MS) || config.scanTimeout || 10000 // Default to 10 seconds
);
if (process.env.AIKIDO_SCAN_TIMEOUT_MS) {
const scanTimeout = validateTimeout(process.env.AIKIDO_SCAN_TIMEOUT_MS);
if (scanTimeout != null) {
return scanTimeout;
}
}
if (config.scanTimeout) {
const scanTimeout = validateTimeout(config.scanTimeout);
if (scanTimeout != null) {
return scanTimeout;
}
}
return 10000; // Default to 10 seconds
}
/**
*
* @param {any} value
* @returns {number?}
*/
function validateTimeout(value) {
const timeout = Number(value);
if (!Number.isNaN(timeout) && timeout > 0) {
return timeout;
}
return null;
}
/**
* @param {any} value
* @returns {number | undefined}
*/
function validateMinimumPackageAgeHours(value) {
const hours = Number(value);
if (!Number.isNaN(hours)) {
return hours;
}
return undefined;
}
/**
* Gets the minimum package age in hours from config file only
* @returns {number | undefined}
*/
export function getMinimumPackageAgeHours() {
const config = readConfigFile();
if (config.minimumPackageAgeHours) {
const validated = validateMinimumPackageAgeHours(
config.minimumPackageAgeHours
);
if (validated !== undefined) {
return validated;
}
}
return undefined;
}
/**
* @param {import("../api/aikido.js").MalwarePackage[]} data
* @param {string | number} version
*
* @returns {void}
*/
export function writeDatabaseToLocalCache(data, version) {
try {
const databasePath = getDatabasePath();
@ -24,6 +98,9 @@ export function writeDatabaseToLocalCache(data, version) {
}
}
/**
* @returns {{malwareDatabase: import("../api/aikido.js").MalwarePackage[] | null, version: string | null}}
*/
export function readDatabaseFromLocalCache() {
try {
const databasePath = getDatabasePath();
@ -55,31 +132,55 @@ export function readDatabaseFromLocalCache() {
}
}
/**
* @returns {SafeChainConfig}
*/
function readConfigFile() {
const configFilePath = getConfigFilePath();
if (!fs.existsSync(configFilePath)) {
return {};
return {
scanTimeout: undefined,
minimumPackageAgeHours: undefined,
};
}
try {
const data = fs.readFileSync(configFilePath, "utf8");
return JSON.parse(data);
} catch {
return {
scanTimeout: undefined,
minimumPackageAgeHours: undefined,
};
}
}
/**
* @returns {string}
*/
function getDatabasePath() {
const aikidoDir = getAikidoDirectory();
return path.join(aikidoDir, "malwareDatabase.json");
const ecosystem = getEcoSystem();
return path.join(aikidoDir, `malwareDatabase_${ecosystem}.json`);
}
function getDatabaseVersionPath() {
const aikidoDir = getAikidoDirectory();
return path.join(aikidoDir, "version.txt");
const ecosystem = getEcoSystem();
return path.join(aikidoDir, `version_${ecosystem}.txt`);
}
/**
* @returns {string}
*/
function getConfigFilePath() {
return path.join(getAikidoDirectory(), "config.json");
}
/**
* @returns {string}
*/
function getAikidoDirectory() {
const homeDir = os.homedir();
const aikidoDir = path.join(homeDir, ".aikido");

285
packages/safe-chain/src/config/configFile.spec.js Normal file
View file

@ -0,0 +1,285 @@
import { describe, it, beforeEach, afterEach, mock } from "node:test";
import assert from "node:assert";
describe("getScanTimeout", () => {
let originalEnv;
let fsMock;
let getScanTimeout;
beforeEach(async () => {
// Save original environment
originalEnv = process.env.AIKIDO_SCAN_TIMEOUT_MS;
// Mock fs module
fsMock = {
existsSync: mock.fn(() => false),
readFileSync: mock.fn(() => "{}"),
writeFileSync: mock.fn(),
mkdirSync: mock.fn(),
};
mock.module("fs", {
namedExports: fsMock,
});
// Re-import the module to get the mocked version
const configFileModule = await import(
`./configFile.js?update=${Date.now()}`
);
getScanTimeout = configFileModule.getScanTimeout;
});
afterEach(() => {
// Restore original environment
if (originalEnv !== undefined) {
process.env.AIKIDO_SCAN_TIMEOUT_MS = originalEnv;
} else {
delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
}
// Reset all mocks
mock.restoreAll();
});
it("should return default timeout of 10000ms when no config or env var is set", () => {
delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
// Mock: config file doesn't exist
fsMock.existsSync.mock.mockImplementation(() => false);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 10000);
});
it("should return timeout from config file when set", () => {
delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
// Mock: config file exists with scanTimeout: 5000
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: 5000 })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 5000);
});
it("should prioritize environment variable over config file", () => {
process.env.AIKIDO_SCAN_TIMEOUT_MS = "20000";
// Mock: config file exists with scanTimeout: 5000
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: 5000 })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 20000);
});
it("should handle invalid environment variable and fall back to config", () => {
process.env.AIKIDO_SCAN_TIMEOUT_MS = "invalid";
// Mock: config file exists with scanTimeout: 7000
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: 7000 })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 7000);
});
it("should ignore zero and negative values and fall back to default", () => {
// Mock: config file doesn't exist
fsMock.existsSync.mock.mockImplementation(() => false);
process.env.AIKIDO_SCAN_TIMEOUT_MS = "0";
let timeout = getScanTimeout();
assert.strictEqual(timeout, 10000);
process.env.AIKIDO_SCAN_TIMEOUT_MS = "-5000";
timeout = getScanTimeout();
assert.strictEqual(timeout, 10000);
});
it("should ignore textual non-numeric values in environment variable and fall back to config", () => {
process.env.AIKIDO_SCAN_TIMEOUT_MS = "fast";
// Mock: config file exists with scanTimeout: 8000
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: 8000 })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 8000);
});
it("should ignore textual non-numeric values in config file and fall back to default", () => {
delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
// Mock: config file exists with scanTimeout: "slow"
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: "slow" })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 10000);
});
it("should ignore textual non-numeric values in both env and config, fall back to default", () => {
process.env.AIKIDO_SCAN_TIMEOUT_MS = "quick";
// Mock: config file exists with scanTimeout: "medium"
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: "medium" })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 10000);
});
it("should ignore mixed alphanumeric strings in environment variable", () => {
process.env.AIKIDO_SCAN_TIMEOUT_MS = "5000ms";
// Mock: config file exists with scanTimeout: 6000
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: 6000 })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 6000);
});
it("should ignore mixed alphanumeric strings in config file", () => {
delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
// Mock: config file exists with scanTimeout: "3000ms"
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: "3000ms" })
);
const timeout = getScanTimeout();
assert.strictEqual(timeout, 10000);
});
});
describe("getMinimumPackageAgeHours", () => {
let fsMock;
let getMinimumPackageAgeHours;
beforeEach(async () => {
// Mock fs module
fsMock = {
existsSync: mock.fn(() => false),
readFileSync: mock.fn(() => "{}"),
writeFileSync: mock.fn(),
mkdirSync: mock.fn(),
};
mock.module("fs", {
namedExports: fsMock,
});
// Re-import the module to get the mocked version
const configFileModule = await import(
`./configFile.js?update=${Date.now()}`
);
getMinimumPackageAgeHours = configFileModule.getMinimumPackageAgeHours;
});
afterEach(() => {
// Reset all mocks
mock.restoreAll();
});
it("should return null when config file doesn't exist", () => {
fsMock.existsSync.mock.mockImplementation(() => false);
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, undefined);
});
it("should return null when config file exists but minimumPackageAgeHours is not set", () => {
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ scanTimeout: 5000 })
);
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, undefined);
});
it("should return value from config file when set to valid number", () => {
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ minimumPackageAgeHours: 48 })
);
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, 48);
});
it("should handle string numbers in config file", () => {
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ minimumPackageAgeHours: "72" })
);
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, 72);
});
it("should handle decimal values", () => {
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ minimumPackageAgeHours: 1.5 })
);
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, 1.5);
});
it("should return null for non-numeric strings", () => {
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ minimumPackageAgeHours: "invalid" })
);
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, undefined);
});
it("should return null for values with units suffix", () => {
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() =>
JSON.stringify({ minimumPackageAgeHours: "48h" })
);
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, undefined);
});
it("should handle malformed JSON and return null", () => {
fsMock.existsSync.mock.mockImplementation(() => true);
fsMock.readFileSync.mock.mockImplementation(() => "{ invalid json");
const hours = getMinimumPackageAgeHours();
assert.strictEqual(hours, undefined);
});
});

7
packages/safe-chain/src/config/environmentVariables.js Normal file
View file

@ -0,0 +1,7 @@
/**
* Gets the minimum package age in hours from environment variable
* @returns {string | undefined}
*/
export function getMinimumPackageAgeHours() {
return process.env.SAFE_CHAIN_MINIMUM_PACKAGE_AGE_HOURS;
}

100
packages/safe-chain/src/config/settings.js
View file

@ -1,14 +1,100 @@
import * as cliArguments from "./cliArguments.js";
import * as configFile from "./configFile.js";
import * as environmentVariables from "./environmentVariables.js";
export function getMalwareAction() {
const action = cliArguments.getMalwareAction();
export const LOGGING_SILENT = "silent";
export const LOGGING_NORMAL = "normal";
export const LOGGING_VERBOSE = "verbose";
if (action === MALWARE_ACTION_PROMPT) {
return MALWARE_ACTION_PROMPT;
export function getLoggingLevel() {
const level = cliArguments.getLoggingLevel();
if (level === LOGGING_SILENT) {
return LOGGING_SILENT;
}
return MALWARE_ACTION_BLOCK;
if (level === LOGGING_VERBOSE) {
return LOGGING_VERBOSE;
}
export const MALWARE_ACTION_BLOCK = "block";
export const MALWARE_ACTION_PROMPT = "prompt";
return LOGGING_NORMAL;
}
export const ECOSYSTEM_JS = "js";
export const ECOSYSTEM_PY = "py";
// Default to JavaScript ecosystem
const ecosystemSettings = {
ecoSystem: ECOSYSTEM_JS,
};
/** @returns {string} - The current ecosystem setting (ECOSYSTEM_JS or ECOSYSTEM_PY) */
export function getEcoSystem() {
return ecosystemSettings.ecoSystem;
}
/**
* @param {string} setting - The ecosystem to set (ECOSYSTEM_JS or ECOSYSTEM_PY)
*/
export function setEcoSystem(setting) {
ecosystemSettings.ecoSystem = setting;
}
const defaultMinimumPackageAge = 24;
/** @returns {number} */
export function getMinimumPackageAgeHours() {
// Priority 1: CLI argument
const cliValue = validateMinimumPackageAgeHours(
cliArguments.getMinimumPackageAgeHours()
);
if (cliValue !== undefined) {
return cliValue;
}
// Priority 2: Environment variable
const envValue = validateMinimumPackageAgeHours(
environmentVariables.getMinimumPackageAgeHours()
);
if (envValue !== undefined) {
return envValue;
}
// Priority 3: Config file
const configValue = configFile.getMinimumPackageAgeHours();
if (configValue !== undefined) {
return configValue;
}
return defaultMinimumPackageAge;
}
/**
* @param {string | undefined} value
* @returns {number | undefined}
*/
function validateMinimumPackageAgeHours(value) {
if (!value) {
return undefined;
}
const numericValue = Number(value);
if (Number.isNaN(numericValue)) {
return undefined;
}
if (numericValue > 0) {
return numericValue;
}
return undefined;
}
const defaultSkipMinimumPackageAge = false;
export function skipMinimumPackageAge() {
const cliValue = cliArguments.getSkipMinimumPackageAge();
if (cliValue === true) {
return true;
}
return defaultSkipMinimumPackageAge;
}

144
packages/safe-chain/src/environment/userInteraction.js
View file

@ -1,96 +1,122 @@
// oxlint-disable no-console
import chalk from "chalk";
import ora from "ora";
import { createInterface } from "readline";
import { isCi } from "./environment.js";
import {
getLoggingLevel,
LOGGING_SILENT,
LOGGING_VERBOSE,
} from "../config/settings.js";
/**
* @type {{ bufferOutput: boolean, bufferedMessages:(() => void)[]}}
*/
const state = {
bufferOutput: false,
bufferedMessages: [],
};
function isSilentMode() {
return getLoggingLevel() === LOGGING_SILENT;
}
function isVerboseMode() {
return getLoggingLevel() === LOGGING_VERBOSE;
}
function emptyLine() {
if (isSilentMode()) return;
writeInformation("");
}
/**
* @param {string} message
* @param {...any} optionalParams
* @returns {void}
*/
function writeInformation(message, ...optionalParams) {
console.log(message, ...optionalParams);
if (isSilentMode()) return;
writeOrBuffer(() => console.log(message, ...optionalParams));
}
/**
* @param {string} message
* @param {...any} optionalParams
* @returns {void}
*/
function writeWarning(message, ...optionalParams) {
if (isSilentMode()) return;
if (!isCi()) {
message = chalk.yellow(message);
}
console.warn(message, ...optionalParams);
writeOrBuffer(() => console.warn(message, ...optionalParams));
}
/**
* @param {string} message
* @param {...any} optionalParams
* @returns {void}
*/
function writeError(message, ...optionalParams) {
if (!isCi()) {
message = chalk.red(message);
}
console.error(message, ...optionalParams);
writeOrBuffer(() => console.error(message, ...optionalParams));
}
function startProcess(message) {
if (isCi()) {
return {
succeed: (message) => {
writeInformation(message);
},
fail: (message) => {
writeError(message);
},
stop: () => {},
setText: (message) => {
writeInformation(message);
},
};
function writeExitWithoutInstallingMaliciousPackages() {
let message = "Safe-chain: Exiting without installing malicious packages.";
if (!isCi()) {
message = chalk.red(message);
}
writeOrBuffer(() => console.error(message));
}
/**
* @param {string} message
* @param {...any} optionalParams
* @returns {void}
*/
function writeVerbose(message, ...optionalParams) {
if (!isVerboseMode()) return;
writeOrBuffer(() => console.log(message, ...optionalParams));
}
/**
*
* @param {() => void} messageFunction
*/
function writeOrBuffer(messageFunction) {
if (state.bufferOutput) {
state.bufferedMessages.push(messageFunction);
} else {
const spinner = ora(message).start();
return {
succeed: (message) => {
spinner.succeed(message);
},
fail: (message) => {
spinner.fail(message);
},
stop: () => {
spinner.stop();
},
setText: (message) => {
spinner.text = message;
},
};
messageFunction();
}
}
async function confirm(config) {
if (isCi()) {
return Promise.resolve(config.default);
function startBufferingLogs() {
state.bufferOutput = true;
state.bufferedMessages = [];
}
const rl = createInterface({
input: process.stdin,
output: process.stdout,
});
return new Promise((resolve) => {
const defaultText = config.default ? " (Y/n)" : " (y/N)";
rl.question(`${config.message}${defaultText} `, (answer) => {
rl.close();
const normalizedAnswer = answer.trim().toLowerCase();
if (normalizedAnswer === "y" || normalizedAnswer === "yes") {
resolve(true);
} else if (normalizedAnswer === "n" || normalizedAnswer === "no") {
resolve(false);
} else {
resolve(config.default);
function writeBufferedLogsAndStopBuffering() {
state.bufferOutput = false;
for (const log of state.bufferedMessages) {
log();
}
});
});
state.bufferedMessages = [];
}
export const ui = {
writeVerbose,
writeInformation,
writeWarning,
writeError,
writeExitWithoutInstallingMaliciousPackages,
emptyLine,
startProcess,
confirm,
startBufferingLogs,
writeBufferedLogsAndStopBuffering,
};

59
packages/safe-chain/src/main.js
View file

@ -6,11 +6,34 @@ import { getPackageManager } from "./packagemanager/currentPackageManager.js";
import { initializeCliArguments } from "./config/cliArguments.js";
import { createSafeChainProxy } from "./registryProxy/registryProxy.js";
import chalk from "chalk";
import { getAuditStats } from "./scanning/audit/index.js";
/**
* @param {string[]} args
* @returns {Promise<number>}
*/
export async function main(args) {
process.on("SIGINT", handleProcessTermination);
process.on("SIGTERM", handleProcessTermination);
const proxy = createSafeChainProxy();
await proxy.startServer();
// Global error handlers to log unhandled errors
process.on("uncaughtException", (error) => {
ui.writeError(`Safe-chain: Uncaught exception: ${error.message}`);
ui.writeVerbose(`Stack trace: ${error.stack}`);
process.exit(1);
});
process.on("unhandledRejection", (reason) => {
ui.writeError(`Safe-chain: Unhandled promise rejection: ${reason}`);
if (reason instanceof Error) {
ui.writeVerbose(`Stack trace: ${reason.stack}`);
}
process.exit(1);
});
try {
// This parses all the --safe-chain arguments and removes them from the args array
args = initializeCliArguments(args);
@ -25,23 +48,47 @@ export async function main(args) {
}
}
// Buffer logs during package manager execution, this avoids interleaving
// of logs from the package manager and safe-chain
// Not doing this could cause bugs to disappear when cursor movement codes
// are written by the package manager while safe-chain is writing logs
ui.startBufferingLogs();
const packageManagerResult = await getPackageManager().runCommand(args);
// Write all buffered logs
ui.writeBufferedLogsAndStopBuffering();
if (!proxy.verifyNoMaliciousPackages()) {
return 1;
}
const auditStats = getAuditStats();
if (auditStats.totalPackages > 0) {
ui.emptyLine();
ui.writeInformation(
`${chalk.green(
"✔"
)} Safe-chain: Command completed, no malicious packages found.`
`${chalk.green("✔")} Safe-chain: Scanned ${
auditStats.totalPackages
} packages, no malware found.`
);
}
if (proxy.hasSuppressedVersions()) {
ui.writeInformation(
`${chalk.yellow(
""
)} Safe-chain: Some package versions were suppressed due to minimum age requirement.`
);
ui.writeInformation(
` To disable this check, use: ${chalk.cyan(
"--safe-chain-skip-minimum-package-age"
)}`
);
}
// Returning the exit code back to the caller allows the promise
// to be awaited in the bin files and return the correct exit code
return packageManagerResult.status;
} catch (error) {
} catch (/** @type any */ error) {
ui.writeError("Failed to check for malicious packages:", error.message);
// Returning the exit code back to the caller allows the promise
@ -51,3 +98,7 @@ export async function main(args) {
await proxy.stopServer();
}
}
function handleProcessTermination() {
ui.writeBufferedLogsAndStopBuffering();
}

5
packages/safe-chain/src/packagemanager/_shared/matchesCommand.js
View file

@ -1,3 +1,8 @@
/**
* @param {string[]} args
* @param {...string} commandArgs
* @returns {boolean}
*/
export function matchesCommand(args, ...commandArgs) {
if (args.length < commandArgs.length) {
return false;

13
packages/safe-chain/src/packagemanager/bun/createBunPackageManager.js
View file

@ -2,6 +2,9 @@ import { ui } from "../../environment/userInteraction.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createBunPackageManager() {
return {
runCommand: (args) => runBunCommand("bun", args),
@ -13,6 +16,9 @@ export function createBunPackageManager() {
};
}
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createBunxPackageManager() {
return {
runCommand: (args) => runBunCommand("bunx", args),
@ -24,6 +30,11 @@ export function createBunxPackageManager() {
};
}
/**
* @param {string} command
* @param {string[]} args
* @returns {Promise<{status: number}>}
*/
async function runBunCommand(command, args) {
try {
const result = await safeSpawn(command, args, {
@ -31,7 +42,7 @@ async function runBunCommand(command, args) {
env: mergeSafeChainProxyEnvironmentVariables(process.env),
});
return { status: result.status };
} catch (error) {
} catch (/** @type any */ error) {
if (error.status) {
return { status: error.status };
} else {

33
packages/safe-chain/src/packagemanager/currentPackageManager.js
View file

@ -9,14 +9,39 @@ import {
createPnpxPackageManager,
} from "./pnpm/createPackageManager.js";
import { createYarnPackageManager } from "./yarn/createPackageManager.js";
import { createPipPackageManager } from "./pip/createPackageManager.js";
import { createUvPackageManager } from "./uv/createUvPackageManager.js";
/**
* @type {{packageManagerName: PackageManager | null}}
*/
const state = {
packageManagerName: null,
};
export function initializePackageManager(packageManagerName, version) {
/**
* @typedef {Object} GetDependencyUpdatesResult
* @property {string} name
* @property {string} version
* @property {string} type
*/
/**
* @typedef {Object} PackageManager
* @property {(args: string[]) => Promise<{ status: number }>} runCommand
* @property {(args: string[]) => boolean} isSupportedCommand
* @property {(args: string[]) => Promise<GetDependencyUpdatesResult[]> | GetDependencyUpdatesResult[]} getDependencyUpdatesForCommand
*/
/**
* @param {string} packageManagerName
* @param {{ tool: string, args: string[] }} [context] - Optional tool context for package managers like pip
*
* @return {PackageManager}
*/
export function initializePackageManager(packageManagerName, context) {
if (packageManagerName === "npm") {
state.packageManagerName = createNpmPackageManager(version);
state.packageManagerName = createNpmPackageManager();
} else if (packageManagerName === "npx") {
state.packageManagerName = createNpxPackageManager();
} else if (packageManagerName === "yarn") {
@ -29,6 +54,10 @@ export function initializePackageManager(packageManagerName, version) {
state.packageManagerName = createBunPackageManager();
} else if (packageManagerName === "bunx") {
state.packageManagerName = createBunxPackageManager();
} else if (packageManagerName === "pip") {
state.packageManagerName = createPipPackageManager(context);
} else if (packageManagerName === "uv") {
state.packageManagerName = createUvPackageManager();
} else {
throw new Error("Unsupported package manager: " + packageManagerName);
}

78
packages/safe-chain/src/packagemanager/npm/createPackageManager.js
View file

@ -1,34 +1,40 @@
import { commandArgumentScanner } from "./dependencyScanner/commandArgumentScanner.js";
import { dryRunScanner } from "./dependencyScanner/dryRunScanner.js";
import { nullScanner } from "./dependencyScanner/nullScanner.js";
import { runNpm } from "./runNpmCommand.js";
import {
getNpmCommandForArgs,
npmInstallCommand,
npmCiCommand,
npmInstallTestCommand,
npmInstallCiTestCommand,
npmUpdateCommand,
npmAuditCommand,
npmExecCommand,
} from "./utils/npmCommands.js";
export function createNpmPackageManager(version) {
// From npm v10.4.0 onwards, the npm commands output detailed information
// when using the --dry-run flag.
// We use that information to scan for dependency changes.
// For older versions of npm we have to rely on parsing the command arguments.
const supportedScanners = isPriorToNpm10_4(version)
? npm10_3AndBelowSupportedScanners
: npm10_4AndAboveSupportedScanners;
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createNpmPackageManager() {
/**
* @param {string[]} args
*
* @returns {boolean}
*/
function isSupportedCommand(args) {
const scanner = findDependencyScannerForCommand(supportedScanners, args);
const scanner = findDependencyScannerForCommand(
commandScannerMapping,
args
);
return scanner.shouldScan(args);
}
/**
* @param {string[]} args
*
* @returns {ReturnType<import("../currentPackageManager.js").PackageManager["getDependencyUpdatesForCommand"]>}
*/
function getDependencyUpdatesForCommand(args) {
const scanner = findDependencyScannerForCommand(supportedScanners, args);
const scanner = findDependencyScannerForCommand(
commandScannerMapping,
args
);
return scanner.scan(args);
}
@ -39,40 +45,22 @@ export function createNpmPackageManager(version) {
};
}
const npm10_4AndAboveSupportedScanners = {
[npmInstallCommand]: dryRunScanner(),
[npmUpdateCommand]: dryRunScanner(),
[npmCiCommand]: dryRunScanner(),
[npmAuditCommand]: dryRunScanner({
skipScanWhen: (args) => !args.includes("fix"),
}),
[npmExecCommand]: commandArgumentScanner({ ignoreDryRun: true }), // exec command doesn't support dry-run
// Running dry-run on install-test and install-ci-test will install & run tests.
// We only want to know if there are changes in the dependencies.
// So we run change the dry-run command to only check the install.
[npmInstallTestCommand]: dryRunScanner({ dryRunCommand: npmInstallCommand }),
[npmInstallCiTestCommand]: dryRunScanner({ dryRunCommand: npmCiCommand }),
};
const npm10_3AndBelowSupportedScanners = {
/**
* @type {Record<string, import("./dependencyScanner/commandArgumentScanner.js").CommandArgumentScanner>}
*/
const commandScannerMapping = {
[npmInstallCommand]: commandArgumentScanner(),
[npmUpdateCommand]: commandArgumentScanner(),
[npmExecCommand]: commandArgumentScanner({ ignoreDryRun: true }), // exec command doesn't support dry-run
};
function isPriorToNpm10_4(version) {
try {
const [major, minor] = version.split(".").map(Number);
if (major < 10) return true;
if (major === 10 && minor < 4) return true;
return false;
} catch {
// Default to true: if version parsing fails, assume it's an older version
return true;
}
}
/**
*
* @param {Record<string, import("./dependencyScanner/commandArgumentScanner.js").CommandArgumentScanner>} scanners
* @param {string[]} args
*
* @returns {import("./dependencyScanner/commandArgumentScanner.js").CommandArgumentScanner}
*/
function findDependencyScannerForCommand(scanners, args) {
const command = getNpmCommandForArgs(args);
if (!command) {

37
packages/safe-chain/src/packagemanager/npm/dependencyScanner/commandArgumentScanner.js
View file

@ -2,6 +2,29 @@ import { resolvePackageVersion } from "../../../api/npmApi.js";
import { parsePackagesFromInstallArgs } from "../parsing/parsePackagesFromInstallArgs.js";
import { hasDryRunArg } from "../utils/npmCommands.js";
/**
* @typedef {Object} ScanResult
* @property {string} name
* @property {string} version
* @property {string} type
*/
/**
* @typedef {Object} ScannerOptions
* @property {boolean} [ignoreDryRun]
*/
/**
* @typedef {Object} CommandArgumentScanner
* @property {(args: string[]) => Promise<ScanResult[]> | ScanResult[]} scan
* @property {(args: string[]) => boolean} shouldScan
*/
/**
* @param {ScannerOptions} [opts]
*
* @returns {CommandArgumentScanner}
*/
export function commandArgumentScanner(opts) {
const ignoreDryRun = opts?.ignoreDryRun ?? false;
@ -10,14 +33,28 @@ export function commandArgumentScanner(opts) {
shouldScan: (args) => shouldScanDependencies(args, ignoreDryRun),
};
}
/**
* @param {string[]} args
* @returns {Promise<ScanResult[]>}
*/
function scanDependencies(args) {
return checkChangesFromArgs(args);
}
/**
* @param {string[]} args
* @param {boolean} ignoreDryRun
* @returns {boolean}
*/
function shouldScanDependencies(args, ignoreDryRun) {
return ignoreDryRun || !hasDryRunArg(args);
}
/**
* @param {string[]} args
* @returns {Promise<ScanResult[]>}
*/
export async function checkChangesFromArgs(args) {
const changes = [];
const packageUpdates = parsePackagesFromInstallArgs(args);

67
packages/safe-chain/src/packagemanager/npm/dependencyScanner/dryRunScanner.js
View file

@ -1,67 +0,0 @@
import { parseDryRunOutput } from "../parsing/parseNpmInstallDryRunOutput.js";
import { dryRunNpmCommandAndOutput } from "../runNpmCommand.js";
import { hasDryRunArg } from "../utils/npmCommands.js";
export function dryRunScanner(scannerOptions) {
return {
scan: (args) => scanDependencies(scannerOptions, args),
shouldScan: (args) => shouldScanDependencies(scannerOptions, args),
};
}
function scanDependencies(scannerOptions, args) {
let dryRunArgs = args;
if (scannerOptions?.dryRunCommand) {
// Replace the first argument with the dryRunCommand (eg: "install" instead of "install-test")
dryRunArgs = [scannerOptions.dryRunCommand, ...args.slice(1)];
}
return checkChangesWithDryRun(dryRunArgs);
}
function shouldScanDependencies(scannerOptions, args) {
if (hasDryRunArg(args)) {
return false;
}
if (scannerOptions?.skipScanWhen && scannerOptions.skipScanWhen(args)) {
return false;
}
return true;
}
async function checkChangesWithDryRun(args) {
const dryRunOutput = await dryRunNpmCommandAndOutput(args);
// Dry-run can return a non-zero status code in some cases
// e.g., when running "npm audit fix --dry-run", it returns exit code 1
// when there are vulnerabilities that can be fixed.
if (dryRunOutput.status !== 0 && !canCommandReturnNonZeroOnSuccess(args)) {
throw new Error(
`Dry-run command failed with exit code ${dryRunOutput.status} and output:\n${dryRunOutput.output}`
);
}
if (dryRunOutput.status !== 0 && !dryRunOutput.output) {
throw new Error(
`Dry-run command failed with exit code ${dryRunOutput.status} and produced no output.`
);
}
const parsedOutput = parseDryRunOutput(dryRunOutput.output);
// reverse the array to have the top-level packages first
return parsedOutput.reverse();
}
function canCommandReturnNonZeroOnSuccess(args) {
if (args.length < 2) {
return false;
}
// `npm audit fix --dry-run` can return exit code 1 when it succesfully ran and
// there were vulnerabilities that could be fixed
return args[0] === "audit" && args[1] === "fix";
}

139
packages/safe-chain/src/packagemanager/npm/dependencyScanner/dryRunScanner.spec.js
View file

@ -1,139 +0,0 @@
import { describe, it, mock } from "node:test";
import assert from "node:assert/strict";
describe("dryRunScanner", async () => {
const mockWriteError = mock.fn();
const mockDryRunNpmCommandAndOutput = mock.fn();
// Mock ui module
mock.module("../../../environment/userInteraction.js", {
namedExports: {
ui: {
writeError: mockWriteError,
},
},
});
// Mock dryRunNpmCommandAndOutput function
mock.module("../runNpmCommand.js", {
namedExports: {
dryRunNpmCommandAndOutput: mockDryRunNpmCommandAndOutput,
},
});
const { dryRunScanner } = await import("./dryRunScanner.js");
describe("doesCommandReturnNonZero", () => {
// We need to access the internal function for testing
// Since it's not exported, we'll test it indirectly through the main functionality
it("should handle npm audit fix commands that return non-zero", async () => {
mockDryRunNpmCommandAndOutput.mock.resetCalls();
mockWriteError.mock.resetCalls();
mockDryRunNpmCommandAndOutput.mock.mockImplementationOnce(() => ({
status: 1,
output: "found 5 vulnerabilities that can be fixed",
}));
const scanner = dryRunScanner();
const result = await scanner.scan(["audit", "fix"]);
// Should not throw an error for audit fix commands
assert.ok(Array.isArray(result));
assert.equal(mockWriteError.mock.callCount(), 0);
});
it("should throw error for unexpected non-zero exit codes", async () => {
mockDryRunNpmCommandAndOutput.mock.resetCalls();
mockWriteError.mock.resetCalls();
mockDryRunNpmCommandAndOutput.mock.mockImplementationOnce(() => ({
status: 1,
output: "some error output",
}));
const scanner = dryRunScanner();
await assert.rejects(async () => {
await scanner.scan(["install", "lodash"]);
}, /Dry-run command failed with exit code 1/);
});
it("should handle zero exit codes normally", async () => {
mockDryRunNpmCommandAndOutput.mock.resetCalls();
mockWriteError.mock.resetCalls();
mockDryRunNpmCommandAndOutput.mock.mockImplementationOnce(() => ({
status: 0,
output: "added 1 package",
}));
const scanner = dryRunScanner();
const result = await scanner.scan(["install", "lodash"]);
assert.ok(Array.isArray(result));
assert.equal(mockWriteError.mock.callCount(), 0);
});
it("should throw error for non-zero exit with no output for audit fix", async () => {
mockDryRunNpmCommandAndOutput.mock.resetCalls();
mockWriteError.mock.resetCalls();
mockDryRunNpmCommandAndOutput.mock.mockImplementationOnce(() => ({
status: 1,
output: "",
}));
const scanner = dryRunScanner();
await assert.rejects(async () => {
await scanner.scan(["audit", "fix"]);
}, /Dry-run command failed with exit code 1/);
});
});
describe("scanner functionality", () => {
it("should use dryRunCommand option when provided", async () => {
mockDryRunNpmCommandAndOutput.mock.resetCalls();
mockWriteError.mock.resetCalls();
mockDryRunNpmCommandAndOutput.mock.mockImplementationOnce(() => ({
status: 0,
output: "no changes",
}));
const scanner = dryRunScanner({ dryRunCommand: "install" });
await scanner.scan(["install-test", "lodash"]);
// Should call with "install" instead of "install-test"
assert.equal(mockDryRunNpmCommandAndOutput.mock.callCount(), 1);
const calledArgs =
mockDryRunNpmCommandAndOutput.mock.calls[0].arguments[0];
assert.deepEqual(calledArgs, ["install", "lodash"]);
});
it("should skip scanning when hasDryRunArg returns true", async () => {
mockDryRunNpmCommandAndOutput.mock.resetCalls();
mockWriteError.mock.resetCalls();
const scanner = dryRunScanner();
const shouldScan = scanner.shouldScan(["install", "--dry-run"]);
assert.equal(shouldScan, false);
// Should not call dryRunNpmCommandAndOutput since scanning is skipped
assert.equal(mockDryRunNpmCommandAndOutput.mock.callCount(), 0);
});
it("should skip scanning when skipScanWhen returns true", async () => {
const scanner = dryRunScanner({
skipScanWhen: (args) => args.includes("--skip"),
});
const shouldScan = scanner.shouldScan(["install", "--skip"]);
assert.equal(shouldScan, false);
});
it("should scan when conditions are met", async () => {
const scanner = dryRunScanner();
const shouldScan = scanner.shouldScan(["install", "lodash"]);
assert.equal(shouldScan, true);
});
});
});

3
packages/safe-chain/src/packagemanager/npm/dependencyScanner/nullScanner.js
View file

@ -1,3 +1,6 @@
/**
* @returns {import("./commandArgumentScanner.js").CommandArgumentScanner}
*/
export function nullScanner() {
return {
scan: () => [],

57
packages/safe-chain/src/packagemanager/npm/parsing/parseNpmInstallDryRunOutput.js
View file

@ -1,57 +0,0 @@
export function parseDryRunOutput(output) {
const lines = output.split(/\r?\n/);
const packageChanges = [];
for (const line of lines) {
if (line.startsWith("add ")) {
packageChanges.push(parseAdd(line));
} else if (line.startsWith("remove ")) {
packageChanges.push(parseRemove(line));
} else if (line.startsWith("change ")) {
packageChanges.push(parseChange(line));
}
}
return packageChanges;
}
function parseAdd(line) {
const splitLine = getLineParts(line);
const packageName = splitLine[1];
const packageVersion = splitLine[splitLine.length - 1];
return addedPackage(packageName, packageVersion);
}
function addedPackage(name, version) {
return { type: "add", name, version };
}
function parseRemove(line) {
const splitLine = getLineParts(line);
const packageName = splitLine[1];
const packageVersion = splitLine[splitLine.length - 1];
return removedPackage(packageName, packageVersion);
}
function removedPackage(name, version) {
return { type: "remove", name, version };
}
function parseChange(line) {
const splitLine = getLineParts(line);
const packageName = splitLine[1];
const packageVersion = splitLine[splitLine.length - 1];
const oldVersion = splitLine[2];
return changedPackage(packageName, packageVersion, oldVersion);
}
function getLineParts(line) {
return line
.split(" ")
.map((part) => part.trim())
.filter((part) => part !== "");
}
function changedPackage(name, version, oldVersion) {
return { type: "change", name, version, oldVersion };
}

134
packages/safe-chain/src/packagemanager/npm/parsing/parseNpmInstallDryRunOutput.spec.js
View file

@ -1,134 +0,0 @@
import { describe, it } from "node:test";
import assert from "node:assert";
import { parseDryRunOutput } from "./parseNpmInstallDryRunOutput.js";
describe("parseNpmInstallDryRunOutput", () => {
it("should parse added packages", () => {
const output = `
add @jest/transform 29.7.0
add @jest/test-result 29.7.0
add @jest/reporters 29.7.0
add @jest/console 29.7.0
add jest-cli 29.7.0
add import-local 3.2.0
add @jest/types 29.6.3
add @jest/core 29.7.0
add jest 29.7.0
added 267 packages in 831ms
32 packages are looking for funding
run \`npm fund\` for details`;
const expected = [
{ name: "@jest/transform", version: "29.7.0", type: "add" },
{ name: "@jest/test-result", version: "29.7.0", type: "add" },
{ name: "@jest/reporters", version: "29.7.0", type: "add" },
{ name: "@jest/console", version: "29.7.0", type: "add" },
{ name: "jest-cli", version: "29.7.0", type: "add" },
{ name: "import-local", version: "3.2.0", type: "add" },
{ name: "@jest/types", version: "29.6.3", type: "add" },
{ name: "@jest/core", version: "29.7.0", type: "add" },
{ name: "jest", version: "29.7.0", type: "add" },
];
const result = parseDryRunOutput(output);
assert.deepEqual(result, expected);
});
it("should parse removed packages", () => {
const output = `
remove react 19.1.0
removed 1 package in 115ms`;
const expected = [{ name: "react", version: "19.1.0", type: "remove" }];
const result = parseDryRunOutput(output);
assert.deepEqual(result, expected);
});
it("should parse changed packages", () => {
const output = `
change react 19.0.0 => 19.1.0
changed 1 package in 204ms`;
const expected = [
{
name: "react",
version: "19.1.0",
oldVersion: "19.0.0",
type: "change",
},
];
const result = parseDryRunOutput(output);
assert.deepEqual(result, expected);
});
it("should parse mixed package changes", () => {
const output = `
add @jest/transform 29.7.0
add @jest/test-result 29.7.0
add @jest/reporters 29.7.0
add @jest/console 29.7.0
add jest-cli 29.7.0
add import-local 3.2.0
add @jest/types 29.6.3
add @jest/core 29.7.0
add jest 29.7.0
remove react 19.1.0
change lodash 4.17.0 => 4.18.0
removed 1 package in 115ms`;
const expected = [
{ name: "@jest/transform", version: "29.7.0", type: "add" },
{ name: "@jest/test-result", version: "29.7.0", type: "add" },
{ name: "@jest/reporters", version: "29.7.0", type: "add" },
{ name: "@jest/console", version: "29.7.0", type: "add" },
{ name: "jest-cli", version: "29.7.0", type: "add" },
{ name: "import-local", version: "3.2.0", type: "add" },
{ name: "@jest/types", version: "29.6.3", type: "add" },
{ name: "@jest/core", version: "29.7.0", type: "add" },
{ name: "jest", version: "29.7.0", type: "add" },
{ name: "react", version: "19.1.0", type: "remove" },
{
name: "lodash",
version: "4.18.0",
oldVersion: "4.17.0",
type: "change",
},
];
const result = parseDryRunOutput(output);
assert.deepEqual(result, expected);
});
it("should work with npm v22.0.0", () => {
const output = `
add @jest/types 29.6.3
add @jest/core 29.7.0
add jest 29.7.0
added 257 packages in 791ms
44 packages are looking for funding
run \`npm fund\` for details`;
const expected = [
{ name: "@jest/types", version: "29.6.3", type: "add" },
{ name: "@jest/core", version: "29.7.0", type: "add" },
{ name: "jest", version: "29.7.0", type: "add" },
];
const result = parseDryRunOutput(output);
assert.deepEqual(result, expected);
});
});

35
packages/safe-chain/src/packagemanager/npm/parsing/parsePackagesFromInstallArgs.js
View file

@ -1,4 +1,21 @@
/**
* @typedef {Object} PackageDetail
* @property {string} name
* @property {string} version
*/
/**
* @typedef {Object} NpmOption
* @property {string} name
* @property {number} numberOfParameters
*/
/**
* @param {string[]} args
* @returns {PackageDetail[]}
*/
export function parsePackagesFromInstallArgs(args) {
/** @type {{name: string, version: string | null}[]} */
const changes = [];
let defaultTag = "latest";
@ -32,9 +49,13 @@ export function parsePackagesFromInstallArgs(args) {
}
}
return changes;
return /** @type {PackageDetail[]} */ (changes);
}
/**
* @param {string} arg
* @returns {NpmOption | undefined}
*/
function getNpmOption(arg) {
if (isNpmOptionWithParameter(arg)) {
return {
@ -54,6 +75,10 @@ function getNpmOption(arg) {
return undefined;
}
/**
* @param {string} arg
* @returns {boolean}
*/
function isNpmOptionWithParameter(arg) {
const optionsWithParameters = [
"--access",
@ -81,6 +106,10 @@ function isNpmOptionWithParameter(arg) {
return optionsWithParameters.includes(arg);
}
/**
* @param {string} arg
* @returns {{name: string, version: string | null}}
*/
function parsePackagename(arg) {
arg = removeAlias(arg);
const lastAtIndex = arg.lastIndexOf("@");
@ -102,6 +131,10 @@ function parsePackagename(arg) {
};
}
/**
* @param {string} arg
* @returns {string}
*/
function removeAlias(arg) {
const aliasIndex = arg.indexOf("@npm:");
if (aliasIndex !== -1) {

36
packages/safe-chain/src/packagemanager/npm/runNpmCommand.js
View file

@ -2,6 +2,11 @@ import { ui } from "../../environment/userInteraction.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
/**
* @param {string[]} args
*
* @returns {Promise<{status: number}>}
*/
export async function runNpm(args) {
try {
const result = await safeSpawn("npm", args, {
@ -9,7 +14,7 @@ export async function runNpm(args) {
env: mergeSafeChainProxyEnvironmentVariables(process.env),
});
return { status: result.status };
} catch (error) {
} catch (/** @type any */ error) {
if (error.status) {
return { status: error.status };
} else {
@ -18,32 +23,3 @@ export async function runNpm(args) {
}
}
}
export async function dryRunNpmCommandAndOutput(args) {
try {
const result = await safeSpawn(
"npm",
[...args, "--ignore-scripts", "--dry-run"],
{
stdio: "pipe",
env: mergeSafeChainProxyEnvironmentVariables(process.env),
}
);
return {
status: result.status,
output: result.status === 0 ? result.stdout : result.stderr,
};
} catch (error) {
if (error.status) {
const output =
error.stdout?.toString() ??
error.stderr?.toString() ??
error.message ??
"";
return { status: error.status, output };
} else {
ui.writeError("Error executing command:", error.message);
return { status: 1 };
}
}
}

359
packages/safe-chain/src/packagemanager/npm/utils/abbrevs-generated.js Normal file
View file

@ -0,0 +1,359 @@
// This was ran with the abbrev package to generate the abbrevs object below
// console.log(abbrev(commands.concat(Object.keys(aliases))));
/** @type {Record<string, string>} */
export const abbrevs = {
ac: "access",
acc: "access",
acce: "access",
acces: "access",
access: "access",
add: "add",
"add-": "add-user",
"add-u": "add-user",
"add-us": "add-user",
"add-use": "add-user",
"add-user": "add-user",
addu: "adduser",
addus: "adduser",
adduse: "adduser",
adduser: "adduser",
aud: "audit",
audi: "audit",
audit: "audit",
aut: "author",
auth: "author",
autho: "author",
author: "author",
b: "bugs",
bu: "bugs",
bug: "bugs",
bugs: "bugs",
c: "c",
ca: "cache",
cac: "cache",
cach: "cache",
cache: "cache",
ci: "ci",
cit: "cit",
"clean-install": "clean-install",
"clean-install-": "clean-install-test",
"clean-install-t": "clean-install-test",
"clean-install-te": "clean-install-test",
"clean-install-tes": "clean-install-test",
"clean-install-test": "clean-install-test",
com: "completion",
comp: "completion",
compl: "completion",
comple: "completion",
complet: "completion",
completi: "completion",
completio: "completion",
completion: "completion",
con: "config",
conf: "config",
confi: "config",
config: "config",
cr: "create",
cre: "create",
crea: "create",
creat: "create",
create: "create",
dd: "ddp",
ddp: "ddp",
ded: "dedupe",
dedu: "dedupe",
dedup: "dedupe",
dedupe: "dedupe",
dep: "deprecate",
depr: "deprecate",
depre: "deprecate",
deprec: "deprecate",
depreca: "deprecate",
deprecat: "deprecate",
deprecate: "deprecate",
dif: "diff",
diff: "diff",
"dist-tag": "dist-tag",
"dist-tags": "dist-tags",
docs: "docs",
doct: "doctor",
docto: "doctor",
doctor: "doctor",
ed: "edit",
edi: "edit",
edit: "edit",
exe: "exec",
exec: "exec",
expla: "explain",
explai: "explain",
explain: "explain",
explo: "explore",
explor: "explore",
explore: "explore",
find: "find",
"find-": "find-dupes",
"find-d": "find-dupes",
"find-du": "find-dupes",
"find-dup": "find-dupes",
"find-dupe": "find-dupes",
"find-dupes": "find-dupes",
fu: "fund",
fun: "fund",
fund: "fund",
g: "get",
ge: "get",
get: "get",
help: "help",
"help-": "help-search",
"help-s": "help-search",
"help-se": "help-search",
"help-sea": "help-search",
"help-sear": "help-search",
"help-searc": "help-search",
"help-search": "help-search",
hl: "hlep",
hle: "hlep",
hlep: "hlep",
ho: "home",
hom: "home",
home: "home",
i: "i",
ic: "ic",
in: "in",
inf: "info",
info: "info",
ini: "init",
init: "init",
inn: "innit",
inni: "innit",
innit: "innit",
ins: "ins",
inst: "inst",
insta: "insta",
instal: "instal",
install: "install",
"install-ci": "install-ci-test",
"install-ci-": "install-ci-test",
"install-ci-t": "install-ci-test",
"install-ci-te": "install-ci-test",
"install-ci-tes": "install-ci-test",
"install-ci-test": "install-ci-test",
"install-cl": "install-clean",
"install-cle": "install-clean",
"install-clea": "install-clean",
"install-clean": "install-clean",
"install-t": "install-test",
"install-te": "install-test",
"install-tes": "install-test",
"install-test": "install-test",
isnt: "isnt",
isnta: "isnta",
isntal: "isntal",
isntall: "isntall",
"isntall-": "isntall-clean",
"isntall-c": "isntall-clean",
"isntall-cl": "isntall-clean",
"isntall-cle": "isntall-clean",
"isntall-clea": "isntall-clean",
"isntall-clean": "isntall-clean",
iss: "issues",
issu: "issues",
issue: "issues",
issues: "issues",
it: "it",
la: "la",
lin: "link",
link: "link",
lis: "list",
list: "list",
ll: "ll",
ln: "ln",
logi: "login",
login: "login",
logo: "logout",
logou: "logout",
logout: "logout",
ls: "ls",
og: "ogr",
ogr: "ogr",
or: "org",
org: "org",
ou: "outdated",
out: "outdated",
outd: "outdated",
outda: "outdated",
outdat: "outdated",
outdate: "outdated",
outdated: "outdated",
ow: "owner",
own: "owner",
owne: "owner",
owner: "owner",
pa: "pack",
pac: "pack",
pack: "pack",
pi: "ping",
pin: "ping",
ping: "ping",
pk: "pkg",
pkg: "pkg",
pre: "prefix",
pref: "prefix",
prefi: "prefix",
prefix: "prefix",
pro: "profile",
prof: "profile",
profi: "profile",
profil: "profile",
profile: "profile",
pru: "prune",
prun: "prune",
prune: "prune",
pu: "publish",
pub: "publish",
publ: "publish",
publi: "publish",
publis: "publish",
publish: "publish",
q: "query",
qu: "query",
que: "query",
quer: "query",
query: "query",
r: "r",
rb: "rb",
reb: "rebuild",
rebu: "rebuild",
rebui: "rebuild",
rebuil: "rebuild",
rebuild: "rebuild",
rem: "remove",
remo: "remove",
remov: "remove",
remove: "remove",
rep: "repo",
repo: "repo",
res: "restart",
rest: "restart",
resta: "restart",
restar: "restart",
restart: "restart",
rm: "rm",
ro: "root",
roo: "root",
root: "root",
rum: "rum",
run: "run",
"run-": "run-script",
"run-s": "run-script",
"run-sc": "run-script",
"run-scr": "run-script",
"run-scri": "run-script",
"run-scrip": "run-script",
"run-script": "run-script",
s: "s",
sb: "sbom",
sbo: "sbom",
sbom: "sbom",
se: "se",
sea: "search",
sear: "search",
searc: "search",
search: "search",
set: "set",
sho: "show",
show: "show",
shr: "shrinkwrap",
shri: "shrinkwrap",
shrin: "shrinkwrap",
shrink: "shrinkwrap",
shrinkw: "shrinkwrap",
shrinkwr: "shrinkwrap",
shrinkwra: "shrinkwrap",
shrinkwrap: "shrinkwrap",
si: "sit",
sit: "sit",
star: "star",
stars: "stars",
start: "start",
sto: "stop",
stop: "stop",
t: "t",
tea: "team",
team: "team",
tes: "test",
test: "test",
to: "token",
tok: "token",
toke: "token",
token: "token",
ts: "tst",
tst: "tst",
ud: "udpate",
udp: "udpate",
udpa: "udpate",
udpat: "udpate",
udpate: "udpate",
un: "un",
und: "undeprecate",
unde: "undeprecate",
undep: "undeprecate",
undepr: "undeprecate",
undepre: "undeprecate",
undeprec: "undeprecate",
undepreca: "undeprecate",
undeprecat: "undeprecate",
undeprecate: "undeprecate",
uni: "uninstall",
unin: "uninstall",
unins: "uninstall",
uninst: "uninstall",
uninsta: "uninstall",
uninstal: "uninstall",
uninstall: "uninstall",
unl: "unlink",
unli: "unlink",
unlin: "unlink",
unlink: "unlink",
unp: "unpublish",
unpu: "unpublish",
unpub: "unpublish",
unpubl: "unpublish",
unpubli: "unpublish",
unpublis: "unpublish",
unpublish: "unpublish",
uns: "unstar",
unst: "unstar",
unsta: "unstar",
unstar: "unstar",
up: "up",
upd: "update",
upda: "update",
updat: "update",
update: "update",
upg: "upgrade",
upgr: "upgrade",
upgra: "upgrade",
upgrad: "upgrade",
upgrade: "upgrade",
ur: "urn",
urn: "urn",
v: "v",
veri: "verison",
veris: "verison",
veriso: "verison",
verison: "verison",
vers: "version",
versi: "version",
versio: "version",
version: "version",
vi: "view",
vie: "view",
view: "view",
who: "whoami",
whoa: "whoami",
whoam: "whoami",
whoami: "whoami",
why: "why",
x: "x",
};

9
packages/safe-chain/src/packagemanager/npm/utils/cmd-list.js
View file

@ -1,6 +1,6 @@
// Based on https://github.com/npm/cli/blob/latest/lib/utils/cmd-list.js
import abbrev from "abbrev";
import { abbrevs } from "./abbrevs-generated.js";
const commands = [
"access",
@ -73,6 +73,7 @@ const commands = [
];
// These must resolve to an entry in commands
/** @type {Record<string, string>} */
const aliases = {
// aliases
author: "owner",
@ -138,6 +139,10 @@ const aliases = {
"add-user": "adduser",
};
/**
* @param {string} c
* @returns {string | undefined}
*/
export function deref(c) {
if (!c) {
return;
@ -158,8 +163,6 @@ export function deref(c) {
return aliases[c];
}
const abbrevs = abbrev(commands.concat(Object.keys(aliases)));
// first deref the abbrev, if there is one
// then resolve any aliases
// so `npm install-cl` will resolve to `install-clean` then to `ci`

8
packages/safe-chain/src/packagemanager/npm/utils/npmCommands.js
View file

@ -1,5 +1,9 @@
import { deref } from "./cmd-list.js";
/**
* @param {string[]} args
* @returns {string | null}
*/
export function getNpmCommandForArgs(args) {
if (args.length === 0) {
return null;
@ -13,6 +17,10 @@ export function getNpmCommandForArgs(args) {
return argCommand;
}
/**
* @param {string[]} args
* @returns {boolean}
*/
export function hasDryRunArg(args) {
return args.some((arg) => arg === "--dry-run");
}

3
packages/safe-chain/src/packagemanager/npx/createPackageManager.js
View file

@ -1,6 +1,9 @@
import { commandArgumentScanner } from "./dependencyScanner/commandArgumentScanner.js";
import { runNpx } from "./runNpxCommand.js";
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createNpxPackageManager() {
const scanner = commandArgumentScanner();

12
packages/safe-chain/src/packagemanager/npx/dependencyScanner/commandArgumentScanner.js
View file

@ -1,16 +1,28 @@
import { resolvePackageVersion } from "../../../api/npmApi.js";
import { parsePackagesFromArguments } from "../parsing/parsePackagesFromArguments.js";
/**
* @returns {import("../../npm/dependencyScanner/commandArgumentScanner.js").CommandArgumentScanner}
*/
export function commandArgumentScanner() {
return {
scan: (args) => scanDependencies(args),
shouldScan: () => true, // all npx commands need to be scanned, npx doesn't have dry-run
};
}
/**
* @param {string[]} args
* @returns {Promise<import("../../npm/dependencyScanner/commandArgumentScanner.js").ScanResult[]>}
*/
function scanDependencies(args) {
return checkChangesFromArgs(args);
}
/**
* @param {string[]} args
* @returns {Promise<import("../../npm/dependencyScanner/commandArgumentScanner.js").ScanResult[]>}
*/
export async function checkChangesFromArgs(args) {
const changes = [];
const packageUpdates = parsePackagesFromArguments(args);

22
packages/safe-chain/src/packagemanager/npx/parsing/parsePackagesFromArguments.js
View file

@ -1,3 +1,8 @@
/**
* @param {string[]} args
*
* @returns {{name: string, version: string}[]}
*/
export function parsePackagesFromArguments(args) {
let defaultTag = "latest";
@ -21,6 +26,10 @@ export function parsePackagesFromArguments(args) {
return [];
}
/**
* @param {string} arg
* @returns {{name: string, numberOfParameters: number} | undefined}
*/
function getOption(arg) {
if (isOptionWithParameter(arg)) {
return {
@ -41,6 +50,10 @@ function getOption(arg) {
return undefined;
}
/**
* @param {string} arg
* @returns {boolean}
*/
function isOptionWithParameter(arg) {
const optionsWithParameters = [
"--access",
@ -68,6 +81,11 @@ function isOptionWithParameter(arg) {
return optionsWithParameters.includes(arg);
}
/**
* @param {string} arg
* @param {string} defaultTag
* @returns {{name: string, version: string}}
*/
function parsePackagename(arg, defaultTag) {
// format can be --package=name@version
// in that case, we need to remove the --package= part
@ -97,6 +115,10 @@ function parsePackagename(arg, defaultTag) {
};
}
/**
* @param {string} arg
* @returns {string}
*/
function removeAlias(arg) {
// removes the alias.
// Eg.: server@npm:http-server@latest becomes http-server@latest

7
packages/safe-chain/src/packagemanager/npx/runNpxCommand.js
View file

@ -2,6 +2,11 @@ import { ui } from "../../environment/userInteraction.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
/**
* @param {string[]} args
*
* @returns {Promise<{status: number}>}
*/
export async function runNpx(args) {
try {
const result = await safeSpawn("npx", args, {
@ -9,7 +14,7 @@ export async function runNpx(args) {
env: mergeSafeChainProxyEnvironmentVariables(process.env),
});
return { status: result.status };
} catch (error) {
} catch (/** @type any */ error) {
if (error.status) {
return { status: error.status };
} else {

25
packages/safe-chain/src/packagemanager/pip/createPackageManager.js Normal file
View file

@ -0,0 +1,25 @@
import { runPip } from "./runPipCommand.js";
import { PIP_COMMAND } from "./pipSettings.js";
/**
* @param {{ tool: string, args: string[] }} [context] - Optional context with tool name and args
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createPipPackageManager(context) {
const tool = context?.tool || PIP_COMMAND;
return {
/**
* @param {string[]} args
*/
runCommand: (args) => {
// Args from main.js are already stripped of --safe-chain-* flags
// We just pass the tool (e.g. "python3") and the args (e.g. ["-m", "pip", "install", ...])
return runPip(tool, args);
},
// For pip, rely solely on MITM proxy to detect/deny downloads from known registries.
isSupportedCommand: () => false,
getDependencyUpdatesForCommand: () => [],
};
}

57
packages/safe-chain/src/packagemanager/pip/createPackageManager.spec.js Normal file
View file

@ -0,0 +1,57 @@
import { test } from "node:test";
import assert from "node:assert";
import { createPipPackageManager } from "./createPackageManager.js";
test("createPipPackageManager", async (t) => {
await t.test("should create package manager with required interface", () => {
const pm = createPipPackageManager();
assert.ok(pm);
assert.strictEqual(typeof pm.runCommand, "function");
assert.strictEqual(typeof pm.isSupportedCommand, "function");
assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
});
await t.test("should accept pip3 as command parameter", () => {
const pm = createPipPackageManager("pip3");
assert.ok(pm);
});
await t.test("should support install, download, and wheel commands", () => {
const pm = createPipPackageManager();
// MITM-only approach, pip does not scan args
assert.strictEqual(pm.isSupportedCommand(["install", "requests"]), false);
assert.strictEqual(pm.isSupportedCommand(["download", "requests"]), false);
assert.strictEqual(pm.isSupportedCommand(["wheel", "requests"]), false);
});
await t.test("should not support uninstall and info commands", () => {
const pm = createPipPackageManager();
assert.strictEqual(pm.isSupportedCommand(["uninstall", "requests"]), false);
assert.strictEqual(pm.isSupportedCommand(["list"]), false);
assert.strictEqual(pm.isSupportedCommand(["show", "requests"]), false);
});
await t.test("should extract packages from install command", () => {
const pm = createPipPackageManager();
const result = pm.getDependencyUpdatesForCommand(["install", "requests==2.28.0"]);
assert.ok(Array.isArray(result));
assert.strictEqual(result.length, 0);
});
await t.test("should return empty array for unsupported commands", () => {
const pm = createPipPackageManager();
const result = pm.getDependencyUpdatesForCommand(["uninstall", "requests"]);
assert.ok(Array.isArray(result));
assert.strictEqual(result.length, 0);
});
await t.test("should handle empty args gracefully", () => {
const pm = createPipPackageManager();
assert.strictEqual(pm.isSupportedCommand([]), false);
assert.deepStrictEqual(pm.getDependencyUpdatesForCommand([]), []);
});
});

6
packages/safe-chain/src/packagemanager/pip/pipSettings.js Normal file
View file

@ -0,0 +1,6 @@
export const PIP_PACKAGE_MANAGER = "pip";
export const PIP_COMMAND = "pip";
export const PIP3_COMMAND = "pip3";
export const PYTHON_COMMAND = "python";
export const PYTHON3_COMMAND = "python3";

211
packages/safe-chain/src/packagemanager/pip/runPipCommand.js Normal file
View file

@ -0,0 +1,211 @@
import { ui } from "../../environment/userInteraction.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
import { PIP_COMMAND, PIP3_COMMAND, PYTHON_COMMAND, PYTHON3_COMMAND } from "./pipSettings.js";
import fs from "node:fs/promises";
import fsSync from "node:fs";
import os from "node:os";
import path from "node:path";
import ini from "ini";
/**
* Checks if this pip invocation should bypass safe-chain and spawn directly.
* Returns true if the tool is python/python3 but NOT being run with -m pip/pip3.
* @param {string} command - The command executable
* @param {string[]} args - The arguments
* @returns {boolean}
*/
function shouldBypassSafeChain(command, args) {
if (command === PYTHON_COMMAND || command === PYTHON3_COMMAND) {
// Check if args start with -m pip
if (args.length >= 2 && args[0] === "-m" && (args[1] === PIP_COMMAND || args[1] === PIP3_COMMAND)) {
return false;
}
return true;
}
return false;
}
/**
* Sets fallback CA bundle environment variables used by Python libraries.
* These are applied in addition to the PIP_CONFIG_FILE to ensure all Python
* network libraries respect the combined CA bundle, even if they don't read pip's config.
*
* @param {NodeJS.ProcessEnv} env - Environment object to modify
* @param {string} combinedCaPath - Path to the combined CA bundle
*/
function setFallbackCaBundleEnvironmentVariables(env, combinedCaPath) {
// REQUESTS_CA_BUNDLE: Used by the popular 'requests' library
if (env.REQUESTS_CA_BUNDLE) {
ui.writeWarning("Safe-chain: User defined REQUESTS_CA_BUNDLE found in environment. It will be overwritten.");
}
env.REQUESTS_CA_BUNDLE = combinedCaPath;
// SSL_CERT_FILE: Used by some Python SSL libraries and urllib
if (env.SSL_CERT_FILE) {
ui.writeWarning("Safe-chain: User defined SSL_CERT_FILE found in environment. It will be overwritten.");
}
env.SSL_CERT_FILE = combinedCaPath;
// PIP_CERT: Pip's own environment variable for certificate verification
if (env.PIP_CERT) {
ui.writeWarning("Safe-chain: User defined PIP_CERT found in environment. It will be overwritten.");
}
env.PIP_CERT = combinedCaPath;
}
/**
* Runs a pip command with safe-chain's certificate bundle and proxy configuration.
*
* Creates a temporary pip config file to configure:
* - Cert bundle for HTTPS verification
* - Proxy settings
*
* If the user has an existing PIP_CONFIG_FILE, a new temporary config is created that merges
* their settings with safe-chain's, leaving the original file unchanged.
*
* Special handling for commands that modify config/cache/state: PIP_CONFIG_FILE is NOT overridden to allow
* users to read/write persistent config. Only CA environment variables are set for these commands.
*
* @param {string} command - The pip command executable (e.g., 'pip3' or 'python3')
* @param {string[]} args - Command line arguments to pass to pip
* @returns {Promise<{status: number}>} Exit status of the pip command
*/
export async function runPip(command, args) {
// Check if we should bypass safe-chain (python/python3 without -m pip)
if (shouldBypassSafeChain(command, args)) {
ui.writeVerbose(`Safe-chain: Bypassing safe-chain for non-pip invocation: ${command} ${args.join(" ")}`);
// Spawn the ORIGINAL command with ORIGINAL args
const { spawn } = await import("child_process");
return new Promise((_resolve) => {
const proc = spawn(command, args, { stdio: "inherit" });
proc.on("exit", (/** @type {number | null} */ code) => {
process.exit(code ?? 0);
});
proc.on("error", (/** @type {Error} */ err) => {
ui.writeError(`Error executing command: ${err.message}`);
process.exit(1);
});
});
}
try {
const env = mergeSafeChainProxyEnvironmentVariables(process.env);
// Always provide Python with a complete CA bundle (Safe Chain CA + Mozilla + Node built-in roots)
// so that any network request made by pip, including those outside explicit CLI args,
// validates correctly under both MITM'd and tunneled HTTPS.
const combinedCaPath = getCombinedCaBundlePath();
// Commands that need access to persistent config/cache/state files
// These should not have PIP_CONFIG_FILE overridden as it would prevent them from
// reading/writing to the user's actual pip configuration and cache directories
const configRelatedCommands = ['config', 'cache', 'debug', 'completion'];
const isConfigRelatedCommand = args.length > 0 && configRelatedCommands.includes(args[0]);
// https://pip.pypa.io/en/stable/topics/https-certificates/ explains that the 'cert' param (which we're providing via INI file)
// will tell pip to use the provided CA bundle for HTTPS verification.
// Proxy settings: GLOBAL_AGENT_HTTP_PROXY is our safe-chain proxy (if active),
// otherwise fall back to user-defined HTTPS_PROXY or HTTP_PROXY environment variables
const proxy = env.GLOBAL_AGENT_HTTP_PROXY || env.HTTPS_PROXY || env.HTTP_PROXY || '';
const tmpDir = os.tmpdir();
const pipConfigPath = path.join(tmpDir, `safe-chain-pip-${Date.now()}.ini`);
let cleanupConfigPath = null; // Track temp file for cleanup
if (isConfigRelatedCommand) {
ui.writeVerbose(`Safe-chain: Skipping PIP_CONFIG_FILE override for 'pip ${args[0]}' command to allow persistent config/cache access.`);
// Still set the fallback CA bundle environment variables to avoid edge cases where a
// plugin or extension triggers a network call during config introspection
// This can do no harm
setFallbackCaBundleEnvironmentVariables(env, combinedCaPath);
const result = await safeSpawn(command, args, {
stdio: "inherit",
env,
});
return { status: result.status };
}
// Note: Setting PIP_CONFIG_FILE overrides all pip config levels (Global/User/Site) per pip's loading order
if (!env.PIP_CONFIG_FILE) {
/** @type {{ global: { cert: string, proxy?: string } }} */
const configObj = { global: { cert: combinedCaPath } };
if (proxy) {
configObj.global.proxy = proxy;
}
const pipConfig = ini.stringify(configObj);
await fs.writeFile(pipConfigPath, pipConfig);
env.PIP_CONFIG_FILE = pipConfigPath;
cleanupConfigPath = pipConfigPath;
} else if (fsSync.existsSync(env.PIP_CONFIG_FILE)) {
ui.writeVerbose("Safe-chain: Merging user provided PIP_CONFIG_FILE with safe-chain certificate and proxy settings.");
const userConfig = env.PIP_CONFIG_FILE;
// Read the existing config without modifying it
let content = await fs.readFile(userConfig, "utf-8");
const parsed = ini.parse(content);
// Ensure [global] section exists
parsed.global = parsed.global || {};
// Cert
if (typeof parsed.global.cert !== "undefined") {
ui.writeWarning("Safe-chain: User defined cert found in PIP_CONFIG_FILE. It will be overwritten in the temporary config.");
}
parsed.global.cert = combinedCaPath;
// Proxy
if (typeof parsed.global.proxy !== "undefined") {
ui.writeWarning("Safe-chain: User defined proxy found in PIP_CONFIG_FILE. It will be overwritten in the temporary config.");
}
if (proxy) {
parsed.global.proxy = proxy;
}
const updated = ini.stringify(parsed);
// Save to a new temp file to avoid overwriting user's original config
await fs.writeFile(pipConfigPath, updated, "utf-8");
env.PIP_CONFIG_FILE = pipConfigPath;
cleanupConfigPath = pipConfigPath;
} else {
// The user provided PIP_CONFIG_FILE does not exist on disk
// PIP will handle this as an error and inform the user
}
// Set fallback CA bundle environment variables for Python libraries that don't read pip config
setFallbackCaBundleEnvironmentVariables(env, combinedCaPath);
const result = await safeSpawn(command, args, {
stdio: "inherit",
env,
});
// Cleanup temporary config file if we created one
if (cleanupConfigPath) {
try {
await fs.unlink(cleanupConfigPath);
} catch {
// Ignore cleanup errors - the file may have already been deleted or is inaccessible
// Temp files in os.tmpdir() may eventually be cleaned by the OS, but timing varies by platform
}
}
return { status: result.status };
} catch (/** @type any */ error) {
if (error.status) {
return { status: error.status };
} else {
ui.writeError(`Error executing command: ${error.message}`);
ui.writeError(`Is '${command}' installed and available on your system?`);
return { status: 1 };
}
}
}

400
packages/safe-chain/src/packagemanager/pip/runPipCommand.spec.js Normal file
View file

@ -0,0 +1,400 @@
import { describe, it, beforeEach, afterEach, mock } from "node:test";
import assert from "node:assert";
import fs from "node:fs/promises";
import os from "node:os";
import path from "node:path";
import ini from "ini";
describe("runPipCommand environment variable handling", () => {
let runPip;
let capturedArgs = null;
let customEnv = null;
let capturedConfigContent = null; // Capture config file content before cleanup
beforeEach(async () => {
capturedArgs = null;
capturedConfigContent = null;
// Mock safeSpawn to capture args and config file content before cleanup
mock.module("../../utils/safeSpawn.js", {
namedExports: {
safeSpawn: async (command, args, options) => {
capturedArgs = { command, args, options };
// Capture the config file content before the function cleans it up
if (options.env.PIP_CONFIG_FILE) {
try {
capturedConfigContent = await fs.readFile(options.env.PIP_CONFIG_FILE, "utf-8");
} catch {
// Ignore if file doesn't exist or can't be read
}
}
return { status: 0 };
},
},
});
// Mock proxy env merge, allow custom env override
mock.module("../../registryProxy/registryProxy.js", {
namedExports: {
mergeSafeChainProxyEnvironmentVariables: (env) => ({
...env,
...customEnv,
// Force deterministic proxy for tests regardless of ambient env
GLOBAL_AGENT_HTTP_PROXY: "http://localhost:8080",
HTTPS_PROXY: "http://localhost:8080",
HTTP_PROXY: "",
}),
},
});
// Mock certBundle to return a test combined bundle path
mock.module("../../registryProxy/certBundle.js", {
namedExports: {
getCombinedCaBundlePath: () => "/tmp/test-combined-ca.pem",
},
});
const mod = await import("./runPipCommand.js");
runPip = mod.runPip;
});
afterEach(() => {
mock.reset();
});
it("should NOT set PIP_CONFIG_FILE for 'pip config' commands to allow persistent config access", async () => {
const res = await runPip("pip3", ["config", "set", "global.index-url", "https://test.pypi.org/simple"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
// PIP_CONFIG_FILE should NOT be set for config commands
assert.strictEqual(
capturedArgs.options.env.PIP_CONFIG_FILE,
undefined,
"PIP_CONFIG_FILE should NOT be set for pip config commands"
);
// But CA environment variables should still be set
assert.strictEqual(
capturedArgs.options.env.REQUESTS_CA_BUNDLE,
"/tmp/test-combined-ca.pem",
"REQUESTS_CA_BUNDLE should still be set"
);
assert.strictEqual(
capturedArgs.options.env.SSL_CERT_FILE,
"/tmp/test-combined-ca.pem",
"SSL_CERT_FILE should still be set"
);
assert.strictEqual(
capturedArgs.options.env.PIP_CERT,
"/tmp/test-combined-ca.pem",
"PIP_CERT should still be set"
);
});
it("should NOT set PIP_CONFIG_FILE for 'pip config get' commands", async () => {
const res = await runPip("pip3", ["config", "get", "global.index-url"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
assert.strictEqual(
capturedArgs.options.env.PIP_CONFIG_FILE,
undefined,
"PIP_CONFIG_FILE should NOT be set for pip config get"
);
});
it("should NOT set PIP_CONFIG_FILE for 'pip config list' commands", async () => {
const res = await runPip("pip3", ["config", "list"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
assert.strictEqual(
capturedArgs.options.env.PIP_CONFIG_FILE,
undefined,
"PIP_CONFIG_FILE should NOT be set for pip config list"
);
});
it("should NOT set PIP_CONFIG_FILE for 'pip cache' commands", async () => {
const res = await runPip("pip3", ["cache", "dir"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
assert.strictEqual(
capturedArgs.options.env.PIP_CONFIG_FILE,
undefined,
"PIP_CONFIG_FILE should NOT be set for pip cache commands"
);
// CA env vars should still be set
assert.strictEqual(
capturedArgs.options.env.SSL_CERT_FILE,
"/tmp/test-combined-ca.pem",
"SSL_CERT_FILE should still be set"
);
});
it("should NOT set PIP_CONFIG_FILE for 'pip debug' commands", async () => {
const res = await runPip("pip3", ["debug"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
assert.strictEqual(
capturedArgs.options.env.PIP_CONFIG_FILE,
undefined,
"PIP_CONFIG_FILE should NOT be set for pip debug"
);
});
it("should NOT set PIP_CONFIG_FILE for 'pip completion' commands", async () => {
const res = await runPip("pip3", ["completion", "--bash"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
assert.strictEqual(
capturedArgs.options.env.PIP_CONFIG_FILE,
undefined,
"PIP_CONFIG_FILE should NOT be set for pip completion"
);
});
it("should set PIP_CERT env var and create config file", async () => {
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
// Check PIP_CERT env var
assert.strictEqual(
capturedArgs.options.env.PIP_CERT,
"/tmp/test-combined-ca.pem",
"PIP_CERT should be set to combined bundle path"
);
// Check PIP_CONFIG_FILE env var exists and is a non-empty string
const configPath = capturedArgs.options.env.PIP_CONFIG_FILE;
assert.ok(configPath, "PIP_CONFIG_FILE should be set");
assert.strictEqual(typeof configPath, "string", "PIP_CONFIG_FILE should be a string");
assert.ok(configPath.length > 0, "PIP_CONFIG_FILE should be a non-empty path");
});
it("should set REQUESTS_CA_BUNDLE and SSL_CERT_FILE for default PyPI (no explicit index)", async () => {
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedArgs, "safeSpawn should have been called");
// Check environment variables are set
assert.strictEqual(
capturedArgs.options.env.REQUESTS_CA_BUNDLE,
"/tmp/test-combined-ca.pem",
"REQUESTS_CA_BUNDLE should be set to combined bundle path"
);
assert.strictEqual(
capturedArgs.options.env.SSL_CERT_FILE,
"/tmp/test-combined-ca.pem",
"SSL_CERT_FILE should be set to combined bundle path"
);
});
it("should set CA environment variables even for external/test PyPI mirror (covers non-CLI traffic)", async () => {
const res = await runPip("pip3", [
"install",
"certifi",
"--index-url",
"https://test.pypi.org/simple",
]);
assert.strictEqual(res.status, 0);
// Env vars should be set unconditionally
assert.strictEqual(
capturedArgs.options.env.REQUESTS_CA_BUNDLE,
"/tmp/test-combined-ca.pem"
);
assert.strictEqual(
capturedArgs.options.env.SSL_CERT_FILE,
"/tmp/test-combined-ca.pem"
);
});
it("should still set CA env vars for PyPI even with user --cert flag", async () => {
// For default PyPI, we still set env vars; pip CLI --cert takes precedence
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
// Environment variables still set (pip CLI --cert takes precedence)
assert.strictEqual(
capturedArgs.options.env.REQUESTS_CA_BUNDLE,
"/tmp/test-combined-ca.pem"
);
assert.strictEqual(
capturedArgs.options.env.SSL_CERT_FILE,
"/tmp/test-combined-ca.pem"
);
});
it("should preserve HTTPS_PROXY from proxy merge", async () => {
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
assert.strictEqual(
capturedArgs.options.env.HTTPS_PROXY,
"http://localhost:8080",
"HTTPS_PROXY should be set by proxy merge"
);
});
it("should create a new temp config when existing config exists (original file untouched)", async () => {
const tmpDir = os.tmpdir();
const userCfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
const initial = "[global]\nindex-url = https://example.com/simple\n";
await fs.writeFile(userCfgPath, initial, "utf-8");
customEnv = { PIP_CONFIG_FILE: userCfgPath };
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
assert.notStrictEqual(newCfgPath, userCfgPath, "should point to a new temp config file");
// Original file unchanged
const originalContent = await fs.readFile(userCfgPath, "utf-8");
const originalParsed = ini.parse(originalContent);
assert.strictEqual(originalParsed.global.cert, undefined, "original file should not gain cert");
// New file has merged settings (read from captured content before cleanup)
assert.ok(capturedConfigContent, "config content should have been captured");
const newParsed = ini.parse(capturedConfigContent);
assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "new config should include cert");
assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "new config should include proxy from env");
assert.strictEqual(newParsed.global["index-url"], "https://example.com/simple", "index-url should be preserved");
customEnv = null;
});
it("should create new config with proxy set from env (ini-validated)", async () => {
// No PIP_CONFIG_FILE in env => creation path
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
assert.ok(capturedConfigContent, "config content should have been captured");
const parsed = ini.parse(capturedConfigContent);
assert.ok(parsed.global, "[global] should exist after creation");
assert.strictEqual(
parsed.global.proxy,
"http://localhost:8080",
"proxy should be set from merged env"
);
assert.strictEqual(
parsed.global.cert,
"/tmp/test-combined-ca.pem",
"cert should be set during creation"
);
});
it("should create new temp config adding cert but preserving existing proxy (original file unchanged)", async () => {
const tmpDir = os.tmpdir();
const userCfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
const initial = "[global]\nproxy = http://original:9999\n";
await fs.writeFile(userCfgPath, initial, "utf-8");
customEnv = { PIP_CONFIG_FILE: userCfgPath };
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
assert.notStrictEqual(newCfgPath, userCfgPath, "should use a new temp config file");
// Original file unchanged
const originalParsed = ini.parse(await fs.readFile(userCfgPath, "utf-8"));
assert.strictEqual(originalParsed.global.cert, undefined, "original file should not gain cert");
assert.strictEqual(originalParsed.global.proxy, "http://original:9999", "original proxy remains");
// New file: cert and proxy always overwritten (read from captured content)
assert.ok(capturedConfigContent, "config content should have been captured");
const newParsed = ini.parse(capturedConfigContent);
assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "cert always overwritten in temp config");
assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "proxy always overwritten in temp config");
customEnv = null;
});
it("should create new temp config preserving existing cert and proxy while leaving original file unchanged", async () => {
const tmpDir = os.tmpdir();
const cfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
const initialIni = [
"[global]",
"cert = /path/to/existing.pem",
"proxy = http://original:9999",
""
].join("\n");
await fs.writeFile(cfgPath, initialIni, "utf-8");
customEnv = { PIP_CONFIG_FILE: cfgPath };
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0, "execution should succeed");
const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
assert.notStrictEqual(newCfgPath, cfgPath, "should use a newly generated temp config file");
// Original file stays untouched
const originalContent = await fs.readFile(cfgPath, "utf-8");
const originalParsed = ini.parse(originalContent);
assert.strictEqual(originalParsed.global.cert, "/path/to/existing.pem", "original cert preserved");
assert.strictEqual(originalParsed.global.proxy, "http://original:9999", "original proxy preserved");
// New temp config: cert and proxy always overwritten (read from captured content)
assert.ok(capturedConfigContent, "config content should have been captured");
const newParsed = ini.parse(capturedConfigContent);
assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "cert always overwritten in temp config");
assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "proxy always overwritten in temp config");
customEnv = null;
});
it("should create new temp config preserving existing cert and adding missing proxy", async () => {
const tmpDir = os.tmpdir();
const userCfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
const initial = "[global]\ncert = /path/to/existing.pem\n";
await fs.writeFile(userCfgPath, initial, "utf-8");
customEnv = { PIP_CONFIG_FILE: userCfgPath };
const res = await runPip("pip3", ["install", "requests"]);
assert.strictEqual(res.status, 0);
const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
assert.notStrictEqual(newCfgPath, userCfgPath, "should produce a new temp config file");
// Original remains unchanged
const originalParsed = ini.parse(await fs.readFile(userCfgPath, "utf-8"));
assert.strictEqual(originalParsed.global.cert, "/path/to/existing.pem", "original cert unchanged");
assert.strictEqual(originalParsed.global.proxy, undefined, "original proxy still missing");
// New file: cert and proxy always overwritten (read from captured content)
assert.ok(capturedConfigContent, "config content should have been captured");
const newParsed = ini.parse(capturedConfigContent);
assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "cert always overwritten in temp config");
assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "proxy always overwritten in temp config");
customEnv = null;
});
it("should log warnings when cert and proxy are already set in user config file", async () => {
const tmpDir = os.tmpdir();
const cfgPath = path.join(tmpDir, `safe-chain-test-pip-warn-${Date.now()}.ini`);
const initialIni = [
"[global]",
"cert = /user/cert.pem",
"proxy = http://user-proxy:9999",
""
].join("\n");
await fs.writeFile(cfgPath, initialIni, "utf-8");
customEnv = { PIP_CONFIG_FILE: cfgPath };
// Capture stdout/stderr
let output = "";
const originalWrite = process.stdout.write;
const originalError = process.stderr.write;
process.stdout.write = (chunk, ...args) => { output += chunk; return originalWrite.apply(process.stdout, [chunk, ...args]); };
process.stderr.write = (chunk, ...args) => { output += chunk; return originalError.apply(process.stderr, [chunk, ...args]); };
await runPip("pip3", ["install", "requests"]);
process.stdout.write = originalWrite;
process.stderr.write = originalError;
assert.ok(output.includes("cert found in PIP_CONFIG_FILE"), "Should warn about cert overwrite in output");
assert.ok(output.includes("proxy found in PIP_CONFIG_FILE"), "Should warn about proxy overwrite in output");
customEnv = null;
});
});

11
packages/safe-chain/src/packagemanager/pnpm/createPackageManager.js
View file

@ -4,6 +4,9 @@ import { runPnpmCommand } from "./runPnpmCommand.js";
const scanner = commandArgumentScanner();
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createPnpmPackageManager() {
return {
runCommand: (args) => runPnpmCommand(args, "pnpm"),
@ -23,6 +26,9 @@ export function createPnpmPackageManager() {
};
}
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createPnpxPackageManager() {
return {
runCommand: (args) => runPnpmCommand(args, "pnpx"),
@ -32,6 +38,11 @@ export function createPnpxPackageManager() {
};
}
/**
* @param {string[]} args
* @param {boolean} isPnpx
* @returns {ReturnType<import("../currentPackageManager.js").PackageManager["getDependencyUpdatesForCommand"]>}
*/
function getDependencyUpdatesForCommand(args, isPnpx) {
if (isPnpx) {
return scanner.scan(args);

7
packages/safe-chain/src/packagemanager/pnpm/dependencyScanner/commandArgumentScanner.js
View file

@ -1,6 +1,9 @@
import { resolvePackageVersion } from "../../../api/npmApi.js";
import { parsePackagesFromArguments } from "../parsing/parsePackagesFromArguments.js";
/**
* @returns {import("../../npm/dependencyScanner/commandArgumentScanner.js").CommandArgumentScanner}
*/
export function commandArgumentScanner() {
return {
scan: (args) => scanDependencies(args),
@ -8,6 +11,10 @@ export function commandArgumentScanner() {
};
}
/**
* @param {string[]} args
* @returns {Promise<import("../../npm/dependencyScanner/commandArgumentScanner.js").ScanResult[]>}
*/
async function scanDependencies(args) {
const changes = [];
const packageUpdates = parsePackagesFromArguments(args);

21
packages/safe-chain/src/packagemanager/pnpm/parsing/parsePackagesFromArguments.js
View file

@ -1,3 +1,7 @@
/**
* @param {string[]} args
* @returns {{name: string, version: string}[]}
*/
export function parsePackagesFromArguments(args) {
const changes = [];
let defaultTag = "latest";
@ -22,6 +26,10 @@ export function parsePackagesFromArguments(args) {
return changes;
}
/**
* @param {string} arg
* @returns {{name: string, numberOfParameters: number} | undefined}
*/
function getOption(arg) {
if (isOptionWithParameter(arg)) {
return {
@ -42,12 +50,21 @@ function getOption(arg) {
return undefined;
}
/**
* @param {string} arg
* @returns {boolean}
*/
function isOptionWithParameter(arg) {
const optionsWithParameters = ["--C", "--dir"];
return optionsWithParameters.includes(arg);
}
/**
* @param {string} arg
* @param {string} defaultTag
* @returns {{name: string, version: string}}
*/
function parsePackagename(arg, defaultTag) {
// format can be --package=name@version
// in that case, we need to remove the --package= part
@ -77,6 +94,10 @@ function parsePackagename(arg, defaultTag) {
};
}
/**
* @param {string} arg
* @returns {string}
*/
function removeAlias(arg) {
// removes the alias.
// Eg.: server@npm:http-server@latest becomes http-server@latest

7
packages/safe-chain/src/packagemanager/pnpm/runPnpmCommand.js
View file

@ -2,6 +2,11 @@ import { ui } from "../../environment/userInteraction.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
/**
* @param {string[]} args
* @param {string} [toolName]
* @returns {Promise<{status: number}>}
*/
export async function runPnpmCommand(args, toolName = "pnpm") {
try {
let result;
@ -20,7 +25,7 @@ export async function runPnpmCommand(args, toolName = "pnpm") {
}
return { status: result.status };
} catch (error) {
} catch (/** @type any */ error) {
if (error.status) {
return { status: error.status };
} else {

18
packages/safe-chain/src/packagemanager/uv/createUvPackageManager.js Normal file
View file

@ -0,0 +1,18 @@
import { runUv } from "./runUvCommand.js";
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createUvPackageManager() {
return {
/**
* @param {string[]} args
*/
runCommand: (args) => {
return runUv("uv", args);
},
// For uv, rely solely on MITM
isSupportedCommand: () => false,
getDependencyUpdatesForCommand: () => [],
};
}

14
packages/safe-chain/src/packagemanager/uv/createUvPackageManager.spec.js Normal file
View file

@ -0,0 +1,14 @@
import { test } from "node:test";
import assert from "node:assert";
import { createUvPackageManager } from "./createUvPackageManager.js";
test("createUvPackageManager", async (t) => {
await t.test("should create package manager with required interface", () => {
const pm = createUvPackageManager();
assert.ok(pm);
assert.strictEqual(typeof pm.runCommand, "function");
assert.strictEqual(typeof pm.isSupportedCommand, "function");
assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
});
});

71
packages/safe-chain/src/packagemanager/uv/runUvCommand.js Normal file
View file

@ -0,0 +1,71 @@
import { ui } from "../../environment/userInteraction.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
/**
* Sets CA bundle environment variables used by Python libraries and uv.
*
* @param {NodeJS.ProcessEnv} env - Env object
* @param {string} combinedCaPath - Path to the combined CA bundle
*/
function setUvCaBundleEnvironmentVariables(env, combinedCaPath) {
// SSL_CERT_FILE: Used by Python SSL libraries and underlying HTTP clients
if (env.SSL_CERT_FILE) {
ui.writeWarning("Safe-chain: User defined SSL_CERT_FILE found in environment. It will be overwritten.");
}
env.SSL_CERT_FILE = combinedCaPath;
// REQUESTS_CA_BUNDLE: Used by the requests library (which uv may use internally)
if (env.REQUESTS_CA_BUNDLE) {
ui.writeWarning("Safe-chain: User defined REQUESTS_CA_BUNDLE found in environment. It will be overwritten.");
}
env.REQUESTS_CA_BUNDLE = combinedCaPath;
// PIP_CERT: Some underlying pip operations may respect this
if (env.PIP_CERT) {
ui.writeWarning("Safe-chain: User defined PIP_CERT found in environment. It will be overwritten.");
}
env.PIP_CERT = combinedCaPath;
}
/**
* Runs a uv command with safe-chain's certificate bundle and proxy configuration.
*
* uv respects standard environment variables for proxy and TLS configuration:
* - HTTP_PROXY / HTTPS_PROXY: Proxy settings
* - SSL_CERT_FILE / REQUESTS_CA_BUNDLE: CA bundle for TLS verification
*
* Unlike pip (which requires a temporary config file for cert configuration), uv directly
* honors environment variables, so no config/ini file is needed.
*
* @param {string} command - The uv command to execute (typically 'uv')
* @param {string[]} args - Command line arguments to pass to uv
* @returns {Promise<{status: number}>} Exit status of the uv command
*/
export async function runUv(command, args) {
try {
const env = mergeSafeChainProxyEnvironmentVariables(process.env);
const combinedCaPath = getCombinedCaBundlePath();
setUvCaBundleEnvironmentVariables(env, combinedCaPath);
// Note: uv uses HTTPS_PROXY and HTTP_PROXY environment variables for proxy configuration
// These are already set by mergeSafeChainProxyEnvironmentVariables
const result = await safeSpawn(command, args, {
stdio: "inherit",
env,
});
return { status: result.status };
} catch (/** @type any */ error) {
if (error.status) {
return { status: error.status };
} else {
ui.writeError(`Error executing command: ${error.message}`);
ui.writeError(`Is '${command}' installed and available on your system?`);
return { status: 1 };
}
}
}

8
packages/safe-chain/src/packagemanager/yarn/createPackageManager.js
View file

@ -3,6 +3,9 @@ import { runYarnCommand } from "./runYarnCommand.js";
const scanner = commandArgumentScanner();
/**
* @returns {import("../currentPackageManager.js").PackageManager}
*/
export function createYarnPackageManager() {
return {
runCommand: runYarnCommand,
@ -18,6 +21,11 @@ export function createYarnPackageManager() {
};
}
/**
* @param {string[]} args
* @param {...string} commandArgs
* @returns {boolean}
*/
function matchesCommand(args, ...commandArgs) {
if (args.length < commandArgs.length) {
return false;

7
packages/safe-chain/src/packagemanager/yarn/dependencyScanner/commandArgumentScanner.js
View file

@ -1,6 +1,9 @@
import { resolvePackageVersion } from "../../../api/npmApi.js";
import { parsePackagesFromArguments } from "../parsing/parsePackagesFromArguments.js";
/**
* @returns {import("../../npm/dependencyScanner/commandArgumentScanner.js").CommandArgumentScanner}
*/
export function commandArgumentScanner() {
return {
scan: (args) => scanDependencies(args),
@ -8,6 +11,10 @@ export function commandArgumentScanner() {
};
}
/**
* @param {string[]} args
* @returns {Promise<import("../../npm/dependencyScanner/commandArgumentScanner.js").ScanResult[]>}
*/
async function scanDependencies(args) {
const changes = [];
const packageUpdates = parsePackagesFromArguments(args);

24
packages/safe-chain/src/packagemanager/yarn/parsing/parsePackagesFromArguments.js
View file

@ -1,3 +1,7 @@
/**
* @param {string[]} args
* @returns {{name: string, version: string}[]}
*/
export function parsePackagesFromArguments(args) {
const changes = [];
let defaultTag = "latest";
@ -22,6 +26,11 @@ export function parsePackagesFromArguments(args) {
return changes;
}
/**
* @param {string} arg
*
* @returns {{name: string, numberOfParameters: number} | undefined}
*/
function getOption(arg) {
if (isOptionWithParameter(arg)) {
return {
@ -42,6 +51,11 @@ function getOption(arg) {
return undefined;
}
/**
* @param {string} arg
*
* @returns {boolean}
*/
function isOptionWithParameter(arg) {
const optionsWithParameters = [
"--use-yarnrc",
@ -64,6 +78,12 @@ function isOptionWithParameter(arg) {
return optionsWithParameters.includes(arg);
}
/**
* @param {string} arg
* @param {string} defaultTag
*
* @returns {{name: string, version: string}}
*/
function parsePackagename(arg, defaultTag) {
// format can be --package=name@version
// in that case, we need to remove the --package= part
@ -93,6 +113,10 @@ function parsePackagename(arg, defaultTag) {
};
}
/**
* @param {string} arg
* @returns {string}
*/
function removeAlias(arg) {
// removes the alias.
// Eg.: server@npm:http-server@latest becomes http-server@latest

40
packages/safe-chain/src/packagemanager/yarn/runYarnCommand.js
View file

@ -2,6 +2,11 @@ import { ui } from "../../environment/userInteraction.js";
import { safeSpawn } from "../../utils/safeSpawn.js";
import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
/**
* @param {string[]} args
*
* @returns {Promise<{status: number}>}
*/
export async function runYarnCommand(args) {
try {
const env = mergeSafeChainProxyEnvironmentVariables(process.env);
@ -12,7 +17,7 @@ export async function runYarnCommand(args) {
env,
});
return { status: result.status };
} catch (error) {
} catch (/** @type any */ error) {
if (error.status) {
return { status: error.status };
} else {
@ -22,32 +27,15 @@ export async function runYarnCommand(args) {
}
}
/**
* @param {Record<string, string>} env
*
* @returns {Promise<void>}
*/
async function fixYarnProxyEnvironmentVariables(env) {
// Yarn ignores standard proxy environment variables HTTPS_PROXY and NODE_EXTRA_CA_CERTS
// Yarn ignores standard proxy environment variable HTTPS_PROXY
// It does respect NODE_EXTRA_CA_CERTS for custom CA certificates though.
// Don't use YARN_HTTPS_CA_FILE_PATH or YARN_CA_FILE_PATH though, it causes yarn to ignore all system CAs
// Yarn v2/v3 and v4+ use different environment variables for proxy and CA certs
// When setting all variables, yarn returns an error about conflicting variables
// - v2/v3: "Usage Error: Unrecognized or legacy configuration settings found: httpsCaFilePath"
// - v4+: "Usage Error: Unrecognized or legacy configuration settings found: caFilePath"
const version = await yarnVersion();
const majorVersion = parseInt(version.split(".")[0]);
if (majorVersion >= 4) {
env.YARN_HTTPS_PROXY = env.HTTPS_PROXY;
env.YARN_HTTPS_CA_FILE_PATH = env.NODE_EXTRA_CA_CERTS;
} else if (majorVersion === 2 || majorVersion === 3) {
env.YARN_HTTPS_PROXY = env.HTTPS_PROXY;
env.YARN_CA_FILE_PATH = env.NODE_EXTRA_CA_CERTS;
}
}
async function yarnVersion() {
const result = await safeSpawn("yarn", ["--version"], {
stdio: "pipe",
});
if (result.status !== 0) {
throw new Error("Failed to get yarn version");
}
return result.stdout.trim();
}

152
packages/safe-chain/src/packagemanager/yarn/runYarnCommand.spec.js Normal file
View file

@ -0,0 +1,152 @@
import { describe, it, beforeEach, afterEach, mock } from "node:test";
import assert from "node:assert";
describe("runYarnCommand", () => {
let runYarnCommand;
let capturedEnv;
let yarnVersion;
beforeEach(async () => {
capturedEnv = null;
yarnVersion = "4.1.0"; // Default to v4
// Mock safeSpawn to capture env and control yarn version
mock.module("../../utils/safeSpawn.js", {
namedExports: {
safeSpawn: async (command, args, options) => {
if (args.includes("--version")) {
// Mock yarn version check
return { status: 0, stdout: yarnVersion };
}
// Capture the env for assertions
capturedEnv = options.env;
return { status: 0 };
},
},
});
// Mock mergeSafeChainProxyEnvironmentVariables to return test env
mock.module("../../registryProxy/registryProxy.js", {
namedExports: {
mergeSafeChainProxyEnvironmentVariables: (env) => {
return {
...env,
HTTPS_PROXY: "http://localhost:8080",
NODE_EXTRA_CA_CERTS: "/path/to/ca-cert.pem",
};
},
},
});
// Mock ui to prevent console output
mock.module("../../environment/userInteraction.js", {
namedExports: {
ui: {
writeError: () => {},
},
},
});
const module = await import("./runYarnCommand.js");
runYarnCommand = module.runYarnCommand;
});
afterEach(() => {
mock.reset();
});
it("should set YARN_HTTPS_PROXY for Yarn v4+", async () => {
yarnVersion = "4.1.0";
await runYarnCommand(["add", "lodash"]);
assert.strictEqual(
capturedEnv.YARN_HTTPS_PROXY,
"http://localhost:8080",
"YARN_HTTPS_PROXY should be set to the HTTPS_PROXY value"
);
assert.strictEqual(
capturedEnv.YARN_HTTPS_CA_FILE_PATH,
undefined,
"YARN_HTTPS_CA_FILE_PATH should NOT be set to avoid overriding system CAs"
);
});
it("should set YARN_HTTPS_PROXY for Yarn v3", async () => {
yarnVersion = "3.6.4";
await runYarnCommand(["add", "lodash"]);
assert.strictEqual(
capturedEnv.YARN_HTTPS_PROXY,
"http://localhost:8080",
"YARN_HTTPS_PROXY should be set to the HTTPS_PROXY value"
);
assert.strictEqual(
capturedEnv.YARN_CA_FILE_PATH,
undefined,
"YARN_CA_FILE_PATH should NOT be set to avoid overriding system CAs"
);
});
it("should set YARN_HTTPS_PROXY for Yarn v2", async () => {
yarnVersion = "2.4.3";
await runYarnCommand(["add", "lodash"]);
assert.strictEqual(
capturedEnv.YARN_HTTPS_PROXY,
"http://localhost:8080",
"YARN_HTTPS_PROXY should be set to the HTTPS_PROXY value"
);
assert.strictEqual(
capturedEnv.YARN_CA_FILE_PATH,
undefined,
"YARN_CA_FILE_PATH should NOT be set to avoid overriding system CAs"
);
});
it("should set YARN_HTTPS_PROXY for Yarn v1", async () => {
yarnVersion = "1.22.19";
await runYarnCommand(["add", "lodash"]);
assert.strictEqual(
capturedEnv.YARN_HTTPS_PROXY,
"http://localhost:8080",
"YARN_HTTPS_PROXY should not be set for Yarn v1"
);
assert.strictEqual(
capturedEnv.YARN_HTTPS_CA_FILE_PATH,
undefined,
"YARN_HTTPS_CA_FILE_PATH should not be set for Yarn v1"
);
assert.strictEqual(
capturedEnv.YARN_CA_FILE_PATH,
undefined,
"YARN_CA_FILE_PATH should not be set for Yarn v1"
);
});
it("should preserve NODE_EXTRA_CA_CERTS for all Yarn versions", async () => {
for (const version of ["4.1.0", "3.6.4", "2.4.3", "1.22.19"]) {
yarnVersion = version;
await runYarnCommand(["add", "lodash"]);
assert.strictEqual(
capturedEnv.NODE_EXTRA_CA_CERTS,
"/path/to/ca-cert.pem",
`NODE_EXTRA_CA_CERTS should be preserved for Yarn ${version}`
);
}
});
it("should preserve HTTPS_PROXY for all Yarn versions", async () => {
for (const version of ["4.1.0", "3.6.4", "2.4.3", "1.22.19"]) {
yarnVersion = version;
await runYarnCommand(["add", "lodash"]);
assert.strictEqual(
capturedEnv.HTTPS_PROXY,
"http://localhost:8080",
`HTTPS_PROXY should be preserved for Yarn ${version}`
);
}
});
});

95
packages/safe-chain/src/registryProxy/certBundle.js Normal file
View file

@ -0,0 +1,95 @@
import fs from "node:fs";
import os from "node:os";
import path from "node:path";
// @ts-ignore - certifi has no type definitions
import certifi from "certifi";
import tls from "node:tls";
import { X509Certificate } from "node:crypto";
import { getCaCertPath } from "./certUtils.js";
/**
* Check if a PEM string contains only parsable cert blocks.
* @param {string} pem - PEM-encoded certificate string
* @returns {boolean}
*/
function isParsable(pem) {
if (!pem || typeof pem !== "string") return false;
const begin = "-----BEGIN CERTIFICATE-----";
const end = "-----END CERTIFICATE-----";
const blocks = [];
let idx = 0;
while (idx < pem.length) {
const start = pem.indexOf(begin, idx);
if (start === -1) break;
const stop = pem.indexOf(end, start + begin.length);
if (stop === -1) break;
const blockEnd = stop + end.length;
blocks.push(pem.slice(start, blockEnd));
idx = blockEnd;
}
if (blocks.length === 0) return false;
try {
for (const b of blocks) {
// throw if invalid
new X509Certificate(b);
}
return true;
} catch {
return false;
}
}
/** @type {string | null} */
let cachedPath = null;
/**
* Build a combined CA bundle for Python and Node HTTPS flows.
* - Includes Safe Chain CA (for MITM of known registries)
* - Includes Mozilla roots via npm `certifi` (public HTTPS)
* - Includes Node's built-in root certificates as a portable fallback
* @returns {string} Path to the combined CA bundle PEM file
*/
export function getCombinedCaBundlePath() {
if (cachedPath && fs.existsSync(cachedPath)) return cachedPath;
// Concatenate PEM files
const parts = [];
// 1) Safe Chain CA (for MITM'd registries)
const safeChainPath = getCaCertPath();
try {
const safeChainPem = fs.readFileSync(safeChainPath, "utf8");
if (isParsable(safeChainPem)) parts.push(safeChainPem.trim());
} catch {
// Ignore if Safe Chain CA is not available
}
// 2) certifi (Mozilla CA bundle for all public HTTPS)
try {
const certifiPem = fs.readFileSync(certifi, "utf8");
if (isParsable(certifiPem)) parts.push(certifiPem.trim());
} catch {
// Ignore if certifi bundle is not available
}
// 3) Node's built-in root certificates
try {
const nodeRoots = tls.rootCertificates;
if (Array.isArray(nodeRoots) && nodeRoots.length) {
for (const rootPem of nodeRoots) {
if (typeof rootPem !== "string") continue;
if (isParsable(rootPem)) parts.push(rootPem.trim());
}
}
} catch {
// Ignore if unavailable
}
const combined = parts.filter(Boolean).join("\n");
const target = path.join(os.tmpdir(), "safe-chain-ca-bundle.pem");
fs.writeFileSync(target, combined, { encoding: "utf8" });
cachedPath = target;
return cachedPath;
}

71
packages/safe-chain/src/registryProxy/certBundle.spec.js Normal file
View file

@ -0,0 +1,71 @@
import { describe, it, beforeEach, mock } from "node:test";
import assert from "node:assert";
import fs from "node:fs";
import os from "node:os";
import path from "node:path";
import tls from "node:tls";
// Utility to remove the generated bundle so the module rebuilds it on demand
function removeBundleIfExists() {
const target = path.join(os.tmpdir(), "safe-chain-ca-bundle.pem");
try {
if (fs.existsSync(target)) fs.unlinkSync(target);
} catch {
// ignore
}
}
describe("certBundle.getCombinedCaBundlePath", () => {
beforeEach(() => {
mock.restoreAll();
removeBundleIfExists();
});
it("includes Safe Chain CA when parsable and produces a PEM bundle", async () => {
// Prepare a temporary Safe Chain CA file with a recognizable marker and a valid cert block
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "pipcabundle-"));
const safeChainPath = path.join(tmpDir, "safechain-ca.pem");
const marker = "# SAFE_CHAIN_TEST_MARKER";
const rootPem = typeof tls.rootCertificates?.[0] === "string" ? tls.rootCertificates[0] : "";
assert.ok(rootPem.includes("BEGIN CERTIFICATE"), "Environment lacks Node root certificates for test");
fs.writeFileSync(safeChainPath, `${marker}\n${rootPem}`, "utf8");
// Mock the certUtils.getCaCertPath to return our temp file
mock.module("./certUtils.js", {
namedExports: {
getCaCertPath: () => safeChainPath,
},
});
const { getCombinedCaBundlePath } = await import("./certBundle.js");
const bundlePath = getCombinedCaBundlePath();
assert.ok(fs.existsSync(bundlePath), "Bundle path should exist");
const contents = fs.readFileSync(bundlePath, "utf8");
assert.match(contents, /-----BEGIN CERTIFICATE-----/);
assert.ok(contents.includes(marker), "Bundle should include Safe Chain CA content when parsable");
});
it("ignores invalid Safe Chain CA but still builds from other sources", async () => {
// Write an invalid file (no cert blocks)
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "pipcabundle-"));
const safeChainPath = path.join(tmpDir, "safechain-invalid.pem");
const invalidMarker = "INVALID_SAFE_CHAIN_CONTENT";
fs.writeFileSync(safeChainPath, invalidMarker, "utf8");
// Mock the certUtils.getCaCertPath to return our invalid file
mock.module("./certUtils.js", {
namedExports: {
getCaCertPath: () => safeChainPath,
},
});
// Ensure fresh build
removeBundleIfExists();
const { getCombinedCaBundlePath } = await import("./certBundle.js");
const bundlePath = getCombinedCaBundlePath();
assert.ok(fs.existsSync(bundlePath), "Bundle path should exist");
const contents = fs.readFileSync(bundlePath, "utf8");
assert.match(contents, /-----BEGIN CERTIFICATE-----/, "Bundle should contain certificate blocks from certifi/Node roots");
assert.ok(!contents.includes(invalidMarker), "Bundle should not include invalid Safe Chain content");
});
});

14
packages/safe-chain/src/registryProxy/certUtils.js
View file

@ -12,6 +12,10 @@ export function getCaCertPath() {
return path.join(certFolder, "ca-cert.pem");
}
/**
* @param {string} hostname
* @returns {{privateKey: string, certificate: string}}
*/
export function generateCertForHost(hostname) {
let existingCert = certCache.get(hostname);
if (existingCert) {
@ -44,6 +48,16 @@ export function generateCertForHost(hostname) {
digitalSignature: true,
keyEncipherment: true,
},
{
/*
extKeyUsage serverAuth is required for TLS server authentication.
This is especially important for Python venv environments, which use their own
certificate validation logic and will reject certificates lacking the serverAuth EKU.
Adding serverAuth does not impact other usages
*/
name: "extKeyUsage",
serverAuth: true,
},
]);
cert.sign(ca.privateKey, forge.md.sha256.create());

17
packages/safe-chain/src/registryProxy/http-utils.js Normal file
View file

@ -0,0 +1,17 @@
/**
* @param {NodeJS.Dict<string | string[]> | undefined} headers
* @param {string} headerName
*/
export function getHeaderValueAsString(headers, headerName) {
if (!headers) {
return undefined;
}
let header = headers[headerName];
if (Array.isArray(header)) {
return header.join(", ");
}
return header;
}

25
packages/safe-chain/src/registryProxy/interceptors/createInterceptorForEcoSystem.js Normal file
View file

@ -0,0 +1,25 @@
import {
ECOSYSTEM_JS,
ECOSYSTEM_PY,
getEcoSystem,
} from "../../config/settings.js";
import { npmInterceptorForUrl } from "./npm/npmInterceptor.js";
import { pipInterceptorForUrl } from "./pipInterceptor.js";
/**
* @param {string} url
* @returns {import("./interceptorBuilder.js").Interceptor | undefined}
*/
export function createInterceptorForUrl(url) {
const ecosystem = getEcoSystem();
if (ecosystem === ECOSYSTEM_JS) {
return npmInterceptorForUrl(url);
}
if (ecosystem === ECOSYSTEM_PY) {
return pipInterceptorForUrl(url);
}
return undefined;
}

140
packages/safe-chain/src/registryProxy/interceptors/interceptorBuilder.js Normal file
View file

@ -0,0 +1,140 @@
import { EventEmitter } from "events";
/**
* @typedef {Object} Interceptor
* @property {(targetUrl: string) => Promise<RequestInterceptionHandler>} handleRequest
* @property {(event: string, listener: (...args: any[]) => void) => Interceptor} on
* @property {(event: string, ...args: any[]) => boolean} emit
*
*
* @typedef {Object} RequestInterceptionContext
* @property {string} targetUrl
* @property {(packageName: string | undefined, version: string | undefined) => void} blockMalware
* @property {(modificationFunc: (headers: NodeJS.Dict<string | string[]>) => NodeJS.Dict<string | string[]>) => void} modifyRequestHeaders
* @property {(modificationFunc: (body: Buffer, headers: NodeJS.Dict<string | string[]> | undefined) => Buffer) => void} modifyBody
* @property {() => RequestInterceptionHandler} build
*
*
* @typedef {Object} RequestInterceptionHandler
* @property {{statusCode: number, message: string} | undefined} blockResponse
* @property {(headers: NodeJS.Dict<string | string[]> | undefined) => NodeJS.Dict<string | string[]> | undefined} modifyRequestHeaders
* @property {() => boolean} modifiesResponse
* @property {(body: Buffer, headers: NodeJS.Dict<string | string[]> | undefined) => Buffer} modifyBody
*/
/**
* @param {(requestHandlerBuilder: RequestInterceptionContext) => Promise<void>} requestInterceptionFunc
* @returns {Interceptor}
*/
export function interceptRequests(requestInterceptionFunc) {
return buildInterceptor([requestInterceptionFunc]);
}
/**
* @param {Array<(requestHandlerBuilder: RequestInterceptionContext) => Promise<void>>} requestHandlers
* @returns {Interceptor}
*/
function buildInterceptor(requestHandlers) {
const eventEmitter = new EventEmitter();
return {
async handleRequest(targetUrl) {
const requestContext = createRequestContext(targetUrl, eventEmitter);
for (const handler of requestHandlers) {
await handler(requestContext);
}
return requestContext.build();
},
on(event, listener) {
eventEmitter.on(event, listener);
return this;
},
emit(event, ...args) {
return eventEmitter.emit(event, ...args);
},
};
}
/**
* @param {string} targetUrl
* @param {import('events').EventEmitter} eventEmitter
* @returns {RequestInterceptionContext}
*/
function createRequestContext(targetUrl, eventEmitter) {
/** @type {{statusCode: number, message: string} | undefined} */
let blockResponse = undefined;
/** @type {Array<(headers: NodeJS.Dict<string | string[]>) => NodeJS.Dict<string | string[]>>} */
let reqheaderModificationFuncs = [];
/** @type {Array<(body: Buffer, headers: NodeJS.Dict<string | string[]> | undefined) => Buffer>} */
let modifyBodyFuncs = [];
/**
* @param {string | undefined} packageName
* @param {string | undefined} version
*/
function blockMalwareSetup(packageName, version) {
blockResponse = {
statusCode: 403,
message: "Forbidden - blocked by safe-chain",
};
// Emit the malwareBlocked event
eventEmitter.emit("malwareBlocked", {
packageName,
version,
targetUrl,
timestamp: Date.now(),
});
}
/** @returns {RequestInterceptionHandler} */
function build() {
/**
* @param {NodeJS.Dict<string | string[]> | undefined} headers
* @returns {NodeJS.Dict<string | string[]> | undefined}
*/
function modifyRequestHeaders(headers) {
if (headers) {
for (const func of reqheaderModificationFuncs) {
func(headers);
}
}
return headers;
}
/**
* @param {Buffer} body
* @param {NodeJS.Dict<string | string[]> | undefined} headers
* @returns {Buffer}
*/
function modifyBody(body, headers) {
let modifiedBody = body;
for (var func of modifyBodyFuncs) {
modifiedBody = func(body, headers);
}
return modifiedBody;
}
// These functions are invoked in the proxy, allowing to apply the configured modifications
return {
blockResponse,
modifyRequestHeaders: modifyRequestHeaders,
modifiesResponse: () => modifyBodyFuncs.length > 0,
modifyBody,
};
}
// These functions are used to setup the modifications
return {
targetUrl,
blockMalware: blockMalwareSetup,
modifyRequestHeaders: (func) => reqheaderModificationFuncs.push(func),
modifyBody: (func) => modifyBodyFuncs.push(func),
build,
};
}

177
packages/safe-chain/src/registryProxy/interceptors/npm/modifyNpmInfo.js Normal file
View file

@ -0,0 +1,177 @@
import { getMinimumPackageAgeHours } from "../../../config/settings.js";
import { ui } from "../../../environment/userInteraction.js";
import { getHeaderValueAsString } from "../../http-utils.js";
const state = {
hasSuppressedVersions: false,
};
/**
* @param {NodeJS.Dict<string | string[]>} headers
* @returns {NodeJS.Dict<string | string[]>}
*/
export function modifyNpmInfoRequestHeaders(headers) {
const accept = getHeaderValueAsString(headers, "accept");
if (accept?.includes("application/vnd.npm.install-v1+json")) {
// The npm registry sometimes serves a more compact format that lacks
// the time metadata we need to filter out too new packages.
// Force the registry to return the full metadata by changing the Accept header.
headers["accept"] = "application/json";
}
return headers;
}
/**
* @param {string} url
* @returns {boolean}
*/
export function isPackageInfoUrl(url) {
// Remove query string and fragment to get the actual path
const urlWithoutParams = url.split("?")[0].split("#")[0];
// Tarball downloads end with .tgz
if (urlWithoutParams.endsWith(".tgz")) return false;
// Special endpoints start with /-/ and should not be modified
// Examples: /-/npm/v1/security/advisories/bulk, /-/v1/search, /-/package/foo/access
if (urlWithoutParams.includes("/-/")) return false;
// Everything else is package metadata that can be modified
return true;
}
/**
*
* @param {Buffer} body
* @param {NodeJS.Dict<string | string[]> | undefined} headers
* @returns Buffer
*/
export function modifyNpmInfoResponse(body, headers) {
try {
const contentType = getHeaderValueAsString(headers, "content-type");
if (!contentType?.toLowerCase().includes("application/json")) {
return body;
}
if (body.byteLength === 0) {
return body;
}
// utf-8 is default encoding for JSON, so we don't check if charset is defined in content-type header
const bodyContent = body.toString("utf8");
const bodyJson = JSON.parse(bodyContent);
if (!bodyJson.time || !bodyJson["dist-tags"] || !bodyJson.versions) {
// Just return the current body if the format is not
return body;
}
const cutOff = new Date(
new Date().getTime() - getMinimumPackageAgeHours() * 3600 * 1000
);
const hasLatestTag = !!bodyJson["dist-tags"]["latest"];
const versions = Object.entries(bodyJson.time)
.map(([version, timestamp]) => ({
version,
timestamp,
}))
.filter((x) => x.version !== "created" && x.version !== "modified");
for (const { version, timestamp } of versions) {
const timestampValue = new Date(timestamp);
if (timestampValue > cutOff) {
deleteVersionFromJson(bodyJson, version);
if (headers) {
// When modifying the response, the etag and last-modified headers
// no longer match the content so they needs to be removed before sending the response.
delete headers["etag"];
delete headers["last-modified"];
// Removing the cache-control header will prevent the package manager from caching
// the modified response.
delete headers["cache-control"];
}
}
}
if (hasLatestTag && !bodyJson["dist-tags"]["latest"]) {
// The latest tag was removed because it contained a package younger than the treshold.
// A new latest tag needs to be calculated
bodyJson["dist-tags"]["latest"] = calculateLatestTag(bodyJson.time);
}
return Buffer.from(JSON.stringify(bodyJson));
} catch (/** @type {any} */ err) {
ui.writeVerbose(
`Safe-chain: Package metadata not in expected format - bypassing modification. Error: ${err.message}`
);
return body;
}
}
/**
* @param {any} json
* @param {string} version
*/
function deleteVersionFromJson(json, version) {
state.hasSuppressedVersions = true;
ui.writeVerbose(
`Safe-chain: ${version} is newer than ${getMinimumPackageAgeHours()} hours and was removed (minimumPackageAgeInHours setting).`
);
delete json.time[version];
delete json.versions[version];
for (const [tag, distVersion] of Object.entries(json["dist-tags"])) {
if (version == distVersion) {
delete json["dist-tags"][tag];
}
}
}
/**
* @param {Record<string, string>} tagList
* @returns {string | undefined}
*/
function calculateLatestTag(tagList) {
const entries = Object.entries(tagList).filter(
([version, _]) => version !== "created" && version !== "modified"
);
const latestFullRelease = getMostRecentTag(
Object.fromEntries(entries.filter(([version, _]) => !version.includes("-")))
);
if (latestFullRelease) {
return latestFullRelease;
}
const latestPrerelease = getMostRecentTag(
Object.fromEntries(entries.filter(([version, _]) => version.includes("-")))
);
return latestPrerelease;
}
/**
* @param {Record<string, string>} tagList
* @returns {string | undefined}
*/
function getMostRecentTag(tagList) {
let current, currentDate;
for (const [version, timestamp] of Object.entries(tagList)) {
if (!currentDate || currentDate < timestamp) {
current = version;
currentDate = timestamp;
}
}
return current;
}
/**
* @returns {boolean}
*/
export function getHasSuppressedVersions() {
return state.hasSuppressedVersions;
}

47
packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.js Normal file
View file

@ -0,0 +1,47 @@
import { skipMinimumPackageAge } from "../../../config/settings.js";
import { isMalwarePackage } from "../../../scanning/audit/index.js";
import { interceptRequests } from "../interceptorBuilder.js";
import {
isPackageInfoUrl,
modifyNpmInfoRequestHeaders,
modifyNpmInfoResponse,
} from "./modifyNpmInfo.js";
import { parseNpmPackageUrl } from "./parseNpmPackageUrl.js";
const knownJsRegistries = ["registry.npmjs.org", "registry.yarnpkg.com"];
/**
* @param {string} url
* @returns {import("../interceptorBuilder.js").Interceptor | undefined}
*/
export function npmInterceptorForUrl(url) {
const registry = knownJsRegistries.find((reg) => url.includes(reg));
if (registry) {
return buildNpmInterceptor(registry);
}
return undefined;
}
/**
* @param {string} registry
* @returns {import("../interceptorBuilder.js").Interceptor}
*/
function buildNpmInterceptor(registry) {
return interceptRequests(async (reqContext) => {
const { packageName, version } = parseNpmPackageUrl(
reqContext.targetUrl,
registry
);
if (await isMalwarePackage(packageName, version)) {
reqContext.blockMalware(packageName, version);
}
if (!skipMinimumPackageAge() && isPackageInfoUrl(reqContext.targetUrl)) {
reqContext.modifyRequestHeaders(modifyNpmInfoRequestHeaders);
reqContext.modifyBody(modifyNpmInfoResponse);
}
});
}

384
packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.minPackageAge.spec.js Normal file
View file

@ -0,0 +1,384 @@
import { describe, it, mock } from "node:test";
import assert from "node:assert";
describe("npmInterceptor minimum package age", async () => {
let minimumPackageAgeSettings = 48;
let skipMinimumPackageAgeSetting = false;
mock.module("../../../config/settings.js", {
namedExports: {
getMinimumPackageAgeHours: () => minimumPackageAgeSettings,
skipMinimumPackageAge: () => skipMinimumPackageAgeSetting,
},
});
mock.module("../../../scanning/audit/index.js", {
namedExports: {
isMalwarePackage: async () => {
return false;
},
},
});
mock.module("../../../environment/userInteraction.js", {
namedExports: {
ui: {
startProcess: () => {},
writeError: () => {},
writeInformation: () => {},
writeWarning: () => {},
writeVerbose: () => {},
writeExitWithoutInstallingMaliciousPackages: () => {},
emptyLine: () => {},
},
},
});
const { npmInterceptorForUrl } = await import("./npmInterceptor.js");
for (const packageInfoUrl of [
// Basic package metadata
"https://registry.npmjs.org/lodash",
"https://registry.npmjs.org/express",
// Scoped packages
"https://registry.npmjs.org/@vercel/functions",
"https://registry.npmjs.org/@babel/core",
"https://registry.npmjs.org/@types/node",
// With query parameters
"https://registry.npmjs.org/lodash?write=true",
"https://registry.npmjs.org/@babel/core?param=value&other=test",
// With fragments
"https://registry.npmjs.org/lodash#readme",
"https://registry.npmjs.org/@babel/core#installation",
// Version-specific metadata
"https://registry.npmjs.org/lodash/4.17.21",
"https://registry.npmjs.org/lodash/latest",
"https://registry.npmjs.org/@babel/core/7.21.4",
// URL-encoded scoped packages
"https://registry.npmjs.org/@types%2Fnode",
"https://registry.npmjs.org/@babel%2Fcore",
// With trailing slashes
"https://registry.npmjs.org/lodash/",
"https://registry.npmjs.org/@babel/core/",
]) {
it(`modifyResponse should be true for package info requests: ${packageInfoUrl}`, async () => {
const interceptor = npmInterceptorForUrl(packageInfoUrl);
const requestInterceptor = await interceptor.handleRequest(
packageInfoUrl
);
assert.equal(requestInterceptor.modifiesResponse(), true);
});
}
for (const packageUrl of [
// Regular package tarballs
"https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
"https://registry.npmjs.org/express/-/express-4.18.2.tgz",
// Scoped package tarballs
"https://registry.npmjs.org/@babel/core/-/core-8.0.0-alpha.1.tgz",
"https://registry.npmjs.org/@types/node/-/node-20.10.5.tgz",
// Tarballs with query parameters (integrity checks)
"https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz?integrity=sha512-abc123",
"https://registry.npmjs.org/@babel/core/-/core-7.21.4.tgz?integrity=sha512-def456&cache=false",
// Tarballs with fragments
"https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz#sha512-abc123",
"https://registry.npmjs.org/@babel/core/-/core-7.21.4.tgz#hash",
// Prerelease versions
"https://registry.npmjs.org/react/-/react-18.3.0-canary-abc123.tgz",
"https://registry.npmjs.org/lodash/-/lodash-5.0.0-beta.1.tgz",
]) {
it(`modifyResponse should be false for package downloads: ${packageUrl}`, async () => {
const interceptor = npmInterceptorForUrl(packageUrl);
const requestInterceptor = await interceptor.handleRequest(packageUrl);
assert.equal(requestInterceptor.modifiesResponse(), false);
});
}
for (const specialEndpoint of [
// Security advisory endpoints
"https://registry.npmjs.org/-/npm/v1/security/advisories/bulk",
"https://registry.npmjs.org/-/npm/v1/security/audits",
"https://registry.npmjs.org/-/npm/v1/security/audits/quick",
// Search endpoints
"https://registry.npmjs.org/-/v1/search?text=lodash&size=20",
"https://registry.npmjs.org/-/v1/search?text=react&from=0",
// Package access/collaboration endpoints
"https://registry.npmjs.org/-/package/lodash/access",
"https://registry.npmjs.org/-/package/@babel/core/collaborators",
"https://registry.npmjs.org/-/package/lodash/dist-tags",
"https://registry.npmjs.org/-/package/@babel/core/dist-tags/latest",
// User/organization endpoints
"https://registry.npmjs.org/-/user/org.couchdb.user:username",
"https://registry.npmjs.org/-/org/myorg/package",
// Anonymous metrics
"https://registry.npmjs.org/-/npm/anon-metrics/v1/",
// Ping/health check
"https://registry.npmjs.org/-/ping",
]) {
it(`modifyResponse should be false for special endpoints: ${specialEndpoint}`, async () => {
const interceptor = npmInterceptorForUrl(specialEndpoint);
const requestInterceptor = await interceptor.handleRequest(
specialEndpoint
);
assert.equal(requestInterceptor.modifiesResponse(), false);
});
}
it("Should remove packages older than the treshold", async () => {
minimumPackageAgeSettings = 5;
const packageUrl = "https://registry.npmjs.org/lodash";
const modifiedBody = await runModifyNpmInfoRequest(
packageUrl,
JSON.stringify({
name: "lodash",
["dist-tags"]: {
latest: "3.0.0",
},
versions: {
["1.0.0"]: {},
["2.0.0"]: {},
["3.0.0"]: {},
},
time: {
created: getDate(-365 * 24),
modified: getDate(-3),
["1.0.0"]: getDate(-7),
// cutoff-date here
["2.0.0"]: getDate(-4),
["3.0.0"]: getDate(-3),
},
})
);
const modifiedJson = JSON.parse(modifiedBody);
assert.equal(Object.keys(modifiedJson.time).length, 3);
assert.equal(Object.keys(modifiedJson.versions).length, 1);
assert.ok(Object.keys(modifiedJson.time).includes("1.0.0"));
assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
assert.ok(!Object.keys(modifiedJson.time).includes("2.0.0"));
assert.ok(!Object.keys(modifiedJson.versions).includes("2.0.0"));
assert.ok(!Object.keys(modifiedJson.time).includes("3.0.0"));
assert.ok(!Object.keys(modifiedJson.versions).includes("3.0.0"));
});
it("Should set the package to the new latest non-preview release", async () => {
minimumPackageAgeSettings = 5;
const packageUrl = "https://registry.npmjs.org/lodash";
const modifiedBody = await runModifyNpmInfoRequest(
packageUrl,
JSON.stringify({
name: "lodash",
["dist-tags"]: {
latest: "3.0.0",
},
versions: {
["1.0.0"]: {},
["2.0.0"]: {},
["3.0.0"]: {},
},
time: {
created: getDate(-365 * 24),
modified: getDate(-3),
["1.0.0"]: getDate(-7),
["0.0.1"]: getDate(-8), // package order: this package is older than 1.0.0, it should not be considered latest
["2.0.0-alpha"]: getDate(-6), //package is a pre-release, it should not be latest
// cutoff-date here
["2.0.0"]: getDate(-4),
["3.0.0"]: getDate(-3),
},
})
);
const modifiedJson = JSON.parse(modifiedBody);
assert.equal(modifiedJson["dist-tags"]["latest"], "1.0.0");
});
it("Should remove dist-tags if version was removed", async () => {
minimumPackageAgeSettings = 5;
const packageUrl = "https://registry.npmjs.org/lodash";
const modifiedBody = await runModifyNpmInfoRequest(
packageUrl,
JSON.stringify({
name: "lodash",
["dist-tags"]: {
latest: "3.0.0",
alpha: "2.0.0-alpha",
},
versions: {
["1.0.0"]: {},
["2.0.0"]: {},
["3.0.0"]: {},
},
time: {
created: getDate(-365 * 24),
modified: getDate(-4),
["1.0.0"]: getDate(-7),
// cutoff-date here
["2.0.0-alpha"]: getDate(-4),
},
})
);
const modifiedJson = JSON.parse(modifiedBody);
console.log(modifiedJson);
assert.equal(modifiedJson["dist-tags"]["alpha"], undefined);
});
it("Should not filter packages when skipMinimumPackageAge is enabled", async () => {
minimumPackageAgeSettings = 5;
skipMinimumPackageAgeSetting = true;
const packageUrl = "https://registry.npmjs.org/lodash";
const originalBody = JSON.stringify({
name: "lodash",
["dist-tags"]: {
latest: "3.0.0",
},
versions: {
["1.0.0"]: {},
["2.0.0"]: {},
["3.0.0"]: {},
},
time: {
created: getDate(-365 * 24),
modified: getDate(-3),
["1.0.0"]: getDate(-7),
// cutoff-date here
["2.0.0"]: getDate(-4),
["3.0.0"]: getDate(-3),
},
});
const modifiedBody = await runModifyNpmInfoRequest(
packageUrl,
originalBody
);
const modifiedJson = JSON.parse(modifiedBody);
// All versions should remain unchanged
assert.equal(Object.keys(modifiedJson.versions).length, 3);
assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
assert.ok(Object.keys(modifiedJson.versions).includes("2.0.0"));
assert.ok(Object.keys(modifiedJson.versions).includes("3.0.0"));
// Latest should remain unchanged
assert.equal(modifiedJson["dist-tags"]["latest"], "3.0.0");
});
it("Should use custom minimum package age of 48 hours", async () => {
minimumPackageAgeSettings = 48;
skipMinimumPackageAgeSetting = false;
const packageUrl = "https://registry.npmjs.org/lodash";
const modifiedBody = await runModifyNpmInfoRequest(
packageUrl,
JSON.stringify({
name: "lodash",
["dist-tags"]: {
latest: "4.0.0",
},
versions: {
["1.0.0"]: {},
["2.0.0"]: {},
["3.0.0"]: {},
["4.0.0"]: {},
},
time: {
created: getDate(-365 * 24),
modified: getDate(-24),
["1.0.0"]: getDate(-72), // 3 days old - should remain
["2.0.0"]: getDate(-50), // ~2 days old - should remain
// 48-hour cutoff here
["3.0.0"]: getDate(-40), // ~1.7 days old - should be removed
["4.0.0"]: getDate(-24), // 1 day old - should be removed
},
})
);
const modifiedJson = JSON.parse(modifiedBody);
// Versions older than 48 hours should remain
assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
assert.ok(Object.keys(modifiedJson.versions).includes("2.0.0"));
// Versions newer than 48 hours should be removed
assert.ok(!Object.keys(modifiedJson.versions).includes("3.0.0"));
assert.ok(!Object.keys(modifiedJson.versions).includes("4.0.0"));
// Latest should be recalculated to 2.0.0
assert.equal(modifiedJson["dist-tags"]["latest"], "2.0.0");
assert.equal(Object.keys(modifiedJson.versions).length, 2);
});
it("Should use very small minimum package age of 1 hour", async () => {
minimumPackageAgeSettings = 1;
skipMinimumPackageAgeSetting = false;
const packageUrl = "https://registry.npmjs.org/lodash";
const modifiedBody = await runModifyNpmInfoRequest(
packageUrl,
JSON.stringify({
name: "lodash",
["dist-tags"]: {
latest: "3.0.0",
},
versions: {
["1.0.0"]: {},
["2.0.0"]: {},
["3.0.0"]: {},
},
time: {
created: getDate(-48),
modified: getDate(0),
["1.0.0"]: getDate(-3), // 3 hours old - should remain
["2.0.0"]: getDate(-2), // 2 hours old - should remain
// 1-hour cutoff here
["3.0.0"]: getDate(0), // just published - should be removed
},
})
);
const modifiedJson = JSON.parse(modifiedBody);
assert.equal(Object.keys(modifiedJson.versions).length, 2);
assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
assert.ok(Object.keys(modifiedJson.versions).includes("2.0.0"));
assert.ok(!Object.keys(modifiedJson.versions).includes("3.0.0"));
assert.equal(modifiedJson["dist-tags"]["latest"], "2.0.0");
});
function getDate(plusHours) {
const date = new Date();
date.setHours(date.getHours() + plusHours);
return date;
}
/**
* @param {import("../interceptorBuilder.js").Interceptor} interceptor
* @param {string} body
* @returns {Promise<string>}
*/
async function runModifyNpmInfoRequest(url, body) {
const interceptor = npmInterceptorForUrl(url);
const requestHandler = await interceptor.handleRequest(url);
if (requestHandler.modifiesResponse()) {
const modifiedBuffer = requestHandler.modifyBody(Buffer.from(body), {
["content-type"]: "application/json",
});
return modifiedBuffer.toString("utf8");
}
return body;
}
});

75
packages/safe-chain/src/registryProxy/parsePackageFromUrl.spec.js → packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.packageDownload.spec.js
View file

@ -1,9 +1,22 @@
import { describe, it } from "node:test";
import { describe, it, mock } from "node:test";
import assert from "node:assert";
import { parsePackageFromUrl } from "./parsePackageFromUrl.js";
describe("parsePackageFromUrl", () => {
const testCases = [
describe("npmInterceptor", async () => {
let lastPackage;
let malwareResponse = false;
mock.module("../../../scanning/audit/index.js", {
namedExports: {
isMalwarePackage: async (packageName, version) => {
lastPackage = { packageName, version };
return malwareResponse;
},
},
});
const { npmInterceptorForUrl } = await import("./npmInterceptor.js");
const parserCases = [
// Regular packages
{
url: "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
@ -78,11 +91,6 @@ describe("parsePackageFromUrl", () => {
url: "https://registry.yarnpkg.com/@babel/core/-/core-7.21.4.tgz",
expected: { packageName: "@babel/core", version: "7.21.4" },
},
// Invalid URLs should return undefined values
{
url: "https://example.com/package.tgz",
expected: { packageName: undefined, version: undefined },
},
// URL to get package info, not tarball
{
url: "https://registry.npmjs.org/lodash",
@ -105,10 +113,51 @@ describe("parsePackageFromUrl", () => {
},
];
testCases.forEach(({ url, expected }, index) => {
it(`should parse URL ${index + 1}: ${url}`, () => {
const result = parsePackageFromUrl(url);
assert.deepEqual(result, expected);
parserCases.forEach(({ url, expected }, index) => {
it(`should parse URL ${index + 1}: ${url}`, async () => {
const interceptor = npmInterceptorForUrl(url);
assert.ok(
interceptor,
"Interceptor should be created for known npm registry"
);
await interceptor.handleRequest(url);
assert.deepEqual(lastPackage, expected);
});
});
it("should not create interceptor for unknown registry", () => {
const url = "https://example.com/some-package/-/some-package-1.0.0.tgz";
const interceptor = npmInterceptorForUrl(url);
assert.equal(
interceptor,
undefined,
"Interceptor should be undefined for unknown registry"
);
});
it("should block malicious package", async () => {
const url =
"https://registry.npmjs.org/malicious-package/-/malicious-package-1.0.0.tgz";
malwareResponse = true;
const interceptor = npmInterceptorForUrl(url);
const result = await interceptor.handleRequest(url);
assert.ok(result.blockResponse, "Should contain a blockResponse");
assert.equal(
result.blockResponse.statusCode,
403,
"Block response should have status code 403"
);
assert.equal(
result.blockResponse.message,
"Forbidden - blocked by safe-chain",
"Block response should have correct status message"
);
});
});

19
packages/safe-chain/src/registryProxy/parsePackageFromUrl.js → packages/safe-chain/src/registryProxy/interceptors/npm/parseNpmPackageUrl.js
View file

@ -1,15 +1,10 @@
export const knownRegistries = ["registry.npmjs.org", "registry.yarnpkg.com"];
export function parsePackageFromUrl(url) {
let packageName, version, registry;
for (const knownRegistry of knownRegistries) {
if (url.includes(knownRegistry)) {
registry = knownRegistry;
break;
}
}
/**
* @param {string} url
* @param {string} registry
* @returns {{packageName: string | undefined, version: string | undefined}}
*/
export function parseNpmPackageUrl(url, registry) {
let packageName, version;
if (!registry || !url.endsWith(".tgz")) {
return { packageName, version };
}

115
packages/safe-chain/src/registryProxy/interceptors/pipInterceptor.js Normal file
View file

@ -0,0 +1,115 @@
import { isMalwarePackage } from "../../scanning/audit/index.js";
import { interceptRequests } from "./interceptorBuilder.js";
const knownPipRegistries = [
"files.pythonhosted.org",
"pypi.org",
"pypi.python.org",
"pythonhosted.org",
];
/**
* @param {string} url
* @returns {import("./interceptorBuilder.js").Interceptor | undefined}
*/
export function pipInterceptorForUrl(url) {
const registry = knownPipRegistries.find((reg) => url.includes(reg));
if (registry) {
return buildPipInterceptor(registry);
}
return undefined;
}
/**
* @param {string} registry
* @returns {import("./interceptorBuilder.js").Interceptor | undefined}
*/
function buildPipInterceptor(registry) {
return interceptRequests(async (reqContext) => {
const { packageName, version } = parsePipPackageFromUrl(
reqContext.targetUrl,
registry
);
if (await isMalwarePackage(packageName, version)) {
reqContext.blockMalware(packageName, version);
}
});
}
/**
* @param {string} url
* @param {string} registry
* @returns {{packageName: string | undefined, version: string | undefined}}
*/
function parsePipPackageFromUrl(url, registry) {
let packageName, version;
// Basic validation
if (!registry || typeof url !== "string") {
return { packageName, version };
}
// Quick sanity check on the URL + parse
let urlObj;
try {
urlObj = new URL(url);
} catch {
return { packageName, version };
}
// Get the last path segment (filename) and decode it (strip query & fragment automatically)
const lastSegment = urlObj.pathname.split("/").filter(Boolean).pop();
if (!lastSegment) {
return { packageName, version };
}
const filename = decodeURIComponent(lastSegment);
// Parse Python package downloads from PyPI/pythonhosted.org
// Example wheel: https://files.pythonhosted.org/packages/xx/yy/requests-2.28.1-py3-none-any.whl
// Example sdist: https://files.pythonhosted.org/packages/xx/yy/requests-2.28.1.tar.gz
// Wheel (.whl)
if (filename.endsWith(".whl")) {
const base = filename.slice(0, -4); // remove ".whl"
const firstDash = base.indexOf("-");
if (firstDash > 0) {
const dist = base.slice(0, firstDash); // may contain underscores
const rest = base.slice(firstDash + 1); // version + the rest of tags
const secondDash = rest.indexOf("-");
const rawVersion = secondDash >= 0 ? rest.slice(0, secondDash) : rest;
packageName = dist; // preserve underscores
version = rawVersion;
// Reject "latest" as it's a placeholder, not a real version
// When version is "latest", this signals the URL doesn't contain actual version info
// Returning undefined allows the request (see registryProxy.js isAllowedUrl)
if (version === "latest" || !packageName || !version) {
return { packageName: undefined, version: undefined };
}
return { packageName, version };
}
}
// Source dist (sdist)
const sdistExtMatch = filename.match(/\.(tar\.gz|zip|tar\.bz2|tar\.xz)$/i);
if (sdistExtMatch) {
const base = filename.slice(0, -sdistExtMatch[0].length);
const lastDash = base.lastIndexOf("-");
if (lastDash > 0 && lastDash < base.length - 1) {
packageName = base.slice(0, lastDash);
version = base.slice(lastDash + 1);
// Reject "latest" as it's a placeholder, not a real version
// When version is "latest", this signals the URL doesn't contain actual version info
// Returning undefined allows the request (see registryProxy.js isAllowedUrl)
if (version === "latest" || !packageName || !version) {
return { packageName: undefined, version: undefined };
}
return { packageName, version };
}
}
// Unknown file type or invalid
return { packageName: undefined, version: undefined };
}

135
packages/safe-chain/src/registryProxy/interceptors/pipInterceptor.spec.js Normal file
View file

@ -0,0 +1,135 @@
import { describe, it, mock } from "node:test";
import assert from "node:assert";
describe("pipInterceptor", async () => {
let lastPackage;
let malwareResponse = false;
mock.module("../../scanning/audit/index.js", {
namedExports: {
isMalwarePackage: async (packageName, version) => {
lastPackage = { packageName, version };
return malwareResponse;
},
},
});
const { pipInterceptorForUrl } = await import("./pipInterceptor.js");
const parserCases = [
// Valid pip URLs
{
url: "https://files.pythonhosted.org/packages/xx/yy/foobar-1.2.3.tar.gz",
expected: { packageName: "foobar", version: "1.2.3" },
},
{
url: "https://pypi.org/packages/source/f/foobar/foobar-1.2.3.tar.gz",
expected: { packageName: "foobar", version: "1.2.3" },
},
{
url: "https://pypi.org/packages/source/f/foo-bar/foo-bar-0.9.0.tar.gz",
expected: { packageName: "foo-bar", version: "0.9.0" },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0-py3-none-any.whl",
expected: { packageName: "foo_bar", version: "2.0.0" },
},
{
url: "https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl",
expected: { packageName: "foo_bar", version: "2.0.0" },
},
{
url: "https://pypi.org/packages/source/f/foo.bar/foo.bar-1.0.0.tar.gz",
expected: { packageName: "foo.bar", version: "1.0.0" },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0b1.tar.gz",
expected: { packageName: "foo_bar", version: "2.0.0b1" },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0rc1.tar.gz",
expected: { packageName: "foo_bar", version: "2.0.0rc1" },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0.post1.tar.gz",
expected: { packageName: "foo_bar", version: "2.0.0.post1" },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0.dev1.tar.gz",
expected: { packageName: "foo_bar", version: "2.0.0.dev1" },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0a1.tar.gz",
expected: { packageName: "foo_bar", version: "2.0.0a1" },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0-cp38-cp38-manylinux1_x86_64.whl",
expected: { packageName: "foo_bar", version: "2.0.0" },
},
// Invalid pip URLs
{
url: "https://pypi.org/simple/",
expected: { packageName: undefined, version: undefined },
},
{
url: "https://pypi.org/project/foobar/",
expected: { packageName: undefined, version: undefined },
},
{
url: "https://files.pythonhosted.org/packages/xx/yy/foobar-latest.tar.gz",
expected: { packageName: undefined, version: undefined },
},
{
url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-latest.tar.gz",
expected: { packageName: undefined, version: undefined },
},
];
parserCases.forEach(({ url, expected }, index) => {
it(`should parse URL ${index + 1}: ${url}`, async () => {
const interceptor = pipInterceptorForUrl(url);
assert.ok(
interceptor,
"Interceptor should be created for known npm registry"
);
await interceptor.handleRequest(url);
assert.deepEqual(lastPackage, expected);
});
});
it("should not create interceptor for unknown registry", () => {
const url = "https://example.com/packages/xx/yy/foobar-1.2.3.tar.gz";
const interceptor = pipInterceptorForUrl(url);
assert.equal(
interceptor,
undefined,
"Interceptor should be undefined for unknown registry"
);
});
it("should block malicious package", async () => {
const url =
"https://files.pythonhosted.org/packages/xx/yy/malicious_package-1.0.0.tar.gz";
malwareResponse = true;
const interceptor = pipInterceptorForUrl(url);
const result = await interceptor.handleRequest(url);
assert.ok(result.blockResponse, "Should contain a blockResponse");
assert.equal(
result.blockResponse.statusCode,
403,
"Block response should have status code 403"
);
assert.equal(
result.blockResponse.message,
"Forbidden - blocked by safe-chain",
"Block response should have correct status message"
);
});
});

13
packages/safe-chain/src/registryProxy/isImdsEndpoint.js Normal file
View file

@ -0,0 +1,13 @@
// Instance Metadata Service (IMDS) endpoints used by cloud providers.
// Cloud SDK tools probe these to detect environment and retrieve credentials.
// When outside cloud environments, connections timeout - we reduce timeout (3s vs 30s)
// and suppress error logging since this is expected behavior.
const imdsEndpoints = [
"metadata.google.internal",
"metadata.goog",
"169.254.169.254", // AWS, Azure, Oracle Cloud, GCP
];
export function isImdsEndpoint(/** @type {string} */ host) {
return imdsEndpoints.includes(host);
}

173
packages/safe-chain/src/registryProxy/mitmRequestHandler.js
View file

@ -1,11 +1,41 @@
import https from "https";
import { generateCertForHost } from "./certUtils.js";
import { HttpsProxyAgent } from "https-proxy-agent";
import { ui } from "../environment/userInteraction.js";
import { gunzipSync, gzipSync } from "zlib";
export function mitmConnect(req, clientSocket, isAllowed) {
/**
* @typedef {import("./interceptors/interceptorBuilder.js").Interceptor} Interceptor
*/
/**
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} clientSocket
* @param {Interceptor} interceptor
*/
export function mitmConnect(req, clientSocket, interceptor) {
ui.writeVerbose(`Safe-chain: Set up MITM tunnel for ${req.url}`);
const { hostname } = new URL(`http://${req.url}`);
const server = createHttpsServer(hostname, isAllowed);
clientSocket.on("error", (err) => {
ui.writeVerbose(
`Safe-chain: Client socket error for ${req.url}: ${err.message}`
);
// NO-OP
// This can happen if the client TCP socket sends RST instead of FIN.
// Not subscribing to 'close' event will cause node to throw and crash.
});
const server = createHttpsServer(hostname, interceptor);
server.on("error", (err) => {
ui.writeError(`Safe-chain: HTTPS server error: ${err.message}`);
if (!clientSocket.headersSent) {
clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
} else if (clientSocket.writable) {
clientSocket.end();
}
});
// Establish the connection
clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
@ -14,32 +44,60 @@ export function mitmConnect(req, clientSocket, isAllowed) {
server.emit("connection", clientSocket);
}
function createHttpsServer(hostname, isAllowed) {
/**
* @param {string} hostname
* @param {Interceptor} interceptor
* @returns {import("https").Server}
*/
function createHttpsServer(hostname, interceptor) {
const cert = generateCertForHost(hostname);
/**
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} res
*
* @returns {Promise<void>}
*/
async function handleRequest(req, res) {
if (!req.url) {
ui.writeError("Safe-chain: Request missing URL");
res.writeHead(400, "Bad Request");
res.end("Bad Request: Missing URL");
return;
}
const pathAndQuery = getRequestPathAndQuery(req.url);
const targetUrl = `https://${hostname}${pathAndQuery}`;
if (!(await isAllowed(targetUrl))) {
res.writeHead(403, "Forbidden - blocked by safe-chain");
res.end("Blocked by safe-chain");
const requestInterceptor = await interceptor.handleRequest(targetUrl);
const blockResponse = requestInterceptor.blockResponse;
if (blockResponse) {
ui.writeVerbose(`Safe-chain: Blocking request to ${targetUrl}`);
res.writeHead(blockResponse.statusCode, blockResponse.message);
res.end(blockResponse.message);
return;
}
// Collect request body
forwardRequest(req, hostname, res);
forwardRequest(req, hostname, res, requestInterceptor);
}
return https.createServer(
const server = https.createServer(
{
key: cert.privateKey,
cert: cert.certificate,
},
handleRequest
);
return server;
}
/**
* @param {string} url
* @returns {string}
*/
function getRequestPathAndQuery(url) {
if (url.startsWith("http://") || url.startsWith("https://")) {
const parsedUrl = new URL(url);
@ -48,42 +106,125 @@ function getRequestPathAndQuery(url) {
return url;
}
function forwardRequest(req, hostname, res) {
const proxyReq = createProxyRequest(hostname, req, res);
/**
* @param {import("http").IncomingMessage} req
* @param {string} hostname
* @param {import("http").ServerResponse} res
* @param {import("./interceptors/interceptorBuilder.js").RequestInterceptionHandler} requestHandler
*/
function forwardRequest(req, hostname, res, requestHandler) {
const proxyReq = createProxyRequest(hostname, req, res, requestHandler);
proxyReq.on("error", () => {
proxyReq.on("error", (err) => {
ui.writeVerbose(
`Safe-chain: Error occurred while proxying request to ${req.url} for ${hostname}: ${err.message}`
);
res.writeHead(502);
res.end("Bad Gateway");
});
req.on("error", (err) => {
ui.writeError(
`Safe-chain: Error reading client request to ${req.url} for ${hostname}: ${err.message}`
);
proxyReq.destroy();
});
req.on("data", (chunk) => {
proxyReq.write(chunk);
});
req.on("end", () => {
ui.writeVerbose(
`Safe-chain: Finished proxying request to ${req.url} for ${hostname}`
);
proxyReq.end();
});
}
function createProxyRequest(hostname, req, res) {
/**
* @param {string} hostname
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} res
* @param {import("./interceptors/interceptorBuilder.js").RequestInterceptionHandler} requestHandler
*
* @returns {import("http").ClientRequest}
*/
function createProxyRequest(hostname, req, res, requestHandler) {
/** @type {NodeJS.Dict<string | string[]> | undefined} */
let headers = { ...req.headers };
// Remove the host header from the incoming request before forwarding.
// Node's http module sets the correct host header for the target hostname automatically.
if (headers.host) {
delete headers.host;
}
headers = requestHandler.modifyRequestHeaders(headers);
/** @type {import("http").RequestOptions} */
const options = {
hostname: hostname,
port: 443,
path: req.url,
method: req.method,
headers: { ...req.headers },
headers: { ...headers },
};
delete options.headers.host;
const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
if (httpsProxy) {
options.agent = new HttpsProxyAgent(httpsProxy);
}
const proxyReq = https.request(options, (proxyRes) => {
res.writeHead(proxyRes.statusCode, proxyRes.headers);
proxyRes.on("error", (err) => {
ui.writeError(
`Safe-chain: Error reading upstream response to ${req.url} for ${hostname}: ${err.message}`
);
if (!res.headersSent) {
res.writeHead(502);
res.end("Bad Gateway");
}
});
if (!proxyRes.statusCode) {
ui.writeError(
`Safe-chain: Proxy response missing status code to ${req.url} for ${hostname}`
);
res.writeHead(500);
res.end("Internal Server Error");
return;
}
const { statusCode, headers } = proxyRes;
if (requestHandler.modifiesResponse()) {
/** @type {Array<any>} */
let chunks = [];
proxyRes.on("data", (chunk) => chunks.push(chunk));
proxyRes.on("end", () => {
/** @type {Buffer} */
let buffer = Buffer.concat(chunks);
if (proxyRes.headers["content-encoding"] === "gzip") {
buffer = gunzipSync(buffer);
}
buffer = requestHandler.modifyBody(buffer, headers);
if (proxyRes.headers["content-encoding"] === "gzip") {
buffer = gzipSync(buffer);
}
res.writeHead(statusCode, headers);
res.end(buffer);
});
} else {
// If the response is not being modified, we can
// just pipe without the need for buffering the output
res.writeHead(statusCode, headers);
proxyRes.pipe(res);
}
});
return proxyReq;

95
packages/safe-chain/src/registryProxy/plainHttpProxy.js Normal file
View file

@ -0,0 +1,95 @@
import * as http from "http";
import * as https from "https";
import { ui } from "../environment/userInteraction.js";
/**
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} res
*
* @returns {void}
*/
export function handleHttpProxyRequest(req, res) {
if (!req.url) {
ui.writeError("Safe-chain: Request missing URL");
res.writeHead(400, "Bad Request");
res.end("Bad Request: Missing URL");
return;
}
const url = new URL(req.url);
// The protocol for the plainHttpProxy should usually only be http:
// but when the client for some reason sends an https: request directly
// instead of using the CONNECT method, we should handle it gracefully.
let protocol;
if (url.protocol === "http:") {
protocol = http;
} else if (url.protocol === "https:") {
protocol = https;
} else {
res.writeHead(502);
res.end(`Bad Gateway: Unsupported protocol ${url.protocol}`);
return;
}
const proxyRequest = protocol
.request(
req.url,
{ method: req.method, headers: req.headers },
(proxyRes) => {
if (!proxyRes.statusCode) {
ui.writeError("Safe-chain: Proxy response missing status code");
res.writeHead(500);
res.end("Internal Server Error");
return;
}
res.writeHead(proxyRes.statusCode, proxyRes.headers);
proxyRes.pipe(res);
proxyRes.on("error", () => {
// Proxy response stream error
// Clean up client response stream
if (res.writable) {
res.end();
}
});
proxyRes.on("close", () => {
// Clean up if the proxy response stream closes
if (res.writable) {
res.end();
}
});
}
)
.on("error", (err) => {
if (!res.headersSent) {
res.writeHead(502);
res.end(`Bad Gateway: ${err.message}`);
} else {
// Headers already sent, just destroy the response
res.destroy();
}
});
req.on("error", () => {
// Client request stream error
// Abort the proxy request
proxyRequest.destroy();
});
res.on("error", () => {
// Client response stream error (client disconnected)
// Clean up proxy streams
proxyRequest.destroy();
});
res.on("close", () => {
// Client disconnected
// Abort the proxy request to avoid unnecessary work
proxyRequest.destroy();
});
req.pipe(proxyRequest);
}

351
packages/safe-chain/src/registryProxy/registryProxy.connect-tunnel.spec.js Normal file
View file

@ -0,0 +1,351 @@
import { before, after, describe, it, mock } from "node:test";
import assert from "node:assert";
import net from "net";
import tls from "tls";
// Mock isImdsEndpoint BEFORE any other imports that might use it
// This allows us to use TEST-NET-1 (192.0.2.1) as a test IMDS endpoint
mock.module("./isImdsEndpoint.js", {
namedExports: {
isImdsEndpoint: (host) => {
// 192.0.2.1 is TEST-NET-1, reserved for testing (RFC 5737)
if (host === "192.0.2.1") return true;
// Real IMDS endpoints
return [
"metadata.google.internal",
"metadata.goog",
"169.254.169.254",
].includes(host);
},
},
});
// Use dynamic import AFTER mocking to ensure mock is applied
const { createSafeChainProxy, mergeSafeChainProxyEnvironmentVariables } =
await import("./registryProxy.js");
describe("registryProxy.connectTunnel", () => {
let proxy, proxyHost, proxyPort;
before(async () => {
proxy = createSafeChainProxy();
await proxy.startServer();
const envVars = mergeSafeChainProxyEnvironmentVariables([]);
const proxyUrl = new URL(envVars.HTTPS_PROXY);
proxyHost = proxyUrl.hostname;
proxyPort = parseInt(proxyUrl.port, 10);
});
after(async () => {
await proxy.stopServer();
});
it("should establish a tunnel for HTTP connect", async () => {
const socket = await connectToProxy(proxyHost, proxyPort);
const tunnelResponse = await establishHttpsTunnel(
socket,
"postman-echo.com",
443
);
assert.ok(tunnelResponse.includes("HTTP/1.1 200 Connection Established"));
socket.destroy();
});
it("should send HTTPS request through the established tunnel", async () => {
const socket = await connectToProxy(proxyHost, proxyPort);
await establishHttpsTunnel(socket, "postman-echo.com", 443);
const httpsResponse = await sendHttpsRequestThroughTunnel(
socket,
"GET",
new URL("https://postman-echo.com/status/200")
);
assert.ok(httpsResponse.includes("HTTP/1.1 200 OK"));
socket.destroy();
});
it("should use destination's real certificate (not safe-chain's self-signed CA)", async () => {
const socket = await connectToProxy(proxyHost, proxyPort);
await establishHttpsTunnel(socket, "postman-echo.com", 443);
// Verifies that tunnel requests pass through the destination's real certificate
// without interception by the safe-chain MITM proxy.
const certInfo = await getTlsCertificateInfo(
socket,
new URL("https://postman-echo.com")
);
// Verify the certificate is NOT issued by our safe-chain CA
// Our self-signed CA would have issuer: "Safe-Chain Proxy CA"
assert.ok(
certInfo.issuer !== undefined,
"Certificate should have an issuer"
);
assert.ok(
!certInfo.issuer.includes("Safe-Chain"),
`Tunnel should use destination's real certificate, not safe-chain CA. Issuer: ${certInfo.issuer}`
);
// Verify it's a real certificate with proper hostname
assert.strictEqual(
certInfo.subject.includes("postman-echo.com"),
true,
`Certificate subject should include postman-echo.com, got: ${certInfo.subject}`
);
socket.destroy();
});
describe("Error Handling", () => {
it("should return 502 Bad Gateway for invalid hostname", async () => {
const socket = await connectToProxy(proxyHost, proxyPort);
const connectRequest = `CONNECT invalid.hostname.that.does.not.exist:443 HTTP/1.1\r\nHost: invalid.hostname.that.does.not.exist:443\r\n\r\n`;
socket.write(connectRequest);
let responseData = "";
await new Promise((resolve) => {
socket.once("data", (data) => {
responseData += data.toString();
resolve();
});
});
assert.ok(responseData.includes("HTTP/1.1 502 Bad Gateway"));
socket.destroy();
});
it("should handle client disconnect during tunnel establishment", async () => {
const socket = await connectToProxy(proxyHost, proxyPort);
const connectRequest = `CONNECT postman-echo.com:443 HTTP/1.1\r\nHost: postman-echo.com:443\r\n\r\n`;
socket.write(connectRequest);
// Immediately destroy the socket before tunnel is fully established
socket.destroy();
// If no crash occurs, the test passes
assert.ok(true);
});
it("should handle socket errors without crashing", async () => {
const socket = await connectToProxy(proxyHost, proxyPort);
socket.on("error", () => {
// Error handler is set to prevent crashes
});
const connectRequest = `CONNECT postman-echo.com:443 HTTP/1.1\r\nHost: postman-echo.com:443\r\n\r\n`;
socket.write(connectRequest);
// Force an error by destroying the socket
socket.destroy();
// Wait a bit to ensure error handling completes
await new Promise((resolve) => setTimeout(resolve, 100));
// Test passes if no unhandled error crashes the process
assert.ok(true);
});
});
describe("Connection Timeout", () => {
it("should timeout quickly when connecting to IMDS endpoint (3s)", async () => {
// We need to make sure we're not running behind an existing safe-chain installation to allow this test to work
const https_proxy = process.env.HTTPS_PROXY;
delete process.env.HTTPS_PROXY;
const socket = await connectToProxy(proxyHost, proxyPort);
const startTime = Date.now();
// 192.0.2.1 is TEST-NET-1 (RFC 5737), guaranteed to never route
const connectRequest = `CONNECT 192.0.2.1:443 HTTP/1.1\r\nHost: 192.0.2.1:443\r\n\r\n`;
socket.write(connectRequest);
let responseData = "";
await new Promise((resolve) => {
socket.once("data", (data) => {
responseData += data.toString();
resolve();
});
});
const duration = Date.now() - startTime;
// Should return 502 Bad Gateway
assert.ok(
responseData.includes("HTTP/1.1 502 Bad Gateway"),
"Should return 502 for timeout"
);
// Should timeout around 3 seconds for IMDS endpoints (allow some margin)
assert.ok(
duration >= 2800 && duration < 5000,
`IMDS timeout should be ~3s, got ${duration}ms`
);
socket.destroy();
if (https_proxy) {
process.env.HTTPS_PROXY = https_proxy;
}
});
it("should cache timed-out endpoints and fail immediately on retry", async () => {
// We need to make sure we're not running behind an existing safe-chain installation to allow this test to work
const https_proxy = process.env.HTTPS_PROXY;
delete process.env.HTTPS_PROXY;
// First connection - will timeout
const socket1 = await connectToProxy(proxyHost, proxyPort);
const connectRequest = `CONNECT 192.0.2.1:80 HTTP/1.1\r\nHost: 192.0.2.1:80\r\n\r\n`;
socket1.write(connectRequest);
await new Promise((resolve) => {
socket1.once("data", () => resolve());
});
socket1.destroy();
// Second connection - should fail immediately (cached)
const socket2 = await connectToProxy(proxyHost, proxyPort);
const startTime = Date.now();
socket2.write(connectRequest);
let responseData = "";
await new Promise((resolve) => {
socket2.once("data", (data) => {
responseData += data.toString();
resolve();
});
});
const duration = Date.now() - startTime;
// Should return 502 immediately (cached timeout)
assert.ok(
responseData.includes("HTTP/1.1 502 Bad Gateway"),
"Should return 502 for cached timeout"
);
// Should be nearly instant (< 100ms) since it's cached
assert.ok(
duration < 100,
`Cached timeout should be instant, got ${duration}ms`
);
socket2.destroy();
if (https_proxy) {
process.env.HTTPS_PROXY = https_proxy;
}
});
});
});
function connectToProxy(host, port) {
return new Promise((resolve, reject) => {
const socket = net.connect({ host, port }, () => {
resolve(socket);
});
socket.on("error", (err) => {
reject(err);
});
});
}
function establishHttpsTunnel(socket, targetHost, targetPort) {
return new Promise((resolve, reject) => {
const connectRequest = `CONNECT ${targetHost}:${targetPort} HTTP/1.1\r\nHost: ${targetHost}:${targetPort}\r\n\r\n`;
socket.write(connectRequest);
let responseData = "";
const onData = (data) => {
responseData += data.toString();
if (responseData.includes("\r\n\r\n")) {
socket.removeListener("data", onData);
socket.removeListener("error", onError);
resolve(responseData);
}
};
const onError = (err) => {
socket.removeListener("data", onData);
socket.removeListener("error", onError);
reject(err);
};
socket.on("data", onData);
socket.on("error", onError);
});
}
function sendHttpsRequestThroughTunnel(
socket,
verb,
url,
rejectUnauthorized = false
) {
return new Promise((resolve, reject) => {
const tlsSocket = tls.connect(
{
socket: socket,
servername: url.hostname,
// Tests should focus on tunnel behavior, not system CA state;
// disable CA verification to avoid flakiness on machines without full roots.
rejectUnauthorized: rejectUnauthorized,
},
() => {
tlsSocket.write(
`${verb} ${url.pathname} HTTP/1.1\r\nHost: ${url.hostname}\r\nConnection: close\r\n\r\n`
);
}
);
let tlsData = "";
tlsSocket.on("data", (data) => {
tlsData += data.toString();
});
tlsSocket.on("end", () => {
resolve(tlsData);
});
tlsSocket.on("error", (err) => {
reject(err);
});
});
}
function getTlsCertificateInfo(socket, url) {
return new Promise((resolve, reject) => {
const tlsSocket = tls.connect(
{
socket: socket,
servername: url.hostname,
// Don't reject unauthorized to avoid system CA issues in CI
// We just want to inspect the certificate
rejectUnauthorized: false,
},
() => {
const cert = tlsSocket.getPeerCertificate();
// Extract issuer and subject information
const issuer = cert.issuer
? Object.entries(cert.issuer)
.map(([k, v]) => `${k}=${v}`)
.join(", ")
: "unknown";
const subject = cert.subject
? Object.entries(cert.subject)
.map(([k, v]) => `${k}=${v}`)
.join(", ")
: "unknown";
tlsSocket.end();
resolve({ issuer, subject });
}
);
tlsSocket.on("error", (err) => {
reject(err);
});
});
}

225
packages/safe-chain/src/registryProxy/registryProxy.http-proxy.spec.js Normal file
View file

@ -0,0 +1,225 @@
import { before, after, describe, it } from "node:test";
import assert from "node:assert";
import http from "http";
import {
createSafeChainProxy,
mergeSafeChainProxyEnvironmentVariables,
} from "./registryProxy.js";
describe("registryProxy.httpProxy", () => {
let proxy, proxyHost, proxyPort;
let testHttpServer, testHttpServerPort;
before(async () => {
// Start safe-chain proxy
proxy = createSafeChainProxy();
await proxy.startServer();
const envVars = mergeSafeChainProxyEnvironmentVariables([]);
const proxyUrl = new URL(envVars.HTTPS_PROXY);
proxyHost = proxyUrl.hostname;
proxyPort = parseInt(proxyUrl.port, 10);
// Start a test HTTP server to forward requests to
testHttpServer = http.createServer((req, res) => {
if (req.url === "/test") {
res.writeHead(200, { "Content-Type": "text/plain" });
res.end("HTTP test response");
} else if (req.url === "/echo-headers") {
res.writeHead(200, { "Content-Type": "application/json" });
res.end(JSON.stringify(req.headers));
} else if (req.url === "/echo-method") {
res.writeHead(200, { "Content-Type": "text/plain" });
res.end(req.method);
} else if (req.url === "/post-echo") {
let body = "";
req.on("data", (chunk) => {
body += chunk.toString();
});
req.on("end", () => {
res.writeHead(200, { "Content-Type": "text/plain" });
res.end(body);
});
} else if (req.url === "/404") {
res.writeHead(404, { "Content-Type": "text/plain" });
res.end("Not Found");
} else {
res.writeHead(200, { "Content-Type": "text/plain" });
res.end("OK");
}
});
testHttpServerPort = await new Promise((resolve) => {
testHttpServer.listen(0, () => {
resolve(testHttpServer.address().port);
});
});
});
after(async () => {
await proxy.stopServer();
await new Promise((resolve) => {
testHttpServer.close(() => resolve());
setTimeout(resolve, 1000);
});
});
it("should forward HTTP GET requests", async () => {
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
`http://localhost:${testHttpServerPort}/test`,
"GET"
);
assert.strictEqual(response.statusCode, 200);
assert.strictEqual(response.body, "HTTP test response");
});
it("should forward HTTP POST requests with body", async () => {
const postData = "test post data";
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
`http://localhost:${testHttpServerPort}/post-echo`,
"POST",
postData
);
assert.strictEqual(response.statusCode, 200);
assert.strictEqual(response.body, postData);
});
it("should preserve request headers", async () => {
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
`http://localhost:${testHttpServerPort}/echo-headers`,
"GET",
null,
{
"X-Custom-Header": "test-value",
"User-Agent": "test-agent/1.0",
}
);
assert.strictEqual(response.statusCode, 200);
const headers = JSON.parse(response.body);
assert.strictEqual(headers["x-custom-header"], "test-value");
assert.strictEqual(headers["user-agent"], "test-agent/1.0");
});
it("should preserve HTTP methods", async () => {
const methods = ["GET", "POST", "PUT", "DELETE"];
for (const method of methods) {
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
`http://localhost:${testHttpServerPort}/echo-method`,
method
);
assert.strictEqual(response.statusCode, 200);
assert.strictEqual(response.body, method);
}
});
it("should forward 404 responses correctly", async () => {
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
`http://localhost:${testHttpServerPort}/404`,
"GET"
);
assert.strictEqual(response.statusCode, 404);
assert.strictEqual(response.body, "Not Found");
});
it("should handle invalid host with 502 Bad Gateway", async () => {
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
"http://invalid-host-that-does-not-exist.test:9999/test",
"GET"
);
assert.strictEqual(response.statusCode, 502);
assert.ok(response.body.includes("Bad Gateway"));
});
it("should handle HTTPS URLs sent to HTTP proxy", async () => {
// Some clients incorrectly send https:// URLs to the HTTP proxy handler
// instead of using CONNECT. The proxy should handle this gracefully.
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
"https://registry.npmjs.org/lodash",
"GET"
);
// Should successfully forward the HTTPS request
assert.strictEqual(response.statusCode, 200);
assert.ok(response.body.includes("lodash"));
});
it("should handle unsupported protocols with 502", async () => {
const response = await makeHttpProxyRequest(
proxyHost,
proxyPort,
"ftp://example.com/file.txt",
"GET"
);
assert.strictEqual(response.statusCode, 502);
assert.ok(response.body.includes("Unsupported protocol"));
});
});
function makeHttpProxyRequest(
proxyHost,
proxyPort,
targetUrl,
method = "GET",
body = null,
extraHeaders = {}
) {
return new Promise((resolve, reject) => {
const options = {
hostname: proxyHost,
port: proxyPort,
path: targetUrl,
method: method,
headers: {
Host: new URL(targetUrl).host,
...extraHeaders,
},
};
const req = http.request(options, (res) => {
let responseBody = "";
res.on("data", (chunk) => {
responseBody += chunk.toString();
});
res.on("end", () => {
resolve({
statusCode: res.statusCode,
headers: res.headers,
body: responseBody,
});
});
});
req.on("error", (err) => {
reject(err);
});
if (body) {
req.write(body);
}
req.end();
});
}

92
packages/safe-chain/src/registryProxy/registryProxy.js
View file

@ -1,13 +1,17 @@
import * as http from "http";
import { tunnelRequest } from "./tunnelRequestHandler.js";
import { mitmConnect } from "./mitmRequestHandler.js";
import { handleHttpProxyRequest } from "./plainHttpProxy.js";
import { getCaCertPath } from "./certUtils.js";
import { auditChanges } from "../scanning/audit/index.js";
import { knownRegistries, parsePackageFromUrl } from "./parsePackageFromUrl.js";
import { ui } from "../environment/userInteraction.js";
import chalk from "chalk";
import { createInterceptorForUrl } from "./interceptors/createInterceptorForEcoSystem.js";
import { getHasSuppressedVersions } from "./interceptors/npm/modifyNpmInfo.js";
const SERVER_STOP_TIMEOUT_MS = 1000;
/**
* @type {{port: number | null, blockedRequests: {packageName: string, version: string, url: string}[]}}
*/
const state = {
port: null,
blockedRequests: [],
@ -15,15 +19,18 @@ const state = {
export function createSafeChainProxy() {
const server = createProxyServer();
server.on("connect", handleConnect);
return {
startServer: () => startServer(server),
stopServer: () => stopServer(server),
verifyNoMaliciousPackages,
hasSuppressedVersions: getHasSuppressedVersions,
};
}
/**
* @returns {Record<string, string>}
*/
function getSafeChainProxyEnvironmentVariables() {
if (!state.port) {
return {};
@ -36,6 +43,11 @@ function getSafeChainProxyEnvironmentVariables() {
};
}
/**
* @param {Record<string, string | undefined>} env
*
* @returns {Record<string, string>}
*/
export function mergeSafeChainProxyEnvironmentVariables(env) {
const proxyEnv = getSafeChainProxyEnvironmentVariables();
@ -45,7 +57,7 @@ export function mergeSafeChainProxyEnvironmentVariables(env) {
// So we only copy the variable if it's not already set in a different case
const upperKey = key.toUpperCase();
if (!proxyEnv[upperKey]) {
if (!proxyEnv[upperKey] && env[key]) {
proxyEnv[key] = env[key];
}
}
@ -54,17 +66,24 @@ export function mergeSafeChainProxyEnvironmentVariables(env) {
}
function createProxyServer() {
const server = http.createServer((_, res) => {
res.writeHead(400, "Bad Request");
res.write(
"Safe-chain proxy: Direct http not supported. Only CONNECT requests are allowed."
const server = http.createServer(
// This handles direct HTTP requests (non-CONNECT requests)
// This is normally http-only traffic, but we also handle
// https for clients that don't properly use CONNECT
handleHttpProxyRequest
);
res.end();
});
// This handles HTTPS requests via the CONNECT method
server.on("connect", handleConnect);
return server;
}
/**
* @param {import("http").Server} server
*
* @returns {Promise<void>}
*/
function startServer(server) {
return new Promise((resolve, reject) => {
// Passing port 0 makes the OS assign an available port
@ -84,6 +103,11 @@ function startServer(server) {
});
}
/**
* @param {import("http").Server} server
*
* @returns {Promise<void>}
*/
function stopServer(server) {
return new Promise((resolve) => {
try {
@ -97,39 +121,41 @@ function stopServer(server) {
});
}
/**
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} clientSocket
* @param {Buffer} head
*
* @returns {void}
*/
function handleConnect(req, clientSocket, head) {
// CONNECT method is used for HTTPS requests
// It establishes a tunnel to the server identified by the request URL
if (knownRegistries.some((reg) => req.url.includes(reg))) {
// For npm and yarn registries, we want to intercept and inspect the traffic
// so we can block packages with malware
mitmConnect(req, clientSocket, isAllowedUrl);
const interceptor = createInterceptorForUrl(req.url || "");
if (interceptor) {
// Subscribe to malware blocked events
interceptor.on("malwareBlocked", (event) => {
onMalwareBlocked(event.packageName, event.version, event.url);
});
mitmConnect(req, clientSocket, interceptor);
} else {
// For other hosts, just tunnel the request to the destination tcp socket
ui.writeVerbose(`Safe-chain: Tunneling request to ${req.url}`);
tunnelRequest(req, clientSocket, head);
}
}
async function isAllowedUrl(url) {
const { packageName, version } = parsePackageFromUrl(url);
// packageName and version are undefined when the URL is not a package download
// In that case, we can allow the request to proceed
if (!packageName || !version) {
return true;
}
const auditResult = await auditChanges([
{ name: packageName, version, type: "add" },
]);
if (!auditResult.isAllowed) {
/**
*
* @param {string} packageName
* @param {string} version
* @param {string} url
*/
function onMalwareBlocked(packageName, version, url) {
state.blockedRequests.push({ packageName, version, url });
return false;
}
return true;
}
function verifyNoMaliciousPackages() {
@ -151,7 +177,7 @@ function verifyNoMaliciousPackages() {
}
ui.emptyLine();
ui.writeError("Exiting without installing malicious packages.");
ui.writeExitWithoutInstallingMaliciousPackages();
ui.emptyLine();
return false;

324
packages/safe-chain/src/registryProxy/registryProxy.mitm.spec.js Normal file
View file

@ -0,0 +1,324 @@
import { before, after, describe, it } from "node:test";
import assert from "node:assert";
import net from "net";
import tls from "tls";
import {
createSafeChainProxy,
mergeSafeChainProxyEnvironmentVariables,
} from "./registryProxy.js";
import { getCaCertPath } from "./certUtils.js";
import { setEcoSystem, ECOSYSTEM_JS, ECOSYSTEM_PY } from "../config/settings.js";
import fs from "fs";
describe("registryProxy.mitm", () => {
let proxy, proxyHost, proxyPort;
before(async () => {
proxy = createSafeChainProxy();
await proxy.startServer();
const envVars = mergeSafeChainProxyEnvironmentVariables([]);
const proxyUrl = new URL(envVars.HTTPS_PROXY);
proxyHost = proxyUrl.hostname;
proxyPort = parseInt(proxyUrl.port, 10);
// Default to JS ecosystem for JS registry tests
setEcoSystem(ECOSYSTEM_JS);
});
after(async () => {
await proxy.stopServer();
});
it("should intercept HTTPS requests to npm registry", async () => {
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/lodash"
);
assert.strictEqual(response.statusCode, 200);
assert.ok(response.body.includes("lodash"));
});
it("should allow non-malicious package downloads", async () => {
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/lodash/-/lodash-4.17.21.tgz"
);
// Should get a response (200 or redirect, but not 403 blocked)
assert.notStrictEqual(response.statusCode, 403);
});
it("should handle 404 responses correctly", async () => {
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/this-package-definitely-does-not-exist-12345"
);
assert.strictEqual(response.statusCode, 404);
});
it("should handle query parameters in URL", async () => {
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/lodash?write=true"
);
assert.strictEqual(response.statusCode, 200);
});
it("should generate valid certificates for yarn registry", async () => {
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"registry.yarnpkg.com",
"/lodash"
);
assert.strictEqual(response.statusCode, 200);
});
it("should generate certificate with correct hostname in CN", async () => {
const { cert } = await makeRegistryRequestAndGetCert(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/lodash"
);
// Check certificate common name matches the target hostname
assert.strictEqual(cert.subject.CN, "registry.npmjs.org");
// Check Subject Alternative Name includes the hostname
const san = cert.subjectaltname;
assert.ok(san.includes("registry.npmjs.org"));
// Check certificate is issued by safe-chain CA
assert.strictEqual(cert.issuer.CN, "safe-chain proxy");
});
it("should generate different certificates for different hostnames", async () => {
const { cert: cert1 } = await makeRegistryRequestAndGetCert(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/lodash"
);
const { cert: cert2 } = await makeRegistryRequestAndGetCert(
proxyHost,
proxyPort,
"registry.yarnpkg.com",
"/lodash"
);
// Different hostnames should have different certificates
assert.notStrictEqual(cert1.fingerprint, cert2.fingerprint);
assert.strictEqual(cert1.subject.CN, "registry.npmjs.org");
assert.strictEqual(cert2.subject.CN, "registry.yarnpkg.com");
});
it("should cache generated certificates for same hostname", async () => {
const { cert: cert1 } = await makeRegistryRequestAndGetCert(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/lodash"
);
const { cert: cert2 } = await makeRegistryRequestAndGetCert(
proxyHost,
proxyPort,
"registry.npmjs.org",
"/package/lodash"
);
// Same hostname should get the same certificate (fingerprint)
assert.strictEqual(cert1.fingerprint, cert2.fingerprint);
});
// --- Pip registry MITM and env var tests ---
it("should NOT set Python CA environment variables in proxy merge (handled by runPipCommand)", () => {
const envVars = mergeSafeChainProxyEnvironmentVariables([]);
assert.strictEqual(envVars.PIP_CERT, undefined);
assert.strictEqual(envVars.REQUESTS_CA_BUNDLE, undefined);
assert.strictEqual(envVars.SSL_CERT_FILE, undefined);
});
it("should intercept HTTPS requests to pypi.org for pip package", async () => {
// Switch to Python ecosystem for pip registry MITM tests
setEcoSystem(ECOSYSTEM_PY);
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"pypi.org",
"/packages/source/f/foo_bar/foo_bar-2.0.0.tar.gz"
);
assert.notStrictEqual(response.statusCode, 403);
assert.ok(typeof response.body === "string");
});
it("should intercept HTTPS requests to files.pythonhosted.org for pip wheel", async () => {
// Ensure Python ecosystem
setEcoSystem(ECOSYSTEM_PY);
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"files.pythonhosted.org",
"/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl"
);
assert.notStrictEqual(response.statusCode, 403);
assert.ok(typeof response.body === "string");
});
it("should handle pip package with a1 version", async () => {
// Ensure Python ecosystem
setEcoSystem(ECOSYSTEM_PY);
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"pypi.org",
"/packages/source/f/foo_bar/foo_bar-2.0.0a1.tar.gz"
);
assert.notStrictEqual(response.statusCode, 403);
assert.ok(typeof response.body === "string");
});
it("should handle pip package with latest version (should not block)", async () => {
// Ensure Python ecosystem
setEcoSystem(ECOSYSTEM_PY);
const response = await makeRegistryRequest(
proxyHost,
proxyPort,
"pypi.org",
"/packages/source/f/foo_bar/foo_bar-latest.tar.gz"
);
assert.notStrictEqual(response.statusCode, 403);
assert.ok(typeof response.body === "string");
});
});
async function makeRegistryRequest(proxyHost, proxyPort, targetHost, path) {
// Step 1: Connect to proxy
const socket = await new Promise((resolve, reject) => {
const sock = net.connect({ host: proxyHost, port: proxyPort }, () => {
resolve(sock);
});
sock.on("error", reject);
});
// Step 2: Send CONNECT request
await new Promise((resolve) => {
const connectRequest = `CONNECT ${targetHost}:443 HTTP/1.1\r\nHost: ${targetHost}:443\r\n\r\n`;
socket.write(connectRequest);
socket.once("data", resolve);
});
// Step 3: Upgrade to TLS using the proxy's CA cert
const tlsSocket = tls.connect({
socket: socket,
servername: targetHost,
ca: fs.readFileSync(getCaCertPath()),
rejectUnauthorized: true,
});
await new Promise((resolve) => {
tlsSocket.on("secureConnect", resolve);
});
// Step 4: Send HTTP request over TLS
const httpRequest = `GET ${path} HTTP/1.1\r\nHost: ${targetHost}\r\nConnection: close\r\n\r\n`;
tlsSocket.write(httpRequest);
// Step 5: Read response
return new Promise((resolve, reject) => {
let data = "";
tlsSocket.on("data", (chunk) => {
data += chunk.toString();
});
tlsSocket.on("end", () => {
const lines = data.split("\r\n");
const statusLine = lines[0];
const statusCode = parseInt(statusLine.split(" ")[1]);
// Find body after empty line
const emptyLineIndex = lines.findIndex(line => line === "");
const body = lines.slice(emptyLineIndex + 1).join("\r\n");
resolve({ statusCode, body });
});
tlsSocket.on("error", reject);
});
}
async function makeRegistryRequestAndGetCert(proxyHost, proxyPort, targetHost, path) {
// Step 1: Connect to proxy
const socket = await new Promise((resolve, reject) => {
const sock = net.connect({ host: proxyHost, port: proxyPort }, () => {
resolve(sock);
});
sock.on("error", reject);
});
// Step 2: Send CONNECT request
await new Promise((resolve) => {
const connectRequest = `CONNECT ${targetHost}:443 HTTP/1.1\r\nHost: ${targetHost}:443\r\n\r\n`;
socket.write(connectRequest);
socket.once("data", resolve);
});
// Step 3: Upgrade to TLS and capture certificate
const tlsSocket = tls.connect({
socket: socket,
servername: targetHost,
ca: fs.readFileSync(getCaCertPath()),
rejectUnauthorized: true,
});
let peerCert;
await new Promise((resolve) => {
tlsSocket.on("secureConnect", () => {
peerCert = tlsSocket.getPeerCertificate();
resolve();
});
});
// Step 4: Send HTTP request over TLS
const httpRequest = `GET ${path} HTTP/1.1\r\nHost: ${targetHost}\r\nConnection: close\r\n\r\n`;
tlsSocket.write(httpRequest);
// Step 5: Read response
const response = await new Promise((resolve, reject) => {
let data = "";
tlsSocket.on("data", (chunk) => {
data += chunk.toString();
});
tlsSocket.on("end", () => {
const lines = data.split("\r\n");
const statusLine = lines[0];
const statusCode = parseInt(statusLine.split(" ")[1]);
// Find body after empty line
const emptyLineIndex = lines.findIndex(line => line === "");
const body = lines.slice(emptyLineIndex + 1).join("\r\n");
resolve({ statusCode, body });
});
tlsSocket.on("error", reject);
});
return { cert: peerCert, response };
}

105
packages/safe-chain/src/registryProxy/tunnelRequestHandler.js
View file

@ -1,6 +1,17 @@
import * as net from "net";
import { ui } from "../environment/userInteraction.js";
import { isImdsEndpoint } from "./isImdsEndpoint.js";
/** @type {string[]} */
let timedoutEndpoints = [];
/**
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} clientSocket
* @param {Buffer} head
*
* @returns {void}
*/
export function tunnelRequest(req, clientSocket, head) {
const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
@ -21,26 +32,97 @@ export function tunnelRequest(req, clientSocket, head) {
}
}
/**
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} clientSocket
* @param {Buffer} head
*
* @returns {void}
*/
function tunnelRequestToDestination(req, clientSocket, head) {
const { port, hostname } = new URL(`http://${req.url}`);
const isImds = isImdsEndpoint(hostname);
const serverSocket = net.connect(port || 443, hostname, () => {
if (timedoutEndpoints.includes(hostname)) {
clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
if (isImds) {
ui.writeVerbose(
`Safe-chain: Closing connection because previously timedout connect to ${hostname}`
);
} else {
ui.writeError(
`Safe-chain: Closing connection because previously timedout connect to ${hostname}`
);
}
return;
}
const serverSocket = net.connect(
Number.parseInt(port) || 443,
hostname,
() => {
clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
serverSocket.write(head);
serverSocket.pipe(clientSocket);
clientSocket.pipe(serverSocket);
}
);
// Set explicit connection timeout to avoid waiting for OS default (~2 minutes).
// IMDS endpoints get shorter timeout (3s) since they're commonly unreachable outside cloud environments.
const connectTimeout = getConnectTimeout(hostname);
serverSocket.setTimeout(connectTimeout);
serverSocket.on("timeout", () => {
timedoutEndpoints.push(hostname);
// Suppress error logging for IMDS endpoints - timeouts are expected when not in cloud
if (isImds) {
ui.writeVerbose(
`Safe-chain: connect to ${hostname}:${
port || 443
} timed out after ${connectTimeout}ms`
);
} else {
ui.writeError(
`Safe-chain: connect to ${hostname}:${
port || 443
} timed out after ${connectTimeout}ms`
);
}
serverSocket.destroy(); // Clean up socket to prevent event loop hanging
clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
});
clientSocket.on("error", () => {
// This can happen if the client TCP socket sends RST instead of FIN.
// Not subscribing to 'error' event will cause node to throw and crash.
if (serverSocket.writable) {
serverSocket.end();
}
});
serverSocket.on("error", (err) => {
if (isImds) {
ui.writeVerbose(
`Safe-chain: error connecting to ${hostname}:${port} - ${err.message}`
);
} else {
ui.writeError(
`Safe-chain: error connecting to ${hostname}:${port} - ${err.message}`
);
}
if (clientSocket.writable) {
clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
}
});
}
/**
* @param {import("http").IncomingMessage} req
* @param {import("http").ServerResponse} clientSocket
* @param {Buffer} head
* @param {string} proxyUrl
*/
function tunnelRequestViaProxy(req, clientSocket, head, proxyUrl) {
const { port, hostname } = new URL(`http://${req.url}`);
const proxy = new URL(proxyUrl);
@ -48,7 +130,7 @@ function tunnelRequestViaProxy(req, clientSocket, head, proxyUrl) {
// Connect to proxy server
const proxySocket = net.connect({
host: proxy.hostname,
port: proxy.port,
port: Number.parseInt(proxy.port) || 80,
});
proxySocket.on("connect", () => {
@ -97,6 +179,13 @@ function tunnelRequestViaProxy(req, clientSocket, head, proxyUrl) {
if (clientSocket.writable) {
clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
}
} else {
ui.writeError(
`Safe-chain: proxy socket error after connection - ${err.message}`
);
if (clientSocket.writable) {
clientSocket.end();
}
}
});
@ -106,3 +195,15 @@ function tunnelRequestViaProxy(req, clientSocket, head, proxyUrl) {
}
});
}
/**
* Returns appropriate connection timeout for a host.
* - IMDS endpoints: 3s (fail fast when outside cloud, reduce 5min delay to ~20s)
* - Other endpoints: 30s (allow for slow networks while preventing indefinite hangs)
*/
function getConnectTimeout(/** @type {string} */ host) {
if (isImdsEndpoint(host)) {
return 3000;
}
return 30000;
}

Some files were not shown because too many files have changed in this diff Show more