diff --git a/.github/workflows/build-and-release.yml b/.github/workflows/build-and-release.yml index 2c1a423..95a6c91 100644 --- a/.github/workflows/build-and-release.yml +++ b/.github/workflows/build-and-release.yml @@ -7,10 +7,28 @@ on: permissions: id-token: write - contents: read + contents: write jobs: + set-version: + runs-on: ubuntu-latest + outputs: + version: ${{ steps.get_version.outputs.tag }} + steps: + - name: Set version number + id: get_version + run: | + version="${{ github.ref_name }}" + echo "tag=$version" >> $GITHUB_OUTPUT + + create-binaries: + needs: set-version + uses: ./.github/workflows/create-artifact.yml + with: + version: ${{ needs.set-version.outputs.version }} + build: + needs: [set-version, create-binaries] runs-on: ubuntu-latest steps: @@ -30,14 +48,8 @@ jobs: npm i -g @aikidosec/safe-chain safe-chain setup-ci - - name: Set version number - id: get_version - run: | - version="${{ github.ref_name }}" - echo "tag=$version" >> $GITHUB_OUTPUT - - name: Set the version in safe-chain package - run: npm --no-git-tag-version version ${{ steps.get_version.outputs.tag }} --workspace=packages/safe-chain + run: npm --no-git-tag-version version ${{ needs.set-version.outputs.version }} --workspace=packages/safe-chain - name: Install dependencies run: npm ci @@ -55,3 +67,31 @@ jobs: run: | echo "Publishing version ${{ steps.get_version.outputs.tag }} to NPM" npm publish --workspace=packages/safe-chain --access public --provenance + + - name: Download all binary artifacts + uses: actions/download-artifact@v4 + with: + path: binaries/ + pattern: safe-chain-* + merge-multiple: false + + - name: Rename binaries to include platform and architecture + run: | + mv binaries/safe-chain-macos-x64/safe-chain binaries/safe-chain-macos-x64/safe-chain-macos-x64 + mv binaries/safe-chain-macos-arm64/safe-chain binaries/safe-chain-macos-arm64/safe-chain-macos-arm64 + mv binaries/safe-chain-linux-x64/safe-chain binaries/safe-chain-linux-x64/safe-chain-linux-x64 + mv binaries/safe-chain-linux-arm64/safe-chain binaries/safe-chain-linux-arm64/safe-chain-linux-arm64 + mv binaries/safe-chain-win-x64/safe-chain.exe binaries/safe-chain-win-x64/safe-chain-win-x64.exe + mv binaries/safe-chain-win-arm64/safe-chain.exe binaries/safe-chain-win-arm64/safe-chain-win-arm64.exe + + - name: Upload binaries to existing GitHub Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh release upload ${{ needs.set-version.outputs.version }} \ + binaries/safe-chain-macos-x64/* \ + binaries/safe-chain-macos-arm64/* \ + binaries/safe-chain-linux-x64/* \ + binaries/safe-chain-linux-arm64/* \ + binaries/safe-chain-win-x64/* \ + binaries/safe-chain-win-arm64/* diff --git a/.github/workflows/create-artifact.yml b/.github/workflows/create-artifact.yml new file mode 100644 index 0000000..ad43a9d --- /dev/null +++ b/.github/workflows/create-artifact.yml @@ -0,0 +1,82 @@ +name: Create binaries + +on: + pull_request: + workflow_call: + inputs: + version: + description: 'Version to set in package.json' + required: false + type: string + +jobs: + create-binaries: + name: Create binary for ${{ matrix.os }}-${{ matrix.arch }} + + runs-on: ${{ matrix.runner }} + + strategy: + fail-fast: false + matrix: + include: + - os: macos + arch: x64 + runner: macos-15-intel + target: node20-macos-x64 + extension: "" + - os: macos + arch: arm64 + runner: macos-latest + target: node20-macos-arm64 + extension: "" + - os: linux + arch: x64 + runner: ubuntu-latest + target: node20-linux-x64 + extension: "" + - os: linux + arch: arm64 + runner: ubuntu-24.04-arm + target: node20-linux-arm64 + extension: "" + - os: win + arch: x64 + runner: windows-latest + target: node20-win-x64 + extension: ".exe" + - os: win + arch: arm64 + runner: windows-11-arm + target: node20-win-arm64 + extension: ".exe" + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + node-version: "20.x" + + - name: Setup safe-chain + run: | + npm i -g @aikidosec/safe-chain + safe-chain setup-ci + + - name: Set the version in safe-chain package + if: inputs.version != '' + run: npm --no-git-tag-version version ${{ inputs.version }} --workspace=packages/safe-chain + + - name: Install dependencies + run: npm ci --ignore-scripts + + - name: Create binary + run: | + node build.js ${{ matrix.target }} + + - name: Upload binary artifact + uses: actions/upload-artifact@v4 + with: + name: safe-chain-${{ matrix.os }}-${{ matrix.arch }} + path: dist/* diff --git a/.gitignore b/.gitignore index acae695..920883f 100644 --- a/.gitignore +++ b/.gitignore @@ -143,4 +143,11 @@ vite.config.ts.timestamp-* # AI Claude.md .claude -.reference \ No newline at end of file +.reference + +# Build files +build/ +dist/ + +# Jetbrains IDEs +.idea/** diff --git a/README.md b/README.md index 47f0894..6cbb445 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,16 @@ -![Aikido Safe Chain](./docs/banner.svg) +![Aikido Safe Chain](https://raw.githubusercontent.com/AikidoSec/safe-chain/main/docs/banner.svg) # Aikido Safe Chain +[![NPM Version](https://img.shields.io/npm/v/%40aikidosec%2Fsafe-chain?style=flat-square)](https://www.npmjs.com/package/@aikidosec/safe-chain) +[![NPM Downloads](https://img.shields.io/npm/dw/%40aikidosec%2Fsafe-chain?style=flat-square)](https://www.npmjs.com/package/@aikidosec/safe-chain) + - βœ… **Block malware on developer laptops and CI/CD** - βœ… **Supports npm and PyPI** more package managers coming - βœ… **Blocks packages newer than 24 hours** without breaking your build - βœ… **Tokenless, free, no build data shared** -Aikido Safe Chain works on Node.js version 16 and above and supports the following package managers: +Aikido Safe Chain supports the following package managers: - πŸ“¦ **npm** - πŸ“¦ **npx** @@ -24,29 +27,45 @@ Aikido Safe Chain works on Node.js version 16 and above and supports the followi ## Installation -Installing the Aikido Safe Chain is easy. You just need 3 simple steps: +Installing the Aikido Safe Chain is easy with our one-line installer. -1. **Install the Aikido Safe Chain package globally** using npm: - ```shell - npm install -g @aikidosec/safe-chain - ``` -2. **Setup the shell integration** by running: +> ⚠️ **Already installed via npm?** See the [migration guide](https://github.com/AikidoSec/safe-chain/blob/main/docs/npm-to-binary-migration.md) to switch to the binary version. - ```shell - safe-chain setup - ``` +### Unix/Linux/macOS - To enable Python (pip/pip3/uv) support (beta), use the `--include-python` flag: +**Default installation (JavaScript packages only):** - ```shell - safe-chain setup --include-python - ``` +```shell +curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh +``` -3. **❗Restart your terminal** to start using the Aikido Safe Chain. +**Include Python support (pip/pip3/uv):** + +```shell +curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --include-python +``` + +### Windows (PowerShell) + +**Default installation (JavaScript packages only):** + +```powershell +iex (iwr "https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1" -UseBasicParsing) +``` + +**Include Python support (pip/pip3/uv):** + +```powershell +iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1' -UseBasicParsing) } -includepython" +``` + +### Verify the installation + +1. **❗Restart your terminal** to start using the Aikido Safe Chain. - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, bunx, and pip/pip3 are loaded correctly. If you do not restart your terminal, the aliases will not be available. -4. **Verify the installation** by running one of the following commands: +2. **Verify the installation** by running one of the following commands: For JavaScript/Node.js: @@ -54,7 +73,7 @@ Installing the Aikido Safe Chain is easy. You just need 3 simple steps: npm install safe-chain-test ``` - For Python (beta): + For Python (if you enabled Python support): ```shell pip3 install safe-chain-pi-test @@ -92,7 +111,7 @@ The Aikido Safe Chain integrates with your shell to provide a seamless experienc - βœ… **PowerShell** - βœ… **PowerShell Core** -More information about the shell integration can be found in the [shell integration documentation](docs/shell-integration.md). +More information about the shell integration can be found in the [shell integration documentation](https://github.com/AikidoSec/safe-chain/blob/main/docs/shell-integration.md). ## Uninstallation @@ -163,23 +182,37 @@ You can set the minimum package age through multiple sources (in order of priori You can protect your CI/CD pipelines from malicious packages by integrating Aikido Safe Chain into your build process. This ensures that any packages installed during your automated builds are checked for malware before installation. -For optimal protection in CI/CD environments, we recommend using **npm >= 10.4.0** as it provides full dependency tree scanning. Other package managers currently offer limited scanning of install command arguments only. +## Installation for CI/CD -## Setup +Use the `--ci` flag to automatically configure Aikido Safe Chain for CI/CD environments. This sets up executable shims in the PATH instead of shell aliases. -To use Aikido Safe Chain in CI/CD environments, run the following command after installing the package: +### Unix/Linux/macOS (GitHub Actions, Azure Pipelines, etc.) + +**JavaScript only:** ```shell -safe-chain setup-ci +curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci ``` -To enable Python (pip/pip3/uv) support (beta) in CI/CD, use the `--include-python` flag: +**With Python support:** ```shell -safe-chain setup-ci --include-python +curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci --include-python ``` -This automatically configures your CI environment to use Aikido Safe Chain for all package manager commands. +### Windows (Azure Pipelines, etc.) + +**JavaScript only:** + +```powershell +iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1' -UseBasicParsing) } -ci" +``` + +**With Python support:** + +```powershell +iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.ps1' -UseBasicParsing) } -ci -includepython" +``` ## Supported Platforms @@ -195,16 +228,15 @@ This automatically configures your CI environment to use Aikido Safe Chain for a node-version: "22" cache: "npm" -- name: Setup safe-chain - run: | - npm i -g @aikidosec/safe-chain - safe-chain setup-ci +- name: Install safe-chain + run: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci --include-python - name: Install dependencies - run: | - npm ci + run: npm ci ``` +> **Note:** Remove `--include-python` if you don't need Python (pip/pip3/uv) support. + ## Azure DevOps Example ```yaml @@ -213,14 +245,13 @@ This automatically configures your CI environment to use Aikido Safe Chain for a versionSpec: "22.x" displayName: "Install Node.js" -- script: | - npm i -g @aikidosec/safe-chain - safe-chain setup-ci - displayName: "Install safe chain" +- script: curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci --include-python + displayName: "Install safe-chain" -- script: | - npm ci - displayName: "npm install and build" +- script: npm ci + displayName: "Install dependencies" ``` +> **Note:** Remove `--include-python` if you don't need Python (pip/pip3/uv) support. + After setup, all subsequent package manager commands in your CI pipeline will automatically be protected by Aikido Safe Chain's malware detection. diff --git a/build.js b/build.js new file mode 100644 index 0000000..bd046c3 --- /dev/null +++ b/build.js @@ -0,0 +1,135 @@ +import { build } from "esbuild"; +import { mkdir, cp, rm, readFile, writeFile } from "node:fs/promises"; +import { spawn } from "node:child_process"; +import { resolve } from "node:path"; + +const target = process.argv[2]; +if (!target) { + // eslint-disable-next-line no-console + console.error("Usage: node build.js "); + // eslint-disable-next-line no-console + console.error("Example: node build.js node22-macos-arm64"); + process.exit(1); +} + +(async function main() { + const startBuildTime = performance.now(); + + await clearOutputFolder(); + console.log("- Cleared output folder βœ…") + + // Esbuild creates a single safe-chain.cjs with all dependencies included + await bundleSafeChain(); + console.log("- Bundled safe-chain into safe-chain.cjs (es-build) βœ…") + + // Copy assets that need to be included in the binary + // - All shell scripts that are used to setup safe-chain + // - Certifi because it contains static root certs for Python + // - Package.json for its metadata (package name, version, ...) + await copyShellScripts(); + await copyCertifi(); + await copyAndModifyPackageJson(); + console.log("- Copied auxiliary resources (shell, package.json,...) βœ…") + + // Creates a single binary with safe-chain.cjs and the copied assets + await buildSafeChainBinary(target); + console.log(`- Built safe-chain binary for ${target} (pkg) βœ…`) + + + const endBuildTime = performance.now(); + console.log(`🏁 Finished build in ${((endBuildTime - startBuildTime)/1000).toFixed(2)}s`); +})(); + +async function clearOutputFolder() { + await rm("./build", { recursive: true, force: true }); + await mkdir("./build"); +} + +async function bundleSafeChain() { + await build({ + entryPoints: ["./packages/safe-chain/bin/safe-chain.js"], + bundle: true, + platform: "node", + target: "node24", + outfile: "./build/bin/safe-chain.cjs", + external: ["certifi"], + }); + + let bundledContent = await readFile("./build/bin/safe-chain.cjs", "utf-8"); + + await writeFile("./build/bin/safe-chain.cjs", bundledContent); +} + +async function copyShellScripts() { + await mkdir("./build/bin/startup-scripts", { recursive: true }); + await cp( + "./packages/safe-chain/src/shell-integration/startup-scripts/", + "./build/bin/startup-scripts", + { recursive: true } + ); + await mkdir("./build/bin/path-wrappers", { recursive: true }); + await cp( + "./packages/safe-chain/src/shell-integration/path-wrappers/", + "./build/bin/path-wrappers", + { recursive: true } + ); +} + +async function copyCertifi() { + await mkdir("./build/node_modules/certifi", { recursive: true }); + await cp("./node_modules/certifi/", "./build/node_modules/certifi", { + recursive: true, + }); +} +async function copyAndModifyPackageJson() { + const packageJsonContent = await readFile( + "./packages/safe-chain/package.json", + "utf-8" + ); + const packageJson = JSON.parse(packageJsonContent); + + delete packageJson.main; + delete packageJson.scripts; + delete packageJson.exports; + delete packageJson.dependencies; + delete packageJson.devDependencies; + + packageJson.bin = { + "safe-chain": "bin/safe-chain.cjs", + }; + packageJson.type = "commonjs"; + packageJson.pkg = { + outputPath: "dist", + assets: [ + "node_modules/certifi/**/*", + "bin/startup-scripts/**/*", + "bin/path-wrappers/**/*", + ], + }; + + await writeFile("./build/package.json", JSON.stringify(packageJson, null, 2)); + + return packageJson; +} + +function buildSafeChainBinary(target) { + return new Promise((promiseResolve, reject) => { + // Use .cmd on Windows, resolve to absolute path for cross-platform compatibility + const pkgBin = process.platform === "win32" + ? resolve("node_modules/.bin/pkg.cmd") + : resolve("node_modules/.bin/pkg"); + + const pkg = spawn(pkgBin, ["./build/package.json", "-t", target], { + stdio: "inherit", + shell: true, + }); + + pkg.on("close", (code) => { + if (code !== 0) { + reject(new Error(`pkg process exited with code ${code}`)); + } else { + promiseResolve(); + } + }); + }); +} diff --git a/docs/npm-to-binary-migration.md b/docs/npm-to-binary-migration.md new file mode 100644 index 0000000..c29a044 --- /dev/null +++ b/docs/npm-to-binary-migration.md @@ -0,0 +1,89 @@ +# Migrating from npm global tool to binary installation + +If you previously installed safe-chain as an npm global package, you need to migrate to the binary installation. + +Depending on the version manager you're using, the uninstall process differs: + +### Standard npm (no version manager) + +1. **Clean up shell aliases:** + + ```bash + safe-chain teardown + ``` + +2. **Restart your terminal** + +3. **Uninstall the npm package:** + + ```bash + npm uninstall -g @aikidosec/safe-chain + ``` + +4. **Install the binary version** (see [Installation](https://github.com/AikidoSec/safe-chain/blob/main/README.md#installation)) + +### nvm (Node Version Manager) + +**Important:** nvm installs global packages separately for each Node version, so safe-chain must be uninstalled from each version where it was installed. + +1. **Clean up shell aliases:** + + ```bash + safe-chain teardown + ``` + +2. **Restart your terminal** + +3. **Uninstall from all Node versions:** + + **Option A** - Automated script (recommended): + + ```bash + for version in $(nvm list | grep -oE 'v[0-9]+\.[0-9]+\.[0-9]+'); do nvm use $version && npm uninstall -g @aikidosec/safe-chain; done + ``` + + **Option B** - Manual per version: + + ```bash + nvm use + npm uninstall -g @aikidosec/safe-chain + ``` + + Repeat for each Node version where safe-chain was installed. + +4. **Install the binary version** (see [Installation](https://github.com/AikidoSec/safe-chain/blob/main/README.md#installation)) + +### Volta + +1. **Clean up shell aliases:** + + ```bash + safe-chain teardown + ``` + +2. **Restart your terminal** + +3. **Uninstall the Volta package:** + + ```bash + volta uninstall @aikidosec/safe-chain + ``` + +4. **Install the binary version** (see [Installation](https://github.com/AikidoSec/safe-chain/blob/main/README.md#installation)) + +## Troubleshooting + +### Shell aliases still present after migration + +1. Run `safe-chain teardown` (if the binary is installed) +2. Manually remove any safe-chain entries from your shell config files: + - Bash: `~/.bashrc` + - Zsh: `~/.zshrc` + - Fish: `~/.config/fish/config.fish` + - PowerShell: `$PROFILE` +3. Restart your terminal +4. Re-run the install script + +### "command not found: safe-chain" after migration + +The binary installation directory (`~/.safe-chain/bin`) may not be in your PATH. Restart your terminal. If the problem persists: re-run the installation of safe-chain. diff --git a/install-scripts/install-safe-chain.ps1 b/install-scripts/install-safe-chain.ps1 new file mode 100644 index 0000000..081d232 --- /dev/null +++ b/install-scripts/install-safe-chain.ps1 @@ -0,0 +1,217 @@ +# Downloads and installs safe-chain for Windows +# +# Usage with "iex (iwr {url} -UseBasicParsing)" --> See README.md + +param( + [switch]$ci, + [switch]$includepython +) + +$Version = $env:SAFE_CHAIN_VERSION # Will be fetched from latest release if not set +$InstallDir = Join-Path $env:USERPROFILE ".safe-chain\bin" +$RepoUrl = "https://github.com/AikidoSec/safe-chain" + +# Ensure TLS 1.2 is enabled for downloads +[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + +# Helper functions +function Write-Info { + param([string]$Message) + Write-Host "[INFO] $Message" -ForegroundColor Green +} + +function Write-Warn { + param([string]$Message) + Write-Host "[WARN] $Message" -ForegroundColor Yellow +} + +function Write-Error-Custom { + param([string]$Message) + Write-Host "[ERROR] $Message" -ForegroundColor Red + exit 1 +} + +# Fetch latest release version tag from GitHub +function Get-LatestVersion { + try { + $response = Invoke-RestMethod -Uri "https://api.github.com/repos/AikidoSec/safe-chain/releases/latest" -UseBasicParsing + $latestVersion = $response.tag_name + + if ([string]::IsNullOrWhiteSpace($latestVersion)) { + Write-Error-Custom "Failed to fetch latest version from GitHub API. Please set SAFE_CHAIN_VERSION environment variable." + } + + return $latestVersion + } + catch { + Write-Error-Custom "Failed to fetch latest version from GitHub API: $($_.Exception.Message). Please set SAFE_CHAIN_VERSION environment variable." + } +} + +# Detect architecture +function Get-Architecture { + $arch = $env:PROCESSOR_ARCHITECTURE + switch ($arch) { + "AMD64" { return "x64" } + "ARM64" { return "arm64" } + default { Write-Error-Custom "Unsupported architecture: $arch" } + } +} + +# Check and uninstall npm global package if present +function Remove-NpmInstallation { + # Check if npm is available + if (-not (Get-Command npm -ErrorAction SilentlyContinue)) { + return + } + + # Check if safe-chain is installed as an npm global package + npm list -g @aikidosec/safe-chain 2>&1 | Out-Null + if ($LASTEXITCODE -eq 0) { + Write-Info "Detected npm global installation of @aikidosec/safe-chain" + Write-Info "Uninstalling npm version before installing binary version..." + + npm uninstall -g @aikidosec/safe-chain 2>&1 | Out-Null + if ($LASTEXITCODE -eq 0) { + Write-Info "Successfully uninstalled npm version" + } + else { + Write-Warn "Failed to uninstall npm version automatically" + Write-Warn "Please run: npm uninstall -g @aikidosec/safe-chain" + } + } +} + +# Check and uninstall Volta-managed package if present +function Remove-VoltaInstallation { + # Check if Volta is available + if (-not (Get-Command volta -ErrorAction SilentlyContinue)) { + return + } + + # Volta manages global packages in its own directory + # Check if safe-chain is installed via Volta + volta list safe-chain 2>&1 | Out-Null + if ($LASTEXITCODE -eq 0) { + Write-Info "Detected Volta installation of @aikidosec/safe-chain" + Write-Info "Uninstalling Volta version before installing binary version..." + + volta uninstall @aikidosec/safe-chain 2>&1 | Out-Null + if ($LASTEXITCODE -eq 0) { + Write-Info "Successfully uninstalled Volta version" + } + else { + Write-Warn "Failed to uninstall Volta version automatically" + Write-Warn "Please run: volta uninstall @aikidosec/safe-chain" + } + } +} + +# Main installation +function Install-SafeChain { + # Fetch latest version if VERSION is not set + if ([string]::IsNullOrWhiteSpace($Version)) { + Write-Info "Fetching latest release version..." + $Version = Get-LatestVersion + } + + # Build installation message + $installMsg = "Installing safe-chain $Version" + if ($includepython) { + $installMsg += " with python" + } + if ($ci) { + $installMsg += " in ci" + } + + Write-Info $installMsg + + # Check for existing safe-chain installation through npm or volta + Remove-NpmInstallation + Remove-VoltaInstallation + + # Detect platform + $arch = Get-Architecture + $binaryName = "safe-chain-win-$arch.exe" + + Write-Info "Detected architecture: $arch" + + # Create installation directory + if (-not (Test-Path $InstallDir)) { + Write-Info "Creating installation directory: $InstallDir" + try { + New-Item -ItemType Directory -Path $InstallDir -Force | Out-Null + } + catch { + Write-Error-Custom "Failed to create directory $InstallDir : $_" + } + } + + # Download binary + $downloadUrl = "$RepoUrl/releases/download/$Version/$binaryName" + $tempFile = Join-Path $InstallDir $binaryName + + Write-Info "Downloading from: $downloadUrl" + + try { + # Download with progress suppressed for cleaner output + $ProgressPreference = 'SilentlyContinue' + Invoke-WebRequest -Uri $downloadUrl -OutFile $tempFile -UseBasicParsing + $ProgressPreference = 'Continue' + } + catch { + Write-Error-Custom "Failed to download from $downloadUrl : $_" + } + + # Rename to final location + $finalFile = Join-Path $InstallDir "safe-chain.exe" + try { + # Remove existing file if present (Move-Item -Force doesn't overwrite) + if (Test-Path $finalFile) { + Remove-Item -Path $finalFile -Force + } + Move-Item -Path $tempFile -Destination $finalFile -Force + } + catch { + Write-Error-Custom "Failed to move binary to $finalFile : $_" + } + + Write-Info "Binary installed to: $finalFile" + + # Build setup command based on parameters + $setupCmd = if ($ci) { "setup-ci" } else { "setup" } + $setupArgs = @() + if ($includepython) { + $setupArgs += "--include-python" + } + + # Execute safe-chain setup + Write-Info "Running safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })..." + try { + $env:Path = "$env:Path;$InstallDir" + + if ($setupArgs) { + & $finalFile $setupCmd $setupArgs + } + else { + & $finalFile $setupCmd + } + + if ($LASTEXITCODE -ne 0) { + Write-Warn "safe-chain was installed but setup encountered issues." + Write-Warn "You can run 'safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })' manually later." + } + } + catch { + Write-Warn "safe-chain was installed but setup encountered issues: $_" + Write-Warn "You can run 'safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })' manually later." + } +} + +# Run installation +try { + Install-SafeChain +} +catch { + Write-Error-Custom "Installation failed: $_" +} diff --git a/install-scripts/install-safe-chain.sh b/install-scripts/install-safe-chain.sh new file mode 100755 index 0000000..2afb583 --- /dev/null +++ b/install-scripts/install-safe-chain.sh @@ -0,0 +1,224 @@ +#!/bin/sh + +# Downloads and installs safe-chain, depending on the operating system and architecture +# +# Usage with "curl -fsSL {url} | sh" --> See README.md + +set -e # Exit on error + +# Configuration +VERSION="${SAFE_CHAIN_VERSION:-}" # Will be fetched from latest release if not set +INSTALL_DIR="${HOME}/.safe-chain/bin" +REPO_URL="https://github.com/AikidoSec/safe-chain" + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +NC='\033[0m' # No Color + +# Helper functions +info() { + printf "${GREEN}[INFO]${NC} %s\n" "$1" +} + +warn() { + printf "${YELLOW}[WARN]${NC} %s\n" "$1" +} + +error() { + printf "${RED}[ERROR]${NC} %s\n" "$1" >&2 + exit 1 +} + +# Detect OS +detect_os() { + case "$(uname -s)" in + Linux*) echo "linux" ;; + Darwin*) echo "macos" ;; + *) error "Unsupported operating system: $(uname -s)" ;; + esac +} + +# Detect architecture +detect_arch() { + case "$(uname -m)" in + x86_64|amd64) echo "x64" ;; + aarch64|arm64) echo "arm64" ;; + *) error "Unsupported architecture: $(uname -m)" ;; + esac +} + +# Check if command exists +command_exists() { + command -v "$1" >/dev/null 2>&1 +} + +# Fetch latest release version tag from GitHub +fetch_latest_version() { + # Try using GitHub API to get the latest release tag + if command_exists curl; then + latest_version=$(curl -fsSL "https://api.github.com/repos/AikidoSec/safe-chain/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/') + elif command_exists wget; then + latest_version=$(wget -qO- "https://api.github.com/repos/AikidoSec/safe-chain/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/') + else + error "Neither curl nor wget found. Please install one of them or set SAFE_CHAIN_VERSION environment variable." + fi + + if [ -z "$latest_version" ]; then + error "Failed to fetch latest version from GitHub API. Please set SAFE_CHAIN_VERSION environment variable." + fi + + echo "$latest_version" +} + +# Download file +download() { + url="$1" + dest="$2" + + if command_exists curl; then + curl -fsSL "$url" -o "$dest" || error "Failed to download from $url" + elif command_exists wget; then + wget -q "$url" -O "$dest" || error "Failed to download from $url" + else + error "Neither curl nor wget found. Please install one of them." + fi +} + +# Check and uninstall npm global package if present +remove_npm_installation() { + if ! command_exists npm; then + return + fi + + # Check if safe-chain is installed as an npm global package + if npm list -g @aikidosec/safe-chain >/dev/null 2>&1; then + info "Detected npm global installation of @aikidosec/safe-chain" + info "Uninstalling npm version before installing binary version..." + + if npm uninstall -g @aikidosec/safe-chain >/dev/null 2>&1; then + info "Successfully uninstalled npm version" + else + warn "Failed to uninstall npm version automatically" + warn "Please run: npm uninstall -g @aikidosec/safe-chain" + fi + fi +} + +# Check and uninstall Volta-managed package if present +remove_volta_installation() { + if ! command_exists volta; then + return + fi + + # Volta manages global packages in its own directory + # Check if safe-chain is installed via Volta + if volta list safe-chain >/dev/null 2>&1; then + info "Detected Volta installation of @aikidosec/safe-chain" + info "Uninstalling Volta version before installing binary version..." + + if volta uninstall @aikidosec/safe-chain >/dev/null 2>&1; then + info "Successfully uninstalled Volta version" + else + warn "Failed to uninstall Volta version automatically" + warn "Please run: volta uninstall @aikidosec/safe-chain" + fi + fi +} + +# Parse command-line arguments +parse_arguments() { + for arg in "$@"; do + case "$arg" in + --ci) + USE_CI_SETUP=true + ;; + --include-python) + INCLUDE_PYTHON=true + ;; + *) + error "Unknown argument: $arg" + ;; + esac + done +} + +# Main installation +main() { + # Initialize argument flags + USE_CI_SETUP=false + INCLUDE_PYTHON=false + + # Parse command-line arguments + parse_arguments "$@" + + # Fetch latest version if VERSION is not set + if [ -z "$VERSION" ]; then + info "Fetching latest release version..." + VERSION=$(fetch_latest_version) + fi + + # Build installation message + INSTALL_MSG="Installing safe-chain ${VERSION}" + if [ "$INCLUDE_PYTHON" = "true" ]; then + INSTALL_MSG="${INSTALL_MSG} with python" + fi + if [ "$USE_CI_SETUP" = "true" ]; then + INSTALL_MSG="${INSTALL_MSG} in ci" + fi + + info "$INSTALL_MSG" + + # Check for existing safe-chain installation through npm or volta + remove_npm_installation + remove_volta_installation + + # Detect platform + OS=$(detect_os) + ARCH=$(detect_arch) + BINARY_NAME="safe-chain-${OS}-${ARCH}" + + info "Detected platform: ${OS}-${ARCH}" + + # Create installation directory + if [ ! -d "$INSTALL_DIR" ]; then + info "Creating installation directory: $INSTALL_DIR" + mkdir -p "$INSTALL_DIR" || error "Failed to create directory $INSTALL_DIR" + fi + + # Download binary + DOWNLOAD_URL="${REPO_URL}/releases/download/${VERSION}/${BINARY_NAME}" + TEMP_FILE="${INSTALL_DIR}/${BINARY_NAME}" + + info "Downloading from: $DOWNLOAD_URL" + download "$DOWNLOAD_URL" "$TEMP_FILE" + + # Rename and make executable + FINAL_FILE="${INSTALL_DIR}/safe-chain" + mv "$TEMP_FILE" "$FINAL_FILE" || error "Failed to move binary to $FINAL_FILE" + chmod +x "$FINAL_FILE" || error "Failed to make binary executable" + + info "Binary installed to: $FINAL_FILE" + + # Build setup command based on arguments + SETUP_CMD="setup" + SETUP_ARGS="" + + if [ "$USE_CI_SETUP" = "true" ]; then + SETUP_CMD="setup-ci" + fi + + if [ "$INCLUDE_PYTHON" = "true" ]; then + SETUP_ARGS="--include-python" + fi + + # Execute safe-chain setup + info "Running safe-chain $SETUP_CMD $SETUP_ARGS..." + if ! "$FINAL_FILE" $SETUP_CMD $SETUP_ARGS; then + warn "safe-chain was installed but setup encountered issues." + warn "You can run 'safe-chain $SETUP_CMD $SETUP_ARGS' manually later." + fi +} + +main "$@" diff --git a/package-lock.json b/package-lock.json index 575ed14..30f47e4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,6 +12,8 @@ "test/e2e" ], "devDependencies": { + "@yao-pkg/pkg": "6.10.1", + "esbuild": "^0.27.0", "oxlint": "^1.22.0" } }, @@ -23,6 +25,515 @@ "resolved": "test/e2e", "link": true }, + "node_modules/@babel/generator": { + "version": "7.28.5", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.28.5.tgz", + "integrity": "sha512-3EwLFhZ38J4VyIP6WNtt2kUdW9dokXA9Cr4IVIFHuCpZ3H8/YFOl5JjZHisrn1fATPBmKKqXzDFvh9fUwHz6CQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@babel/parser": "^7.28.5", + "@babel/types": "^7.28.5", + "@jridgewell/gen-mapping": "^0.3.12", + "@jridgewell/trace-mapping": "^0.3.28", + "jsesc": "^3.0.2" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-string-parser": { + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz", + "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-validator-identifier": { + "version": "7.28.5", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz", + "integrity": "sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/parser": { + "version": "7.28.5", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.5.tgz", + "integrity": "sha512-KKBU1VGYR7ORr3At5HAtUQ+TV3SzRCXmA/8OdDZiLDBIZxVyzXuztPjfLd3BV1PRAQGCMWWSHYhL0F8d5uHBDQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@babel/types": "^7.28.5" + }, + "bin": { + "parser": "bin/babel-parser.js" + }, + "engines": { + "node": ">=6.0.0" + } + }, + "node_modules/@babel/types": { + "version": "7.28.5", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.5.tgz", + "integrity": "sha512-qQ5m48eI/MFLQ5PxQj4PFaprjyCTLI37ElWMmNs0K8Lk3dVeOdNpB3ks8jc7yM5CDmVC73eMVk/trk3fgmrUpA==", + "dev": true, + "license": "MIT", + "dependencies": { + "@babel/helper-string-parser": "^7.27.1", + "@babel/helper-validator-identifier": "^7.28.5" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@esbuild/aix-ppc64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.0.tgz", + "integrity": "sha512-KuZrd2hRjz01y5JK9mEBSD3Vj3mbCvemhT466rSuJYeE/hjuBrHfjjcjMdTm/sz7au+++sdbJZJmuBwQLuw68A==", + "cpu": [ + "ppc64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "aix" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.0.tgz", + "integrity": "sha512-j67aezrPNYWJEOHUNLPj9maeJte7uSMM6gMoxfPC9hOg8N02JuQi/T7ewumf4tNvJadFkvLZMlAq73b9uwdMyQ==", + "cpu": [ + "arm" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.0.tgz", + "integrity": "sha512-CC3vt4+1xZrs97/PKDkl0yN7w8edvU2vZvAFGD16n9F0Cvniy5qvzRXjfO1l94efczkkQE6g1x0i73Qf5uthOQ==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.0.tgz", + "integrity": "sha512-wurMkF1nmQajBO1+0CJmcN17U4BP6GqNSROP8t0X/Jiw2ltYGLHpEksp9MpoBqkrFR3kv2/te6Sha26k3+yZ9Q==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.0.tgz", + "integrity": "sha512-uJOQKYCcHhg07DL7i8MzjvS2LaP7W7Pn/7uA0B5S1EnqAirJtbyw4yC5jQ5qcFjHK9l6o/MX9QisBg12kNkdHg==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.0.tgz", + "integrity": "sha512-8mG6arH3yB/4ZXiEnXof5MK72dE6zM9cDvUcPtxhUZsDjESl9JipZYW60C3JGreKCEP+p8P/72r69m4AZGJd5g==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.0.tgz", + "integrity": "sha512-9FHtyO988CwNMMOE3YIeci+UV+x5Zy8fI2qHNpsEtSF83YPBmE8UWmfYAQg6Ux7Gsmd4FejZqnEUZCMGaNQHQw==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/freebsd-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.0.tgz", + "integrity": "sha512-zCMeMXI4HS/tXvJz8vWGexpZj2YVtRAihHLk1imZj4efx1BQzN76YFeKqlDr3bUWI26wHwLWPd3rwh6pe4EV7g==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.0.tgz", + "integrity": "sha512-t76XLQDpxgmq2cNXKTVEB7O7YMb42atj2Re2Haf45HkaUpjM2J0UuJZDuaGbPbamzZ7bawyGFUkodL+zcE+jvQ==", + "cpu": [ + "arm" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.0.tgz", + "integrity": "sha512-AS18v0V+vZiLJyi/4LphvBE+OIX682Pu7ZYNsdUHyUKSoRwdnOsMf6FDekwoAFKej14WAkOef3zAORJgAtXnlQ==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ia32": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.0.tgz", + "integrity": "sha512-Mz1jxqm/kfgKkc/KLHC5qIujMvnnarD9ra1cEcrs7qshTUSksPihGrWHVG5+osAIQ68577Zpww7SGapmzSt4Nw==", + "cpu": [ + "ia32" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-loong64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.0.tgz", + "integrity": "sha512-QbEREjdJeIreIAbdG2hLU1yXm1uu+LTdzoq1KCo4G4pFOLlvIspBm36QrQOar9LFduavoWX2msNFAAAY9j4BDg==", + "cpu": [ + "loong64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-mips64el": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.0.tgz", + "integrity": "sha512-sJz3zRNe4tO2wxvDpH/HYJilb6+2YJxo/ZNbVdtFiKDufzWq4JmKAiHy9iGoLjAV7r/W32VgaHGkk35cUXlNOg==", + "cpu": [ + "mips64el" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-ppc64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.0.tgz", + "integrity": "sha512-z9N10FBD0DCS2dmSABDBb5TLAyF1/ydVb+N4pi88T45efQ/w4ohr/F/QYCkxDPnkhkp6AIpIcQKQ8F0ANoA2JA==", + "cpu": [ + "ppc64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-riscv64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.0.tgz", + "integrity": "sha512-pQdyAIZ0BWIC5GyvVFn5awDiO14TkT/19FTmFcPdDec94KJ1uZcmFs21Fo8auMXzD4Tt+diXu1LW1gHus9fhFQ==", + "cpu": [ + "riscv64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-s390x": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.0.tgz", + "integrity": "sha512-hPlRWR4eIDDEci953RI1BLZitgi5uqcsjKMxwYfmi4LcwyWo2IcRP+lThVnKjNtk90pLS8nKdroXYOqW+QQH+w==", + "cpu": [ + "s390x" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/linux-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.0.tgz", + "integrity": "sha512-1hBWx4OUJE2cab++aVZ7pObD6s+DK4mPGpemtnAORBvb5l/g5xFGk0vc0PjSkrDs0XaXj9yyob3d14XqvnQ4gw==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/netbsd-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.0.tgz", + "integrity": "sha512-6m0sfQfxfQfy1qRuecMkJlf1cIzTOgyaeXaiVaaki8/v+WB+U4hc6ik15ZW6TAllRlg/WuQXxWj1jx6C+dfy3w==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/netbsd-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.0.tgz", + "integrity": "sha512-xbbOdfn06FtcJ9d0ShxxvSn2iUsGd/lgPIO2V3VZIPDbEaIj1/3nBBe1AwuEZKXVXkMmpr6LUAgMkLD/4D2PPA==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.0.tgz", + "integrity": "sha512-fWgqR8uNbCQ/GGv0yhzttj6sU/9Z5/Sv/VGU3F5OuXK6J6SlriONKrQ7tNlwBrJZXRYk5jUhuWvF7GYzGguBZQ==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openbsd-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.0.tgz", + "integrity": "sha512-aCwlRdSNMNxkGGqQajMUza6uXzR/U0dIl1QmLjPtRbLOx3Gy3otfFu/VjATy4yQzo9yFDGTxYDo1FfAD9oRD2A==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/openharmony-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.0.tgz", + "integrity": "sha512-nyvsBccxNAsNYz2jVFYwEGuRRomqZ149A39SHWk4hV0jWxKM0hjBPm3AmdxcbHiFLbBSwG6SbpIcUbXjgyECfA==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openharmony" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/sunos-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.0.tgz", + "integrity": "sha512-Q1KY1iJafM+UX6CFEL+F4HRTgygmEW568YMqDA5UV97AuZSm21b7SXIrRJDwXWPzr8MGr75fUZPV67FdtMHlHA==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "sunos" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-arm64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.0.tgz", + "integrity": "sha512-W1eyGNi6d+8kOmZIwi/EDjrL9nxQIQ0MiGqe/AWc6+IaHloxHSGoeRgDRKHFISThLmsewZ5nHFvGFWdBYlgKPg==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-ia32": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.0.tgz", + "integrity": "sha512-30z1aKL9h22kQhilnYkORFYt+3wp7yZsHWus+wSKAJR8JtdfI76LJ4SBdMsCopTR3z/ORqVu5L1vtnHZWVj4cQ==", + "cpu": [ + "ia32" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/win32-x64": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.0.tgz", + "integrity": "sha512-aIitBcjQeyOhMTImhLZmtxfdOcuNRpwlPNmlFKPcHQYPhEssw75Cl1TSXJXpMkzaua9FUetx/4OQKq7eJul5Cg==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">=18" + } + }, "node_modules/@isaacs/balanced-match": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz", @@ -44,6 +555,58 @@ "node": "20 || >=22" } }, + "node_modules/@isaacs/fs-minipass": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", + "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", + "dev": true, + "license": "ISC", + "dependencies": { + "minipass": "^7.0.4" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@jridgewell/gen-mapping": { + "version": "0.3.13", + "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz", + "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/sourcemap-codec": "^1.5.0", + "@jridgewell/trace-mapping": "^0.3.24" + } + }, + "node_modules/@jridgewell/resolve-uri": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", + "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6.0.0" + } + }, + "node_modules/@jridgewell/sourcemap-codec": { + "version": "1.5.5", + "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz", + "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==", + "dev": true, + "license": "MIT" + }, + "node_modules/@jridgewell/trace-mapping": { + "version": "0.3.31", + "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz", + "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/resolve-uri": "^3.1.0", + "@jridgewell/sourcemap-codec": "^1.4.14" + } + }, "node_modules/@npmcli/agent": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/@npmcli/agent/-/agent-4.0.0.tgz", @@ -280,6 +843,82 @@ "@types/node": "*" } }, + "node_modules/@yao-pkg/pkg": { + "version": "6.10.1", + "resolved": "https://registry.npmjs.org/@yao-pkg/pkg/-/pkg-6.10.1.tgz", + "integrity": "sha512-M/eqDg0Iir2nmyZ06Q9ospIPv1Yk7K1du5iLiaYrfMogQcI6bqf82A026MVYngyLH8jZsquZvjNAbvgbW4Uwkw==", + "dev": true, + "license": "MIT", + "dependencies": { + "@babel/generator": "^7.23.0", + "@babel/parser": "^7.23.0", + "@babel/types": "^7.23.0", + "@yao-pkg/pkg-fetch": "3.5.30", + "into-stream": "^6.0.0", + "minimist": "^1.2.6", + "multistream": "^4.1.0", + "picocolors": "^1.1.0", + "picomatch": "^4.0.2", + "prebuild-install": "^7.1.1", + "resolve": "^1.22.10", + "stream-meter": "^1.0.4", + "tar": "^7.4.3", + "tinyglobby": "^0.2.11", + "unzipper": "^0.12.3" + }, + "bin": { + "pkg": "lib-es5/bin.js" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@yao-pkg/pkg-fetch": { + "version": "3.5.30", + "resolved": "https://registry.npmjs.org/@yao-pkg/pkg-fetch/-/pkg-fetch-3.5.30.tgz", + "integrity": "sha512-OrXQlsR3vE/IvwXSk8R5ETYbcxAFtUPmLkeepbG+ArN82TvlIwcUJ65tEWxLG3Tl89VRbmOupuhkXfmuaO05+Q==", + "dev": true, + "license": "MIT", + "dependencies": { + "https-proxy-agent": "^5.0.0", + "node-fetch": "^2.6.6", + "picocolors": "^1.1.0", + "progress": "^2.0.3", + "semver": "^7.3.5", + "tar-fs": "^3.1.1", + "yargs": "^16.2.0" + }, + "bin": { + "pkg-fetch": "lib-es5/bin.js" + } + }, + "node_modules/@yao-pkg/pkg-fetch/node_modules/agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "debug": "4" + }, + "engines": { + "node": ">= 6.0.0" + } + }, + "node_modules/@yao-pkg/pkg-fetch/node_modules/https-proxy-agent": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", + "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", + "dev": true, + "license": "MIT", + "dependencies": { + "agent-base": "6", + "debug": "4" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/agent-base": { "version": "7.1.3", "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz", @@ -289,12 +928,230 @@ "node": ">= 14" } }, + "node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "license": "MIT", + "dependencies": { + "color-convert": "^2.0.1" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", "dev": true }, + "node_modules/b4a": { + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.7.3.tgz", + "integrity": "sha512-5Q2mfq2WfGuFp3uS//0s6baOJLMoVduPYVeNmDYxu5OUA1/cBfvr2RIS7vi62LdNj/urk1hfmj867I3qt6uZ7Q==", + "dev": true, + "license": "Apache-2.0", + "peerDependencies": { + "react-native-b4a": "*" + }, + "peerDependenciesMeta": { + "react-native-b4a": { + "optional": true + } + } + }, + "node_modules/bare-events": { + "version": "2.8.2", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.8.2.tgz", + "integrity": "sha512-riJjyv1/mHLIPX4RwiK+oW9/4c3TEUeORHKefKAKnZ5kyslbN+HXowtbaVEqt4IMUB7OXlfixcs6gsFeo/jhiQ==", + "dev": true, + "license": "Apache-2.0", + "peerDependencies": { + "bare-abort-controller": "*" + }, + "peerDependenciesMeta": { + "bare-abort-controller": { + "optional": true + } + } + }, + "node_modules/bare-fs": { + "version": "4.5.2", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.5.2.tgz", + "integrity": "sha512-veTnRzkb6aPHOvSKIOy60KzURfBdUflr5VReI+NSaPL6xf+XLdONQgZgpYvUuZLVQ8dCqxpBAudaOM1+KpAUxw==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-events": "^2.5.4", + "bare-path": "^3.0.0", + "bare-stream": "^2.6.4", + "bare-url": "^2.2.2", + "fast-fifo": "^1.3.2" + }, + "engines": { + "bare": ">=1.16.0" + }, + "peerDependencies": { + "bare-buffer": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + } + } + }, + "node_modules/bare-os": { + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-3.6.2.tgz", + "integrity": "sha512-T+V1+1srU2qYNBmJCXZkUY5vQ0B4FSlL3QDROnKQYOqeiQR8UbjNHlPa+TIbM4cuidiN9GaTaOZgSEgsvPbh5A==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "engines": { + "bare": ">=1.14.0" + } + }, + "node_modules/bare-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-3.0.0.tgz", + "integrity": "sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-os": "^3.0.1" + } + }, + "node_modules/bare-stream": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.7.0.tgz", + "integrity": "sha512-oyXQNicV1y8nc2aKffH+BUHFRXmx6VrPzlnaEvMhram0nPBrKcEdcyBg5r08D0i8VxngHFAiVyn1QKXpSG0B8A==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "streamx": "^2.21.0" + }, + "peerDependencies": { + "bare-buffer": "*", + "bare-events": "*" + }, + "peerDependenciesMeta": { + "bare-buffer": { + "optional": true + }, + "bare-events": { + "optional": true + } + } + }, + "node_modules/bare-url": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/bare-url/-/bare-url-2.3.2.tgz", + "integrity": "sha512-ZMq4gd9ngV5aTMa5p9+UfY0b3skwhHELaDkhEHetMdX0LRkW9kzaym4oo/Eh+Ghm0CCDuMTsRIGM/ytUc1ZYmw==", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "dependencies": { + "bare-path": "^3.0.0" + } + }, + "node_modules/base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT" + }, + "node_modules/bl": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz", + "integrity": "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==", + "dev": true, + "license": "MIT", + "dependencies": { + "buffer": "^5.5.0", + "inherits": "^2.0.4", + "readable-stream": "^3.4.0" + } + }, + "node_modules/bl/node_modules/readable-stream": { + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", + "dev": true, + "license": "MIT", + "dependencies": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/bluebird": { + "version": "3.7.2", + "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz", + "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==", + "dev": true, + "license": "MIT" + }, + "node_modules/buffer": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT", + "dependencies": { + "base64-js": "^1.3.1", + "ieee754": "^1.1.13" + } + }, "node_modules/cacache": { "version": "20.0.3", "resolved": "https://registry.npmjs.org/cacache/-/cacache-20.0.3.tgz", @@ -350,6 +1207,48 @@ "url": "https://github.com/chalk/chalk?sponsor=1" } }, + "node_modules/chownr": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", + "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", + "dev": true, + "license": "BlueOak-1.0.0", + "engines": { + "node": ">=18" + } + }, + "node_modules/cliui": { + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", + "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==", + "dev": true, + "license": "ISC", + "dependencies": { + "string-width": "^4.2.0", + "strip-ansi": "^6.0.0", + "wrap-ansi": "^7.0.0" + } + }, + "node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" + } + }, + "node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true, + "license": "MIT" + }, "node_modules/combined-stream": { "version": "1.0.8", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", @@ -362,6 +1261,13 @@ "node": ">= 0.8" } }, + "node_modules/core-util-is": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", + "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==", + "dev": true, + "license": "MIT" + }, "node_modules/debug": { "version": "4.4.0", "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", @@ -379,6 +1285,32 @@ } } }, + "node_modules/decompress-response": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "mimic-response": "^3.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/deep-extend": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", + "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=4.0.0" + } + }, "node_modules/delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", @@ -388,6 +1320,16 @@ "node": ">=0.4.0" } }, + "node_modules/detect-libc": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.1.2.tgz", + "integrity": "sha512-Btj2BOOO83o3WyH59e8MgXsxEQVcarkUOpEYrubB0urwnN10yQ364rsiByU11nZlqWYZm05i/of7io4mzihBtQ==", + "dev": true, + "license": "Apache-2.0", + "engines": { + "node": ">=8" + } + }, "node_modules/dunder-proto": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", @@ -402,6 +1344,23 @@ "node": ">= 0.4" } }, + "node_modules/duplexer2": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/duplexer2/-/duplexer2-0.1.4.tgz", + "integrity": "sha512-asLFVfWWtJ90ZyOUHMqk7/S2w2guQKxUI2itj3d92ADHhxUSbCMGi1f1cBcJ7xM1To+pE/Khbwo1yuNbMEPKeA==", + "dev": true, + "license": "BSD-3-Clause", + "dependencies": { + "readable-stream": "^2.0.2" + } + }, + "node_modules/emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true, + "license": "MIT" + }, "node_modules/encoding": { "version": "0.1.13", "resolved": "https://registry.npmjs.org/encoding/-/encoding-0.1.13.tgz", @@ -412,6 +1371,16 @@ "iconv-lite": "^0.6.2" } }, + "node_modules/end-of-stream": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", + "dev": true, + "license": "MIT", + "dependencies": { + "once": "^1.4.0" + } + }, "node_modules/err-code": { "version": "2.0.3", "resolved": "https://registry.npmjs.org/err-code/-/err-code-2.0.3.tgz", @@ -463,6 +1432,103 @@ "node": ">= 0.4" } }, + "node_modules/esbuild": { + "version": "0.27.0", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.0.tgz", + "integrity": "sha512-jd0f4NHbD6cALCyGElNpGAOtWxSq46l9X/sWB0Nzd5er4Kz2YTm+Vl0qKFT9KUJvD8+fiO8AvoHhFvEatfVixA==", + "dev": true, + "hasInstallScript": true, + "license": "MIT", + "bin": { + "esbuild": "bin/esbuild" + }, + "engines": { + "node": ">=18" + }, + "optionalDependencies": { + "@esbuild/aix-ppc64": "0.27.0", + "@esbuild/android-arm": "0.27.0", + "@esbuild/android-arm64": "0.27.0", + "@esbuild/android-x64": "0.27.0", + "@esbuild/darwin-arm64": "0.27.0", + "@esbuild/darwin-x64": "0.27.0", + "@esbuild/freebsd-arm64": "0.27.0", + "@esbuild/freebsd-x64": "0.27.0", + "@esbuild/linux-arm": "0.27.0", + "@esbuild/linux-arm64": "0.27.0", + "@esbuild/linux-ia32": "0.27.0", + "@esbuild/linux-loong64": "0.27.0", + "@esbuild/linux-mips64el": "0.27.0", + "@esbuild/linux-ppc64": "0.27.0", + "@esbuild/linux-riscv64": "0.27.0", + "@esbuild/linux-s390x": "0.27.0", + "@esbuild/linux-x64": "0.27.0", + "@esbuild/netbsd-arm64": "0.27.0", + "@esbuild/netbsd-x64": "0.27.0", + "@esbuild/openbsd-arm64": "0.27.0", + "@esbuild/openbsd-x64": "0.27.0", + "@esbuild/openharmony-arm64": "0.27.0", + "@esbuild/sunos-x64": "0.27.0", + "@esbuild/win32-arm64": "0.27.0", + "@esbuild/win32-ia32": "0.27.0", + "@esbuild/win32-x64": "0.27.0" + } + }, + "node_modules/escalade": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", + "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6" + } + }, + "node_modules/events-universal": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/events-universal/-/events-universal-1.0.1.tgz", + "integrity": "sha512-LUd5euvbMLpwOF8m6ivPCbhQeSiYVNb8Vs0fQ8QjXo0JTkEHpz8pxdQf0gStltaPpw0Cca8b39KxvK9cfKRiAw==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "bare-events": "^2.7.0" + } + }, + "node_modules/expand-template": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/expand-template/-/expand-template-2.0.3.tgz", + "integrity": "sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg==", + "dev": true, + "license": "(MIT OR WTFPL)", + "engines": { + "node": ">=6" + } + }, + "node_modules/fast-fifo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz", + "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==", + "dev": true, + "license": "MIT" + }, + "node_modules/fdir": { + "version": "6.5.0", + "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz", + "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=12.0.0" + }, + "peerDependencies": { + "picomatch": "^3 || ^4" + }, + "peerDependenciesMeta": { + "picomatch": { + "optional": true + } + } + }, "node_modules/form-data": { "version": "4.0.4", "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz", @@ -479,6 +1545,39 @@ "node": ">= 6" } }, + "node_modules/from2": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", + "integrity": "sha512-OMcX/4IC/uqEPVgGeyfN22LJk6AZrMkRZHxcHBMBvHScDGgwTm2GT2Wkgtocyd3JfZffjj2kYUDXXII0Fk9W0g==", + "dev": true, + "license": "MIT", + "dependencies": { + "inherits": "^2.0.1", + "readable-stream": "^2.0.0" + } + }, + "node_modules/fs-constants": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", + "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==", + "dev": true, + "license": "MIT" + }, + "node_modules/fs-extra": { + "version": "11.3.2", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.3.2.tgz", + "integrity": "sha512-Xr9F6z6up6Ws+NjzMCZc6WXg2YFRlrLP9NQDO3VQrWrfiojdhS56TzueT88ze0uBdCTwEIhQ3ptnmKeWGFAe0A==", + "dev": true, + "license": "MIT", + "dependencies": { + "graceful-fs": "^4.2.0", + "jsonfile": "^6.0.1", + "universalify": "^2.0.0" + }, + "engines": { + "node": ">=14.14" + } + }, "node_modules/fs-minipass": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-3.0.3.tgz", @@ -500,6 +1599,16 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true, + "license": "ISC", + "engines": { + "node": "6.* || 8.* || >= 10.*" + } + }, "node_modules/get-intrinsic": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", @@ -537,6 +1646,13 @@ "node": ">= 0.4" } }, + "node_modules/github-from-package": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz", + "integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==", + "dev": true, + "license": "MIT" + }, "node_modules/glob": { "version": "13.0.0", "resolved": "https://registry.npmjs.org/glob/-/glob-13.0.0.tgz", @@ -566,6 +1682,13 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true, + "license": "ISC" + }, "node_modules/has-symbols": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", @@ -662,6 +1785,27 @@ "node": ">=0.10.0" } }, + "node_modules/ieee754": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "BSD-3-Clause" + }, "node_modules/imurmurhash": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", @@ -671,6 +1815,13 @@ "node": ">=0.8.19" } }, + "node_modules/inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true, + "license": "ISC" + }, "node_modules/ini": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/ini/-/ini-6.0.0.tgz", @@ -680,6 +1831,23 @@ "node": "^20.17.0 || >=22.9.0" } }, + "node_modules/into-stream": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/into-stream/-/into-stream-6.0.0.tgz", + "integrity": "sha512-XHbaOAvP+uFKUFsOgoNPRjLkwB+I22JFPFe5OjTkQ0nwgj6+pSjb4NmB6VMxaPshLiOf+zcpOCBQuLwC1KHhZA==", + "dev": true, + "license": "MIT", + "dependencies": { + "from2": "^2.3.0", + "p-is-promise": "^3.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/ip-address": { "version": "10.1.0", "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.1.0.tgz", @@ -689,6 +1857,65 @@ "node": ">= 12" } }, + "node_modules/is-core-module": { + "version": "2.16.1", + "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.16.1.tgz", + "integrity": "sha512-UfoeMA6fIJ8wTYFEUjelnaGI67v6+N7qXJEvQuIGa99l4xsCruSYOVSQ0uPANn4dAzm8lkYPaKLrrijLq7x23w==", + "dev": true, + "license": "MIT", + "dependencies": { + "hasown": "^2.0.2" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/isarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==", + "dev": true, + "license": "MIT" + }, + "node_modules/jsesc": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-3.1.0.tgz", + "integrity": "sha512-/sM3dO2FOzXjKQhJuo0Q173wf2KOo8t4I8vHy6lF9poUp7bKT0/NHE8fPX23PwfhnykfqnC2xRxOnVw5XuGIaA==", + "dev": true, + "license": "MIT", + "bin": { + "jsesc": "bin/jsesc" + }, + "engines": { + "node": ">=6" + } + }, + "node_modules/jsonfile": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz", + "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==", + "dev": true, + "license": "MIT", + "dependencies": { + "universalify": "^2.0.0" + }, + "optionalDependencies": { + "graceful-fs": "^4.1.6" + } + }, "node_modules/jsonparse": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/jsonparse/-/jsonparse-1.3.1.tgz", @@ -759,6 +1986,19 @@ "node": ">= 0.6" } }, + "node_modules/mimic-response": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/minimatch": { "version": "10.1.1", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.1.1.tgz", @@ -774,6 +2014,16 @@ "url": "https://github.com/sponsors/isaacs" } }, + "node_modules/minimist": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", + "dev": true, + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/minipass": { "version": "7.1.2", "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz", @@ -896,18 +2146,72 @@ "node": ">= 18" } }, + "node_modules/mkdirp-classic": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", + "dev": true, + "license": "MIT" + }, "node_modules/ms": { "version": "2.1.3", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", "license": "MIT" }, + "node_modules/multistream": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/multistream/-/multistream-4.1.0.tgz", + "integrity": "sha512-J1XDiAmmNpRCBfIWJv+n0ymC4ABcf/Pl+5YvC5B/D2f/2+8PtHvCNxMPKiQcZyi922Hq69J2YOpb1pTywfifyw==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT", + "dependencies": { + "once": "^1.4.0", + "readable-stream": "^3.6.0" + } + }, + "node_modules/multistream/node_modules/readable-stream": { + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", + "dev": true, + "license": "MIT", + "dependencies": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/nan": { "version": "2.23.0", "resolved": "https://registry.npmjs.org/nan/-/nan-2.23.0.tgz", "integrity": "sha512-1UxuyYGdoQHcGg87Lkqm3FzefucTa0NAiOcuRsDmysep3c1LVCRK2krrUDafMWtjSG04htvAmvg96+SDknOmgQ==", "license": "MIT" }, + "node_modules/napi-build-utils": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-2.0.0.tgz", + "integrity": "sha512-GEbrYkbfF7MoNaoh2iGG84Mnf/WZfB0GdGEsM8wz7Expx/LlWf5U8t9nvJKXSp3qr5IsEbK04cBGhol/KwOsWA==", + "dev": true, + "license": "MIT" + }, "node_modules/negotiator": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-1.0.0.tgz", @@ -917,6 +2221,40 @@ "node": ">= 0.6" } }, + "node_modules/node-abi": { + "version": "3.85.0", + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.85.0.tgz", + "integrity": "sha512-zsFhmbkAzwhTft6nd3VxcG0cvJsT70rL+BIGHWVq5fi6MwGrHwzqKaxXE+Hl2GmnGItnDKPPkO5/LQqjVkIdFg==", + "dev": true, + "license": "MIT", + "dependencies": { + "semver": "^7.3.5" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "dev": true, + "license": "MIT", + "dependencies": { + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } + } + }, "node_modules/node-forge": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.2.tgz", @@ -926,6 +2264,13 @@ "node": ">= 6.13.0" } }, + "node_modules/node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==", + "dev": true, + "license": "MIT" + }, "node_modules/node-pty": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/node-pty/-/node-pty-1.0.0.tgz", @@ -970,6 +2315,16 @@ "node": "^20.17.0 || >=22.9.0" } }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "dev": true, + "license": "ISC", + "dependencies": { + "wrappy": "1" + } + }, "node_modules/oxlint": { "version": "1.22.0", "resolved": "https://registry.npmjs.org/oxlint/-/oxlint-1.22.0.tgz", @@ -1004,6 +2359,16 @@ } } }, + "node_modules/p-is-promise": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-3.0.0.tgz", + "integrity": "sha512-Wo8VsW4IRQSKVXsJCn7TomUaVtyfjVDn3nUP7kE967BQk0CwFpdbZs0X0uk5sW9mkBa9eNM7hCMaG93WUAwxYQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, "node_modules/p-map": { "version": "7.0.4", "resolved": "https://registry.npmjs.org/p-map/-/p-map-7.0.4.tgz", @@ -1016,6 +2381,13 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/path-parse": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", + "dev": true, + "license": "MIT" + }, "node_modules/path-scurry": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.1.tgz", @@ -1032,6 +2404,105 @@ "url": "https://github.com/sponsors/isaacs" } }, + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", + "dev": true, + "license": "ISC" + }, + "node_modules/picomatch": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz", + "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" + } + }, + "node_modules/prebuild-install": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-7.1.3.tgz", + "integrity": "sha512-8Mf2cbV7x1cXPUILADGI3wuhfqWvtiLA1iclTDbFRZkgRQS0NqsPZphna9V+HyTEadheuPmjaJMsbzKQFOzLug==", + "dev": true, + "license": "MIT", + "dependencies": { + "detect-libc": "^2.0.0", + "expand-template": "^2.0.3", + "github-from-package": "0.0.0", + "minimist": "^1.2.3", + "mkdirp-classic": "^0.5.3", + "napi-build-utils": "^2.0.0", + "node-abi": "^3.3.0", + "pump": "^3.0.0", + "rc": "^1.2.7", + "simple-get": "^4.0.0", + "tar-fs": "^2.0.0", + "tunnel-agent": "^0.6.0" + }, + "bin": { + "prebuild-install": "bin.js" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/prebuild-install/node_modules/chownr": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", + "dev": true, + "license": "ISC" + }, + "node_modules/prebuild-install/node_modules/readable-stream": { + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", + "dev": true, + "license": "MIT", + "dependencies": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/prebuild-install/node_modules/tar-fs": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.4.tgz", + "integrity": "sha512-mDAjwmZdh7LTT6pNleZ05Yt65HC3E+NiQzl672vQG38jIrehtJk/J3mNwIg+vShQPcLF/LV7CMnDW6vjj6sfYQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "chownr": "^1.1.1", + "mkdirp-classic": "^0.5.2", + "pump": "^3.0.0", + "tar-stream": "^2.1.4" + } + }, + "node_modules/prebuild-install/node_modules/tar-stream": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz", + "integrity": "sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "bl": "^4.0.3", + "end-of-stream": "^1.4.1", + "fs-constants": "^1.0.0", + "inherits": "^2.0.3", + "readable-stream": "^3.1.1" + }, + "engines": { + "node": ">=6" + } + }, "node_modules/proc-log": { "version": "6.1.0", "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-6.1.0.tgz", @@ -1041,6 +2512,23 @@ "node": "^20.17.0 || >=22.9.0" } }, + "node_modules/process-nextick-args": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==", + "dev": true, + "license": "MIT" + }, + "node_modules/progress": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", + "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/promise-retry": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/promise-retry/-/promise-retry-2.0.1.tgz", @@ -1054,6 +2542,87 @@ "node": ">=10" } }, + "node_modules/pump": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", + "dev": true, + "license": "MIT", + "dependencies": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "node_modules/rc": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", + "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==", + "dev": true, + "license": "(BSD-2-Clause OR MIT OR Apache-2.0)", + "dependencies": { + "deep-extend": "^0.6.0", + "ini": "~1.3.0", + "minimist": "^1.2.0", + "strip-json-comments": "~2.0.1" + }, + "bin": { + "rc": "cli.js" + } + }, + "node_modules/rc/node_modules/ini": { + "version": "1.3.8", + "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==", + "dev": true, + "license": "ISC" + }, + "node_modules/readable-stream": { + "version": "2.3.8", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz", + "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==", + "dev": true, + "license": "MIT", + "dependencies": { + "core-util-is": "~1.0.0", + "inherits": "~2.0.3", + "isarray": "~1.0.0", + "process-nextick-args": "~2.0.0", + "safe-buffer": "~5.1.1", + "string_decoder": "~1.1.1", + "util-deprecate": "~1.0.1" + } + }, + "node_modules/require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/resolve": { + "version": "1.22.11", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.11.tgz", + "integrity": "sha512-RfqAvLnMl313r7c9oclB1HhUEAezcpLjz95wFH4LVuhk9JF/r22qmVP9AMmOU4vMX7Q8pN8jwNg/CSpdFnMjTQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "is-core-module": "^2.16.1", + "path-parse": "^1.0.7", + "supports-preserve-symlinks-flag": "^1.0.0" + }, + "bin": { + "resolve": "bin/resolve" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/retry": { "version": "0.12.0", "resolved": "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz", @@ -1063,6 +2632,13 @@ "node": ">= 4" } }, + "node_modules/safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true, + "license": "MIT" + }, "node_modules/safer-buffer": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", @@ -1082,6 +2658,53 @@ "node": ">=10" } }, + "node_modules/simple-concat": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/simple-concat/-/simple-concat-1.0.1.tgz", + "integrity": "sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT" + }, + "node_modules/simple-get": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/simple-get/-/simple-get-4.0.1.tgz", + "integrity": "sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT", + "dependencies": { + "decompress-response": "^6.0.0", + "once": "^1.3.1", + "simple-concat": "^1.0.0" + } + }, "node_modules/smart-buffer": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", @@ -1132,6 +2755,190 @@ "node": "^20.17.0 || >=22.9.0" } }, + "node_modules/stream-meter": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/stream-meter/-/stream-meter-1.0.4.tgz", + "integrity": "sha512-4sOEtrbgFotXwnEuzzsQBYEV1elAeFSO8rSGeTwabuX1RRn/kEq9JVH7I0MRBhKVRR0sJkr0M0QCH7yOLf9fhQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "readable-stream": "^2.1.4" + } + }, + "node_modules/streamx": { + "version": "2.23.0", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.23.0.tgz", + "integrity": "sha512-kn+e44esVfn2Fa/O0CPFcex27fjIL6MkVae0Mm6q+E6f0hWv578YCERbv+4m02cjxvDsPKLnmxral/rR6lBMAg==", + "dev": true, + "license": "MIT", + "dependencies": { + "events-universal": "^1.0.0", + "fast-fifo": "^1.3.2", + "text-decoder": "^1.1.0" + } + }, + "node_modules/string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "dev": true, + "license": "MIT", + "dependencies": { + "safe-buffer": "~5.1.0" + } + }, + "node_modules/string-width": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, + "license": "MIT", + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/strip-json-comments": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz", + "integrity": "sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/supports-preserve-symlinks-flag": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", + "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/tar": { + "version": "7.5.2", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.2.tgz", + "integrity": "sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==", + "dev": true, + "license": "BlueOak-1.0.0", + "dependencies": { + "@isaacs/fs-minipass": "^4.0.0", + "chownr": "^3.0.0", + "minipass": "^7.1.2", + "minizlib": "^3.1.0", + "yallist": "^5.0.0" + }, + "engines": { + "node": ">=18" + } + }, + "node_modules/tar-fs": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.1.tgz", + "integrity": "sha512-LZA0oaPOc2fVo82Txf3gw+AkEd38szODlptMYejQUhndHMLQ9M059uXR+AfS7DNo0NpINvSqDsvyaCrBVkptWg==", + "dev": true, + "license": "MIT", + "dependencies": { + "pump": "^3.0.0", + "tar-stream": "^3.1.5" + }, + "optionalDependencies": { + "bare-fs": "^4.0.1", + "bare-path": "^3.0.0" + } + }, + "node_modules/tar-stream": { + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "b4a": "^1.6.4", + "fast-fifo": "^1.2.0", + "streamx": "^2.15.0" + } + }, + "node_modules/tar/node_modules/yallist": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", + "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", + "dev": true, + "license": "BlueOak-1.0.0", + "engines": { + "node": ">=18" + } + }, + "node_modules/text-decoder": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.2.3.tgz", + "integrity": "sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "b4a": "^1.6.4" + } + }, + "node_modules/tinyglobby": { + "version": "0.2.15", + "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.15.tgz", + "integrity": "sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "fdir": "^6.5.0", + "picomatch": "^4.0.3" + }, + "engines": { + "node": ">=12.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/SuperchupuDev" + } + }, + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "dev": true, + "license": "MIT" + }, + "node_modules/tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "safe-buffer": "^5.0.1" + }, + "engines": { + "node": "*" + } + }, "node_modules/typescript": { "version": "5.9.3", "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz", @@ -1175,6 +2982,37 @@ "node": "^20.17.0 || >=22.9.0" } }, + "node_modules/universalify": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", + "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 10.0.0" + } + }, + "node_modules/unzipper": { + "version": "0.12.3", + "resolved": "https://registry.npmjs.org/unzipper/-/unzipper-0.12.3.tgz", + "integrity": "sha512-PZ8hTS+AqcGxsaQntl3IRBw65QrBI6lxzqDEL7IAo/XCEqRTKGfOX56Vea5TH9SZczRVxuzk1re04z/YjuYCJA==", + "dev": true, + "license": "MIT", + "dependencies": { + "bluebird": "~3.7.2", + "duplexer2": "~0.1.4", + "fs-extra": "^11.2.0", + "graceful-fs": "^4.2.2", + "node-int64": "^0.4.0" + } + }, + "node_modules/util-deprecate": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==", + "dev": true, + "license": "MIT" + }, "node_modules/validate-npm-package-name": { "version": "7.0.0", "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-7.0.0.tgz", @@ -1184,12 +3022,94 @@ "node": "^20.17.0 || >=22.9.0" } }, + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true, + "license": "BSD-2-Clause" + }, + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dev": true, + "license": "MIT", + "dependencies": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, + "node_modules/wrap-ansi": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, + "license": "MIT", + "dependencies": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + } + }, + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", + "dev": true, + "license": "ISC" + }, + "node_modules/y18n": { + "version": "5.0.8", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", + "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", + "dev": true, + "license": "ISC", + "engines": { + "node": ">=10" + } + }, "node_modules/yallist": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", "license": "ISC" }, + "node_modules/yargs": { + "version": "16.2.0", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", + "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==", + "dev": true, + "license": "MIT", + "dependencies": { + "cliui": "^7.0.2", + "escalade": "^3.1.1", + "get-caller-file": "^2.0.5", + "require-directory": "^2.1.1", + "string-width": "^4.2.0", + "y18n": "^5.0.5", + "yargs-parser": "^20.2.2" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/yargs-parser": { + "version": "20.2.9", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz", + "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==", + "dev": true, + "license": "ISC", + "engines": { + "node": ">=10" + } + }, "packages/safe-chain": { "name": "@aikidosec/safe-chain", "version": "1.0.0", @@ -1227,6 +3147,7 @@ "@types/node-forge": "^1.3.14", "@types/npm-registry-fetch": "^8.0.9", "@types/semver": "^7.7.1", + "esbuild": "^0.27.0", "typescript": "^5.9.3" } }, diff --git a/package.json b/package.json index aa40862..2793f9c 100644 --- a/package.json +++ b/package.json @@ -19,6 +19,8 @@ "author": "Aikido Security", "license": "AGPL-3.0-or-later", "devDependencies": { - "oxlint": "^1.22.0" + "oxlint": "^1.22.0", + "esbuild": "^0.27.0", + "@yao-pkg/pkg": "6.10.1" } } diff --git a/packages/safe-chain/bin/aikido-bun.js b/packages/safe-chain/bin/aikido-bun.js index c128445..9d11784 100755 --- a/packages/safe-chain/bin/aikido-bun.js +++ b/packages/safe-chain/bin/aikido-bun.js @@ -7,6 +7,8 @@ import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js"; setEcoSystem(ECOSYSTEM_JS); const packageManagerName = "bun"; initializePackageManager(packageManagerName); -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-bunx.js b/packages/safe-chain/bin/aikido-bunx.js index 2e83793..bcc93a6 100755 --- a/packages/safe-chain/bin/aikido-bunx.js +++ b/packages/safe-chain/bin/aikido-bunx.js @@ -7,6 +7,8 @@ import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js"; setEcoSystem(ECOSYSTEM_JS); const packageManagerName = "bunx"; initializePackageManager(packageManagerName); -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-npm.js b/packages/safe-chain/bin/aikido-npm.js index a50d9b5..7916f7e 100755 --- a/packages/safe-chain/bin/aikido-npm.js +++ b/packages/safe-chain/bin/aikido-npm.js @@ -7,6 +7,8 @@ import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js"; setEcoSystem(ECOSYSTEM_JS); const packageManagerName = "npm"; initializePackageManager(packageManagerName); -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-npx.js b/packages/safe-chain/bin/aikido-npx.js index e1687d3..58f3491 100755 --- a/packages/safe-chain/bin/aikido-npx.js +++ b/packages/safe-chain/bin/aikido-npx.js @@ -7,6 +7,8 @@ import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js"; setEcoSystem(ECOSYSTEM_JS); const packageManagerName = "npx"; initializePackageManager(packageManagerName); -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-pip.js b/packages/safe-chain/bin/aikido-pip.js index 39184f0..006e661 100755 --- a/packages/safe-chain/bin/aikido-pip.js +++ b/packages/safe-chain/bin/aikido-pip.js @@ -13,6 +13,8 @@ setCurrentPipInvocation(PIP_INVOCATIONS.PIP); initializePackageManager(PIP_PACKAGE_MANAGER); -// Pass through only user-supplied pip args -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + // Pass through only user-supplied pip args + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-pip3.js b/packages/safe-chain/bin/aikido-pip3.js index e388383..e831afe 100755 --- a/packages/safe-chain/bin/aikido-pip3.js +++ b/packages/safe-chain/bin/aikido-pip3.js @@ -14,6 +14,8 @@ setCurrentPipInvocation(PIP_INVOCATIONS.PIP3); // Create package manager initializePackageManager(PIP_PACKAGE_MANAGER); -// Pass through only user-supplied pip args -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + // Pass through only user-supplied pip args + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-pnpm.js b/packages/safe-chain/bin/aikido-pnpm.js index cf5125e..64bc755 100755 --- a/packages/safe-chain/bin/aikido-pnpm.js +++ b/packages/safe-chain/bin/aikido-pnpm.js @@ -7,6 +7,8 @@ import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js"; setEcoSystem(ECOSYSTEM_JS); const packageManagerName = "pnpm"; initializePackageManager(packageManagerName); -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-pnpx.js b/packages/safe-chain/bin/aikido-pnpx.js index 6182810..11ee45c 100755 --- a/packages/safe-chain/bin/aikido-pnpx.js +++ b/packages/safe-chain/bin/aikido-pnpx.js @@ -7,6 +7,8 @@ import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js"; setEcoSystem(ECOSYSTEM_JS); const packageManagerName = "pnpx"; initializePackageManager(packageManagerName); -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-python.js b/packages/safe-chain/bin/aikido-python.js index 1ef4e34..29c38e6 100755 --- a/packages/safe-chain/bin/aikido-python.js +++ b/packages/safe-chain/bin/aikido-python.js @@ -11,18 +11,20 @@ setEcoSystem(ECOSYSTEM_PY); // Strip nodejs and wrapper script from args let argv = process.argv.slice(2); -if (argv[0] === '-m' && (argv[1] === 'pip' || argv[1] === 'pip3')) { - setEcoSystem(ECOSYSTEM_PY); - setCurrentPipInvocation(argv[1] === 'pip3' ? PIP_INVOCATIONS.PY_PIP3 : PIP_INVOCATIONS.PY_PIP); - initializePackageManager(PIP_PACKAGE_MANAGER); +(async () => { + if (argv[0] === '-m' && (argv[1] === 'pip' || argv[1] === 'pip3')) { + setEcoSystem(ECOSYSTEM_PY); + setCurrentPipInvocation(argv[1] === 'pip3' ? PIP_INVOCATIONS.PY_PIP3 : PIP_INVOCATIONS.PY_PIP); + initializePackageManager(PIP_PACKAGE_MANAGER); - // Strip off the '-m pip' or '-m pip3' from the args - argv = argv.slice(2); + // Strip off the '-m pip' or '-m pip3' from the args + argv = argv.slice(2); - var exitCode = await main(argv); - process.exit(exitCode); -} else { - // Forward to real python binary for non-pip flows - const { spawn } = await import('child_process'); - spawn('python', argv, { stdio: 'inherit' }); -} + var exitCode = await main(argv); + process.exit(exitCode); + } else { + // Forward to real python binary for non-pip flows + const { spawn } = await import('child_process'); + spawn('python', argv, { stdio: 'inherit' }); + } +})(); diff --git a/packages/safe-chain/bin/aikido-python3.js b/packages/safe-chain/bin/aikido-python3.js index f53e5d2..997a88d 100755 --- a/packages/safe-chain/bin/aikido-python3.js +++ b/packages/safe-chain/bin/aikido-python3.js @@ -11,18 +11,20 @@ setEcoSystem(ECOSYSTEM_PY); // Strip nodejs and wrapper script from args let argv = process.argv.slice(2); -if (argv[0] === '-m' && (argv[1] === 'pip' || argv[1] === 'pip3')) { - setEcoSystem(ECOSYSTEM_PY); - setCurrentPipInvocation(argv[1] === 'pip3' ? PIP_INVOCATIONS.PY3_PIP3 : PIP_INVOCATIONS.PY3_PIP); - initializePackageManager(PIP_PACKAGE_MANAGER); +(async () => { + if (argv[0] === '-m' && (argv[1] === 'pip' || argv[1] === 'pip3')) { + setEcoSystem(ECOSYSTEM_PY); + setCurrentPipInvocation(argv[1] === 'pip3' ? PIP_INVOCATIONS.PY3_PIP3 : PIP_INVOCATIONS.PY3_PIP); + initializePackageManager(PIP_PACKAGE_MANAGER); - // Strip off the '-m pip' or '-m pip3' from the args - argv = argv.slice(2); + // Strip off the '-m pip' or '-m pip3' from the args + argv = argv.slice(2); - var exitCode = await main(argv); - process.exit(exitCode); -} else { - // Forward to real python3 binary for non-pip flows - const { spawn } = await import('child_process'); - spawn('python3', argv, { stdio: 'inherit' }); -} + var exitCode = await main(argv); + process.exit(exitCode); + } else { + // Forward to real python3 binary for non-pip flows + const { spawn } = await import('child_process'); + spawn('python3', argv, { stdio: 'inherit' }); + } +})(); diff --git a/packages/safe-chain/bin/aikido-uv.js b/packages/safe-chain/bin/aikido-uv.js index 14180f2..4e635de 100755 --- a/packages/safe-chain/bin/aikido-uv.js +++ b/packages/safe-chain/bin/aikido-uv.js @@ -9,6 +9,8 @@ setEcoSystem(ECOSYSTEM_PY); initializePackageManager("uv"); -// Pass through only user-supplied uv args -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + // Pass through only user-supplied uv args + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/aikido-yarn.js b/packages/safe-chain/bin/aikido-yarn.js index eee14e8..6c428db 100755 --- a/packages/safe-chain/bin/aikido-yarn.js +++ b/packages/safe-chain/bin/aikido-yarn.js @@ -7,6 +7,8 @@ import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js"; setEcoSystem(ECOSYSTEM_JS); const packageManagerName = "yarn"; initializePackageManager(packageManagerName); -var exitCode = await main(process.argv.slice(2)); -process.exit(exitCode); +(async () => { + var exitCode = await main(process.argv.slice(2)); + process.exit(exitCode); +})(); diff --git a/packages/safe-chain/bin/safe-chain.js b/packages/safe-chain/bin/safe-chain.js index 94e4e1f..7a1d6ab 100755 --- a/packages/safe-chain/bin/safe-chain.js +++ b/packages/safe-chain/bin/safe-chain.js @@ -1,12 +1,37 @@ #!/usr/bin/env node import chalk from "chalk"; -import { createRequire } from "module"; import { ui } from "../src/environment/userInteraction.js"; import { setup } from "../src/shell-integration/setup.js"; import { teardown } from "../src/shell-integration/teardown.js"; import { setupCi } from "../src/shell-integration/setup-ci.js"; import { initializeCliArguments } from "../src/config/cliArguments.js"; +import { setEcoSystem } from "../src/config/settings.js"; +import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js"; +import { main } from "../src/main.js"; +import path from "path"; +import { fileURLToPath } from "url"; +import fs from "fs"; +import { knownAikidoTools } from "../src/shell-integration/helpers.js"; +import { + PIP_INVOCATIONS, + PIP_PACKAGE_MANAGER, + setCurrentPipInvocation, +} from "../src/packagemanager/pip/pipSettings.js"; + +/** @type {string} */ +// This checks the current file's dirname in a way that's compatible with: +// - Modulejs (import.meta.url) +// - ES modules (__dirname) +// This is needed because safe-chain's npm package is built using ES modules, +// but building the binaries requires commonjs. +let dirname; +if (import.meta.url) { + const filename = fileURLToPath(import.meta.url); + dirname = path.dirname(filename); +} else { + dirname = __dirname; +} if (process.argv.length < 3) { ui.writeError("No command provided. Please provide a command to execute."); @@ -19,19 +44,35 @@ initializeCliArguments(process.argv); const command = process.argv[2]; -if (command === "help" || command === "--help" || command === "-h") { +const tool = knownAikidoTools.find((tool) => tool.tool === command); + +if (tool && tool.internalPackageManagerName === PIP_PACKAGE_MANAGER) { + (async function () { + await executePip(tool); + })(); +} else if (tool) { + const args = process.argv.slice(3); + + setEcoSystem(tool.ecoSystem); + initializePackageManager(tool.internalPackageManagerName); + + (async () => { + var exitCode = await main(args); + process.exit(exitCode); + })(); +} else if (command === "help" || command === "--help" || command === "-h") { writeHelp(); process.exit(0); -} - -if (command === "setup") { +} else if (command === "setup") { setup(); } else if (command === "teardown") { teardown(); } else if (command === "setup-ci") { setupCi(); } else if (command === "--version" || command === "-v" || command === "-v") { - ui.writeInformation(`Current safe-chain version: ${getVersion()}`); + (async () => { + ui.writeInformation(`Current safe-chain version: ${await getVersion()}`); + })(); } else { ui.writeError(`Unknown command: ${command}.`); ui.emptyLine(); @@ -87,8 +128,63 @@ function writeHelp() { ui.emptyLine(); } -function getVersion() { - const require = createRequire(import.meta.url); - const packageJson = require("../package.json"); - return packageJson.version; +async function getVersion() { + const packageJsonPath = path.join(dirname, "..", "package.json"); + + const data = await fs.promises.readFile(packageJsonPath); + const json = JSON.parse(data.toString("utf8")); + + if (json && json.version) { + return json.version; + } + + return "0.0.0"; +} + +/** + * @param {import("../src/shell-integration/helpers.js").AikidoTool} tool + */ +async function executePip(tool) { + // Scanners for pip / pip3 / python / python3 use a slightly different approach: + // - They all use the same PIP_PACKAGE_MANAGER internally, but need some setup to be able to do so + // - It needs to set which tool to run (pip / pip3 / python / python3) + // - For python and python3, the -m pip/pip3 args are removed and later added again by the package manager + // - Python / python3 skips safe-chain if not being run with -m pip or -m pip3 + + let args = process.argv.slice(3); + setEcoSystem(tool.ecoSystem); + initializePackageManager(PIP_PACKAGE_MANAGER); + + let shouldSkip = false; + if (tool.tool === "pip") { + setCurrentPipInvocation(PIP_INVOCATIONS.PIP); + } else if (tool.tool === "pip3") { + setCurrentPipInvocation(PIP_INVOCATIONS.PIP3); + } else if (tool.tool === "python") { + if (args[0] === "-m" && (args[1] === "pip" || args[1] === "pip3")) { + setCurrentPipInvocation( + args[1] === "pip3" ? PIP_INVOCATIONS.PY_PIP3 : PIP_INVOCATIONS.PY_PIP + ); + args = args.slice(2); + } else { + shouldSkip = true; + } + } else if (tool.tool === "python3") { + if (args[0] === "-m" && (args[1] === "pip" || args[1] === "pip3")) { + setCurrentPipInvocation( + args[1] === "pip3" ? PIP_INVOCATIONS.PY3_PIP3 : PIP_INVOCATIONS.PY3_PIP + ); + args = args.slice(2); + } else { + shouldSkip = true; + } + } + + if (shouldSkip) { + const { spawn } = await import("child_process"); + spawn(tool.tool, args, { stdio: "inherit" }); + } else { + var exitCode = await main(args); + process.exit(exitCode); + } } diff --git a/packages/safe-chain/package.json b/packages/safe-chain/package.json index 74e6878..d0e0e91 100644 --- a/packages/safe-chain/package.json +++ b/packages/safe-chain/package.json @@ -53,6 +53,7 @@ "@types/node-forge": "^1.3.14", "@types/npm-registry-fetch": "^8.0.9", "@types/semver": "^7.7.1", + "esbuild": "^0.27.0", "typescript": "^5.9.3" }, "main": "src/main.js", diff --git a/packages/safe-chain/src/packagemanager/pip/runPipCommand.js b/packages/safe-chain/src/packagemanager/pip/runPipCommand.js index 23485ff..f7050a5 100644 --- a/packages/safe-chain/src/packagemanager/pip/runPipCommand.js +++ b/packages/safe-chain/src/packagemanager/pip/runPipCommand.js @@ -46,6 +46,9 @@ function setFallbackCaBundleEnvironmentVariables(env, combinedCaPath) { * If the user has an existing PIP_CONFIG_FILE, a new temporary config is created that merges * their settings with safe-chain's, leaving the original file unchanged. * + * Special handling for commands that modify config/cache/state: PIP_CONFIG_FILE is NOT overridden to allow + * users to read/write persistent config. Only CA environment variables are set for these commands. + * * @param {string} command - The pip command to execute (e.g., 'pip3') * @param {string[]} args - Command line arguments to pass to pip * @returns {Promise<{status: number}>} Exit status of the pip command @@ -59,6 +62,12 @@ export async function runPip(command, args) { // validates correctly under both MITM'd and tunneled HTTPS. const combinedCaPath = getCombinedCaBundlePath(); + // Commands that need access to persistent config/cache/state files + // These should not have PIP_CONFIG_FILE overridden as it would prevent them from + // reading/writing to the user's actual pip configuration and cache directories + const configRelatedCommands = ['config', 'cache', 'debug', 'completion']; + const isConfigRelatedCommand = args.length > 0 && configRelatedCommands.includes(args[0]); + // https://pip.pypa.io/en/stable/topics/https-certificates/ explains that the 'cert' param (which we're providing via INI file) // will tell pip to use the provided CA bundle for HTTPS verification. @@ -70,6 +79,22 @@ export async function runPip(command, args) { const pipConfigPath = path.join(tmpDir, `safe-chain-pip-${Date.now()}.ini`); let cleanupConfigPath = null; // Track temp file for cleanup + if (isConfigRelatedCommand) { + ui.writeVerbose(`Safe-chain: Skipping PIP_CONFIG_FILE override for 'pip ${args[0]}' command to allow persistent config/cache access.`); + + // Still set the fallback CA bundle environment variables to avoid edge cases where a + // plugin or extension triggers a network call during config introspection + // This can do no harm + setFallbackCaBundleEnvironmentVariables(env, combinedCaPath); + + const result = await safeSpawn(command, args, { + stdio: "inherit", + env, + }); + + return { status: result.status }; + } + // Note: Setting PIP_CONFIG_FILE overrides all pip config levels (Global/User/Site) per pip's loading order if (!env.PIP_CONFIG_FILE) { /** @type {{ global: { cert: string, proxy?: string } }} */ diff --git a/packages/safe-chain/src/packagemanager/pip/runPipCommand.spec.js b/packages/safe-chain/src/packagemanager/pip/runPipCommand.spec.js index d0df961..cf121f6 100644 --- a/packages/safe-chain/src/packagemanager/pip/runPipCommand.spec.js +++ b/packages/safe-chain/src/packagemanager/pip/runPipCommand.spec.js @@ -62,6 +62,103 @@ describe("runPipCommand environment variable handling", () => { mock.reset(); }); + it("should NOT set PIP_CONFIG_FILE for 'pip config' commands to allow persistent config access", async () => { + const res = await runPip("pip3", ["config", "set", "global.index-url", "https://test.pypi.org/simple"]); + assert.strictEqual(res.status, 0); + assert.ok(capturedArgs, "safeSpawn should have been called"); + + // PIP_CONFIG_FILE should NOT be set for config commands + assert.strictEqual( + capturedArgs.options.env.PIP_CONFIG_FILE, + undefined, + "PIP_CONFIG_FILE should NOT be set for pip config commands" + ); + + // But CA environment variables should still be set + assert.strictEqual( + capturedArgs.options.env.REQUESTS_CA_BUNDLE, + "/tmp/test-combined-ca.pem", + "REQUESTS_CA_BUNDLE should still be set" + ); + assert.strictEqual( + capturedArgs.options.env.SSL_CERT_FILE, + "/tmp/test-combined-ca.pem", + "SSL_CERT_FILE should still be set" + ); + assert.strictEqual( + capturedArgs.options.env.PIP_CERT, + "/tmp/test-combined-ca.pem", + "PIP_CERT should still be set" + ); + }); + + it("should NOT set PIP_CONFIG_FILE for 'pip config get' commands", async () => { + const res = await runPip("pip3", ["config", "get", "global.index-url"]); + assert.strictEqual(res.status, 0); + assert.ok(capturedArgs, "safeSpawn should have been called"); + + assert.strictEqual( + capturedArgs.options.env.PIP_CONFIG_FILE, + undefined, + "PIP_CONFIG_FILE should NOT be set for pip config get" + ); + }); + + it("should NOT set PIP_CONFIG_FILE for 'pip config list' commands", async () => { + const res = await runPip("pip3", ["config", "list"]); + assert.strictEqual(res.status, 0); + assert.ok(capturedArgs, "safeSpawn should have been called"); + + assert.strictEqual( + capturedArgs.options.env.PIP_CONFIG_FILE, + undefined, + "PIP_CONFIG_FILE should NOT be set for pip config list" + ); + }); + + it("should NOT set PIP_CONFIG_FILE for 'pip cache' commands", async () => { + const res = await runPip("pip3", ["cache", "dir"]); + assert.strictEqual(res.status, 0); + assert.ok(capturedArgs, "safeSpawn should have been called"); + + assert.strictEqual( + capturedArgs.options.env.PIP_CONFIG_FILE, + undefined, + "PIP_CONFIG_FILE should NOT be set for pip cache commands" + ); + + // CA env vars should still be set + assert.strictEqual( + capturedArgs.options.env.SSL_CERT_FILE, + "/tmp/test-combined-ca.pem", + "SSL_CERT_FILE should still be set" + ); + }); + + it("should NOT set PIP_CONFIG_FILE for 'pip debug' commands", async () => { + const res = await runPip("pip3", ["debug"]); + assert.strictEqual(res.status, 0); + assert.ok(capturedArgs, "safeSpawn should have been called"); + + assert.strictEqual( + capturedArgs.options.env.PIP_CONFIG_FILE, + undefined, + "PIP_CONFIG_FILE should NOT be set for pip debug" + ); + }); + + it("should NOT set PIP_CONFIG_FILE for 'pip completion' commands", async () => { + const res = await runPip("pip3", ["completion", "--bash"]); + assert.strictEqual(res.status, 0); + assert.ok(capturedArgs, "safeSpawn should have been called"); + + assert.strictEqual( + capturedArgs.options.env.PIP_CONFIG_FILE, + undefined, + "PIP_CONFIG_FILE should NOT be set for pip completion" + ); + }); + it("should set PIP_CERT env var and create config file", async () => { const res = await runPip("pip3", ["install", "requests"]); assert.strictEqual(res.status, 0); diff --git a/packages/safe-chain/src/registryProxy/mitmRequestHandler.js b/packages/safe-chain/src/registryProxy/mitmRequestHandler.js index bfc6c3e..cf2af5b 100644 --- a/packages/safe-chain/src/registryProxy/mitmRequestHandler.js +++ b/packages/safe-chain/src/registryProxy/mitmRequestHandler.js @@ -117,14 +117,16 @@ function forwardRequest(req, hostname, res, requestHandler) { proxyReq.on("error", (err) => { ui.writeVerbose( - `Safe-chain: Error occurred while proxying request: ${err.message}` + `Safe-chain: Error occurred while proxying request to ${req.url} for ${hostname}: ${err.message}` ); res.writeHead(502); res.end("Bad Gateway"); }); req.on("error", (err) => { - ui.writeError(`Safe-chain: Error reading client request: ${err.message}`); + ui.writeError( + `Safe-chain: Error reading client request to ${req.url} for ${hostname}: ${err.message}` + ); proxyReq.destroy(); }); @@ -175,7 +177,7 @@ function createProxyRequest(hostname, req, res, requestHandler) { const proxyReq = https.request(options, (proxyRes) => { proxyRes.on("error", (err) => { ui.writeError( - `Safe-chain: Error reading upstream response: ${err.message}` + `Safe-chain: Error reading upstream response to ${req.url} for ${hostname}: ${err.message}` ); if (!res.headersSent) { res.writeHead(502); @@ -184,7 +186,9 @@ function createProxyRequest(hostname, req, res, requestHandler) { }); if (!proxyRes.statusCode) { - ui.writeError("Safe-chain: Proxy response missing status code"); + ui.writeError( + `Safe-chain: Proxy response missing status code to ${req.url} for ${hostname}` + ); res.writeHead(500); res.end("Internal Server Error"); return; diff --git a/packages/safe-chain/src/shell-integration/helpers.js b/packages/safe-chain/src/shell-integration/helpers.js index af95284..16d2633 100644 --- a/packages/safe-chain/src/shell-integration/helpers.js +++ b/packages/safe-chain/src/shell-integration/helpers.js @@ -9,25 +9,91 @@ import { ECOSYSTEM_JS, ECOSYSTEM_PY } from "../config/settings.js"; * @property {string} tool * @property {string} aikidoCommand * @property {string} ecoSystem + * @property {string} internalPackageManagerName */ /** * @type {AikidoTool[]} */ export const knownAikidoTools = [ - { tool: "npm", aikidoCommand: "aikido-npm", ecoSystem: ECOSYSTEM_JS }, - { tool: "npx", aikidoCommand: "aikido-npx", ecoSystem: ECOSYSTEM_JS }, - { tool: "yarn", aikidoCommand: "aikido-yarn", ecoSystem: ECOSYSTEM_JS }, - { tool: "pnpm", aikidoCommand: "aikido-pnpm", ecoSystem: ECOSYSTEM_JS }, - { tool: "pnpx", aikidoCommand: "aikido-pnpx", ecoSystem: ECOSYSTEM_JS }, - { tool: "bun", aikidoCommand: "aikido-bun", ecoSystem: ECOSYSTEM_JS }, - { tool: "bunx", aikidoCommand: "aikido-bunx", ecoSystem: ECOSYSTEM_JS }, - { tool: "uv", aikidoCommand: "aikido-uv", ecoSystem: ECOSYSTEM_PY }, - { tool: "pip", aikidoCommand: "aikido-pip", ecoSystem: ECOSYSTEM_PY }, - { tool: "pip3", aikidoCommand: "aikido-pip3", ecoSystem: ECOSYSTEM_PY }, - { tool: "poetry", aikidoCommand: "aikido-poetry", ecoSystem: ECOSYSTEM_PY }, - { tool: "python", aikidoCommand: "aikido-python", ecoSystem: ECOSYSTEM_PY }, - { tool: "python3", aikidoCommand: "aikido-python3", ecoSystem: ECOSYSTEM_PY }, + { + tool: "npm", + aikidoCommand: "aikido-npm", + ecoSystem: ECOSYSTEM_JS, + internalPackageManagerName: "npm", + }, + { + tool: "npx", + aikidoCommand: "aikido-npx", + ecoSystem: ECOSYSTEM_JS, + internalPackageManagerName: "npx", + }, + { + tool: "yarn", + aikidoCommand: "aikido-yarn", + ecoSystem: ECOSYSTEM_JS, + internalPackageManagerName: "yarn", + }, + { + tool: "pnpm", + aikidoCommand: "aikido-pnpm", + ecoSystem: ECOSYSTEM_JS, + internalPackageManagerName: "pnpm", + }, + { + tool: "pnpx", + aikidoCommand: "aikido-pnpx", + ecoSystem: ECOSYSTEM_JS, + internalPackageManagerName: "pnpx", + }, + { + tool: "bun", + aikidoCommand: "aikido-bun", + ecoSystem: ECOSYSTEM_JS, + internalPackageManagerName: "bun", + }, + { + tool: "bunx", + aikidoCommand: "aikido-bunx", + ecoSystem: ECOSYSTEM_JS, + internalPackageManagerName: "bunx", + }, + { + tool: "uv", + aikidoCommand: "aikido-uv", + ecoSystem: ECOSYSTEM_PY, + internalPackageManagerName: "uv", + }, + { + tool: "pip", + aikidoCommand: "aikido-pip", + ecoSystem: ECOSYSTEM_PY, + internalPackageManagerName: "pip", + }, + { + tool: "pip3", + aikidoCommand: "aikido-pip3", + ecoSystem: ECOSYSTEM_PY, + internalPackageManagerName: "pip", + }, + { + tool: "poetry", + aikidoCommand: "aikido-poetry", + ecoSystem: ECOSYSTEM_PY, + internalPackageManagerName: "pip", + }, + { + tool: "python", + aikidoCommand: "aikido-python", + ecoSystem: ECOSYSTEM_PY, + internalPackageManagerName: "pip", + }, + { + tool: "python3", + aikidoCommand: "aikido-python3", + ecoSystem: ECOSYSTEM_PY, + internalPackageManagerName: "pip", + }, // When adding a new tool here, also update the documentation for the new tool in the README.md ]; diff --git a/packages/safe-chain/src/shell-integration/path-wrappers/templates/unix-wrapper.template.sh b/packages/safe-chain/src/shell-integration/path-wrappers/templates/unix-wrapper.template.sh index e914e5b..d6c9efd 100644 --- a/packages/safe-chain/src/shell-integration/path-wrappers/templates/unix-wrapper.template.sh +++ b/packages/safe-chain/src/shell-integration/path-wrappers/templates/unix-wrapper.template.sh @@ -7,9 +7,9 @@ remove_shim_from_path() { echo "$PATH" | sed "s|$HOME/.safe-chain/shims:||g" } -if command -v {{AIKIDO_COMMAND}} >/dev/null 2>&1; then +if command -v safe-chain >/dev/null 2>&1; then # Remove shim directory from PATH when calling {{AIKIDO_COMMAND}} to prevent infinite loops - PATH=$(remove_shim_from_path) exec {{AIKIDO_COMMAND}} "$@" + PATH=$(remove_shim_from_path) exec safe-chain {{PACKAGE_MANAGER}} "$@" else # Dynamically find original {{PACKAGE_MANAGER}} (excluding this shim directory) original_cmd=$(PATH=$(remove_shim_from_path) command -v {{PACKAGE_MANAGER}}) diff --git a/packages/safe-chain/src/shell-integration/path-wrappers/templates/windows-wrapper.template.cmd b/packages/safe-chain/src/shell-integration/path-wrappers/templates/windows-wrapper.template.cmd index b7a65fa..082d553 100644 --- a/packages/safe-chain/src/shell-integration/path-wrappers/templates/windows-wrapper.template.cmd +++ b/packages/safe-chain/src/shell-integration/path-wrappers/templates/windows-wrapper.template.cmd @@ -7,10 +7,10 @@ set "SHIM_DIR=%USERPROFILE%\.safe-chain\shims" call set "CLEAN_PATH=%%PATH:%SHIM_DIR%;=%%" REM Check if aikido command is available with clean PATH -set "PATH=%CLEAN_PATH%" & where {{AIKIDO_COMMAND}} >nul 2>&1 +set "PATH=%CLEAN_PATH%" & where safe-chain >nul 2>&1 if %errorlevel%==0 ( REM Call aikido command with clean PATH - set "PATH=%CLEAN_PATH%" & {{AIKIDO_COMMAND}} %* + set "PATH=%CLEAN_PATH%" & safe-chain {{PACKAGE_MANAGER}} %* ) else ( REM Find the original command with clean PATH for /f "tokens=*" %%i in ('set "PATH=%CLEAN_PATH%" ^& where {{PACKAGE_MANAGER}} 2^>nul') do ( diff --git a/packages/safe-chain/src/shell-integration/setup-ci.js b/packages/safe-chain/src/shell-integration/setup-ci.js index f63ad32..bc5c5e6 100644 --- a/packages/safe-chain/src/shell-integration/setup-ci.js +++ b/packages/safe-chain/src/shell-integration/setup-ci.js @@ -8,6 +8,20 @@ import { fileURLToPath } from "url"; import { includePython } from "../config/cliArguments.js"; import { ECOSYSTEM_PY } from "../config/settings.js"; +/** @type {string} */ +// This checks the current file's dirname in a way that's compatible with: +// - Modulejs (import.meta.url) +// - ES modules (__dirname) +// This is needed because safe-chain's npm package is built using ES modules, +// but building the binaries requires commonjs. +let dirname; +if (import.meta.url) { + const filename = fileURLToPath(import.meta.url); + dirname = path.dirname(filename); +} else { + dirname = __dirname; +} + /** * Loops over the detected shells and calls the setup function for each. */ @@ -19,6 +33,7 @@ export async function setupCi() { ui.emptyLine(); const shimsDir = path.join(os.homedir(), ".safe-chain", "shims"); + const binDir = path.join(os.homedir(), ".safe-chain", "bin"); // Create the shims directory if it doesn't exist if (!fs.existsSync(shimsDir)) { fs.mkdirSync(shimsDir, { recursive: true }); @@ -26,7 +41,7 @@ export async function setupCi() { createShims(shimsDir); ui.writeInformation(`Created shims in ${shimsDir}`); - modifyPathForCi(shimsDir); + modifyPathForCi(shimsDir, binDir); ui.writeInformation(`Added shims directory to PATH for CI environments.`); } @@ -37,10 +52,8 @@ export async function setupCi() { */ function createUnixShims(shimsDir) { // Read the template file - const __filename = fileURLToPath(import.meta.url); - const __dirname = path.dirname(__filename); const templatePath = path.resolve( - __dirname, + dirname, "path-wrappers", "templates", "unix-wrapper.template.sh" @@ -78,10 +91,8 @@ function createUnixShims(shimsDir) { */ function createWindowsShims(shimsDir) { // Read the template file - const __filename = fileURLToPath(import.meta.url); - const __dirname = path.dirname(__filename); const templatePath = path.resolve( - __dirname, + dirname, "path-wrappers", "templates", "windows-wrapper.template.cmd" @@ -124,13 +135,18 @@ function createShims(shimsDir) { /** * @param {string} shimsDir + * @param {string} binDir * * @returns {void} */ -function modifyPathForCi(shimsDir) { +function modifyPathForCi(shimsDir, binDir) { if (process.env.GITHUB_PATH) { // In GitHub Actions, append the shims directory to GITHUB_PATH - fs.appendFileSync(process.env.GITHUB_PATH, shimsDir + os.EOL, "utf-8"); + fs.appendFileSync( + process.env.GITHUB_PATH, + shimsDir + os.EOL + binDir + os.EOL, + "utf-8" + ); ui.writeInformation( `Added shims directory to GITHUB_PATH for GitHub Actions.` ); @@ -141,6 +157,7 @@ function modifyPathForCi(shimsDir) { // ##vso[task.prependpath]/path/to/add // Logging this to stdout will cause the Azure Pipelines agent to pick it up ui.writeInformation("##vso[task.prependpath]" + shimsDir); + ui.writeInformation("##vso[task.prependpath]" + binDir); } } diff --git a/packages/safe-chain/src/shell-integration/setup.js b/packages/safe-chain/src/shell-integration/setup.js index e734858..d5c4be9 100644 --- a/packages/safe-chain/src/shell-integration/setup.js +++ b/packages/safe-chain/src/shell-integration/setup.js @@ -5,8 +5,22 @@ import { knownAikidoTools, getPackageManagerList } from "./helpers.js"; import fs from "fs"; import os from "os"; import path from "path"; -import { fileURLToPath } from "url"; import { includePython } from "../config/cliArguments.js"; +import { fileURLToPath } from "url"; + +/** @type {string} */ +// This checks the current file's dirname in a way that's compatible with: +// - Modulejs (import.meta.url) +// - ES modules (__dirname) +// This is needed because safe-chain's npm package is built using ES modules, +// but building the binaries requires commonjs. +let dirname; +if (import.meta.url) { + const filename = fileURLToPath(import.meta.url); + dirname = path.dirname(filename); +} else { + dirname = __dirname; +} /** * Loops over the detected shells and calls the setup function for each. @@ -103,10 +117,8 @@ function copyStartupFiles() { } // Use absolute path for source - const __filename = fileURLToPath(import.meta.url); - const __dirname = path.dirname(__filename); - const sourcePath = path.resolve( - __dirname, + const sourcePath = path.join( + dirname, includePython() ? "startup-scripts/include-python" : "startup-scripts", file ); diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish index a849b2f..386144c 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish +++ b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-fish.fish @@ -1,3 +1,71 @@ +set -gx PATH $PATH $HOME/.safe-chain/bin + +function npx + wrapSafeChainCommand "npx" $argv +end + +function yarn + wrapSafeChainCommand "yarn" $argv +end + +function pnpm + wrapSafeChainCommand "pnpm" $argv +end + +function pnpx + wrapSafeChainCommand "pnpx" $argv +end + +function bun + wrapSafeChainCommand "bun" $argv +end + +function bunx + wrapSafeChainCommand "bunx" $argv +end + +function npm + # If args is just -v or --version and nothing else, just run the `npm -v` command + # This is because nvm uses this to check the version of npm + set argc (count $argv) + if test $argc -eq 1 + switch $argv[1] + case "-v" "--version" + command npm $argv + return + end + end + + wrapSafeChainCommand "npm" $argv +end + + +function pip + wrapSafeChainCommand "pip" $argv +end + +function pip3 + wrapSafeChainCommand "pip3" $argv +end + +function uv + wrapSafeChainCommand "uv" $argv +end + +function poetry + wrapSafeChainCommand "poetry" $argv +end + +# `python -m pip`, `python -m pip3`. +function python + wrapSafeChainCommand "python" $argv +end + +# `python3 -m pip`, `python3 -m pip3'. +function python3 + wrapSafeChainCommand "python3" $argv +end + function printSafeChainWarning set original_cmd $argv[1] @@ -17,80 +85,14 @@ end function wrapSafeChainCommand set original_cmd $argv[1] - set aikido_cmd $argv[2] - set cmd_args $argv[3..-1] - - if type -q $aikido_cmd - # If the aikido command is available, just run it with the provided arguments - $aikido_cmd $cmd_args + set cmd_args $argv[2..-1] + + if type -q safe-chain + # If the safe-chain command is available, just run it with the provided arguments + safe-chain $original_cmd $cmd_args else - # If the aikido command is not available, print a warning and run the original command + # If the safe-chain command is not available, print a warning and run the original command printSafeChainWarning $original_cmd command $original_cmd $cmd_args end end - -function npx - wrapSafeChainCommand "npx" "aikido-npx" $argv -end - -function yarn - wrapSafeChainCommand "yarn" "aikido-yarn" $argv -end - -function pnpm - wrapSafeChainCommand "pnpm" "aikido-pnpm" $argv -end - -function pnpx - wrapSafeChainCommand "pnpx" "aikido-pnpx" $argv -end - -function bun - wrapSafeChainCommand "bun" "aikido-bun" $argv -end - -function bunx - wrapSafeChainCommand "bunx" "aikido-bunx" $argv -end - -function npm - # If args is just -v or --version and nothing else, just run the `npm -v` command - # This is because nvm uses this to check the version of npm - set argc (count $argv) - if test $argc -eq 1 - switch $argv[1] - case "-v" "--version" - command npm $argv - return - end - end - - wrapSafeChainCommand "npm" "aikido-npm" $argv -end - -function pip - wrapSafeChainCommand "pip" "aikido-pip" $argv -end - -function pip3 - wrapSafeChainCommand "pip3" "aikido-pip3" $argv -end - -function uv - wrapSafeChainCommand "uv" "aikido-uv" $argv -end - -function poetry - wrapSafeChainCommand "poetry" "aikido-poetry" $argv -end - -# `python -m pip`, `python -m pip3`. -function python - wrapSafeChainCommand "python" "aikido-python" $argv -end - -# `python3 -m pip`, `python3 -m pip3'. -function python3 - wrapSafeChainCommand "python3" "aikido-python3" $argv -end diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh index 693075e..c71c741 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh +++ b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-posix.sh @@ -1,3 +1,66 @@ +export PATH="$PATH:$HOME/.safe-chain/bin" + +function npx() { + wrapSafeChainCommand "npx" "$@" +} + +function yarn() { + wrapSafeChainCommand "yarn" "$@" +} + +function pnpm() { + wrapSafeChainCommand "pnpm" "$@" +} + +function pnpx() { + wrapSafeChainCommand "pnpx" "$@" +} + +function bun() { + wrapSafeChainCommand "bun" "$@" +} + +function bunx() { + wrapSafeChainCommand "bunx" "$@" +} + +function npm() { + if [[ "$1" == "-v" || "$1" == "--version" ]] && [[ $# -eq 1 ]]; then + # If args is just -v or --version and nothing else, just run the npm version command + # This is because nvm uses this to check the version of npm + command npm "$@" + return + fi + + wrapSafeChainCommand "npm" "$@" +} + + +function pip() { + wrapSafeChainCommand "pip" "$@" +} + +function pip3() { + wrapSafeChainCommand "pip3" "$@" +} + +function uv() { + wrapSafeChainCommand "uv" "$@" +} + +function poetry() { + wrapSafeChainCommand "poetry" "$@" +} + +# `python -m pip`, `python -m pip3`. +function python() { + wrapSafeChainCommand "python" "$@" +} + +# `python3 -m pip`, `python3 -m pip3'. +function python3() { + wrapSafeChainCommand "python3" "$@" +} function printSafeChainWarning() { # \033[43;30m is used to set the background color to yellow and text color to black @@ -9,15 +72,10 @@ function printSafeChainWarning() { function wrapSafeChainCommand() { local original_cmd="$1" - local aikido_cmd="$2" - # Remove the first 2 arguments (original_cmd and aikido_cmd) from $@ - # so that "$@" now contains only the arguments passed to the original command - shift 2 - - if command -v "$aikido_cmd" > /dev/null 2>&1; then + if command -v safe-chain > /dev/null 2>&1; then # If the aikido command is available, just run it with the provided arguments - "$aikido_cmd" "$@" + safe-chain "$@" else # If the aikido command is not available, print a warning and run the original command printSafeChainWarning "$original_cmd" @@ -25,64 +83,3 @@ function wrapSafeChainCommand() { command "$original_cmd" "$@" fi } - -function npx() { - wrapSafeChainCommand "npx" "aikido-npx" "$@" -} - -function yarn() { - wrapSafeChainCommand "yarn" "aikido-yarn" "$@" -} - -function pnpm() { - wrapSafeChainCommand "pnpm" "aikido-pnpm" "$@" -} - -function pnpx() { - wrapSafeChainCommand "pnpx" "aikido-pnpx" "$@" -} - -function bun() { - wrapSafeChainCommand "bun" "aikido-bun" "$@" -} - -function bunx() { - wrapSafeChainCommand "bunx" "aikido-bunx" "$@" -} - -function npm() { - if [[ "$1" == "-v" || "$1" == "--version" ]] && [[ $# -eq 1 ]]; then - # If args is just -v or --version and nothing else, just run the npm version command - # This is because nvm uses this to check the version of npm - command npm "$@" - return - fi - - wrapSafeChainCommand "npm" "aikido-npm" "$@" -} - -function pip() { - wrapSafeChainCommand "pip" "aikido-pip" "$@" -} - -function pip3() { - wrapSafeChainCommand "pip3" "aikido-pip3" "$@" -} - -function uv() { - wrapSafeChainCommand "uv" "aikido-uv" "$@" -} - -function poetry() { - wrapSafeChainCommand "poetry" "aikido-poetry" "$@" -} - -# `python -m pip`, `python -m pip3`. -function python() { - wrapSafeChainCommand "python" "aikido-python" "$@" -} - -# `python3 -m pip`, `python3 -m pip3'. -function python3() { - wrapSafeChainCommand "python3" "aikido-python3" "$@" -} diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 index ab22ab8..faef65c 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 +++ b/packages/safe-chain/src/shell-integration/startup-scripts/include-python/init-pwsh.ps1 @@ -1,3 +1,70 @@ +# Use cross-platform path separator (: on Unix, ; on Windows) +$pathSeparator = if ($IsWindows) { ';' } else { ':' } +$safeChainBin = Join-Path $HOME '.safe-chain' 'bin' +$env:PATH = "$env:PATH$pathSeparator$safeChainBin" + +function npx { + Invoke-WrappedCommand "npx" $args +} + +function yarn { + Invoke-WrappedCommand "yarn" $args +} + +function pnpm { + Invoke-WrappedCommand "pnpm" $args +} + +function pnpx { + Invoke-WrappedCommand "pnpx" $args +} + +function bun { + Invoke-WrappedCommand "bun" $args +} + +function bunx { + Invoke-WrappedCommand "bunx" $args +} + +function npm { + # If args is just -v or --version and nothing else, just run the npm version command + # This is because nvm uses this to check the version of npm + if (($args.Length -eq 1) -and (($args[0] -eq "-v") -or ($args[0] -eq "--version"))) { + Invoke-RealCommand "npm" $args + return + } + + Invoke-WrappedCommand "npm" $args +} + +function pip { + Invoke-WrappedCommand "pip" $args +} + +function pip3 { + Invoke-WrappedCommand "pip3" $args +} + +function uv { + Invoke-WrappedCommand "uv" $args +} + +function poetry { + Invoke-WrappedCommand "poetry" $args +} + +# `python -m pip`, `python -m pip3`. +function python { + Invoke-WrappedCommand 'python' $args +} + +# `python3 -m pip`, `python3 -m pip3'. +function python3 { + Invoke-WrappedCommand 'python3' $args +} + + function Write-SafeChainWarning { param([string]$Command) @@ -39,77 +106,14 @@ function Invoke-RealCommand { function Invoke-WrappedCommand { param( [string]$OriginalCmd, - [string]$AikidoCmd, [string[]]$Arguments ) - if (Test-CommandAvailable $AikidoCmd) { - & $AikidoCmd @Arguments + if (Test-CommandAvailable "safe-chain") { + & safe-chain $OriginalCmd @Arguments } else { Write-SafeChainWarning $OriginalCmd Invoke-RealCommand $OriginalCmd $Arguments } } - -function npx { - Invoke-WrappedCommand "npx" "aikido-npx" $args -} - -function yarn { - Invoke-WrappedCommand "yarn" "aikido-yarn" $args -} - -function pnpm { - Invoke-WrappedCommand "pnpm" "aikido-pnpm" $args -} - -function pnpx { - Invoke-WrappedCommand "pnpx" "aikido-pnpx" $args -} - -function bun { - Invoke-WrappedCommand "bun" "aikido-bun" $args -} - -function bunx { - Invoke-WrappedCommand "bunx" "aikido-bunx" $args -} - -function npm { - # If args is just -v or --version and nothing else, just run the npm version command - # This is because nvm uses this to check the version of npm - if (($args.Length -eq 1) -and (($args[0] -eq "-v") -or ($args[0] -eq "--version"))) { - Invoke-RealCommand "npm" $args - return - } - - Invoke-WrappedCommand "npm" "aikido-npm" $args -} - -function pip { - Invoke-WrappedCommand "pip" "aikido-pip" $args -} - -function pip3 { - Invoke-WrappedCommand "pip3" "aikido-pip3" $args -} - -function uv { - Invoke-WrappedCommand "uv" "aikido-uv" $args -} - -function poetry { - Invoke-WrappedCommand "poetry" "aikido-poetry" $args -} - -# `python -m pip`, `python -m pip3`. -function python { - Invoke-WrappedCommand 'python' 'aikido-python' $args -} - -# `python3 -m pip`, `python3 -m pip3'. -function python3 { - Invoke-WrappedCommand 'python3' 'aikido-python3' $args -} - diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish b/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish index 29d6bf3..b18ff96 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish +++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish @@ -1,3 +1,44 @@ +set -gx PATH $PATH $HOME/.safe-chain/bin + +function npx + wrapSafeChainCommand "npx" $argv +end + +function yarn + wrapSafeChainCommand "yarn" $argv +end + +function pnpm + wrapSafeChainCommand "pnpm" $argv +end + +function pnpx + wrapSafeChainCommand "pnpx" $argv +end + +function bun + wrapSafeChainCommand "bun" $argv +end + +function bunx + wrapSafeChainCommand "bunx" $argv +end + +function npm + # If args is just -v or --version and nothing else, just run the `npm -v` command + # This is because nvm uses this to check the version of npm + set argc (count $argv) + if test $argc -eq 1 + switch $argv[1] + case "-v" "--version" + command npm $argv + return + end + end + + wrapSafeChainCommand "npm" $argv +end + function printSafeChainWarning set original_cmd $argv[1] @@ -17,54 +58,14 @@ end function wrapSafeChainCommand set original_cmd $argv[1] - set aikido_cmd $argv[2] - set cmd_args $argv[3..-1] - - if type -q $aikido_cmd - # If the aikido command is available, just run it with the provided arguments - $aikido_cmd $cmd_args + set cmd_args $argv[2..-1] + + if type -q safe-chain + # If the safe-chain command is available, just run it with the provided arguments + safe-chain $original_cmd $cmd_args else - # If the aikido command is not available, print a warning and run the original command + # If the safe-chain command is not available, print a warning and run the original command printSafeChainWarning $original_cmd command $original_cmd $cmd_args end end - -function npx - wrapSafeChainCommand "npx" "aikido-npx" $argv -end - -function yarn - wrapSafeChainCommand "yarn" "aikido-yarn" $argv -end - -function pnpm - wrapSafeChainCommand "pnpm" "aikido-pnpm" $argv -end - -function pnpx - wrapSafeChainCommand "pnpx" "aikido-pnpx" $argv -end - -function bun - wrapSafeChainCommand "bun" "aikido-bun" $argv -end - -function bunx - wrapSafeChainCommand "bunx" "aikido-bunx" $argv -end - -function npm - # If args is just -v or --version and nothing else, just run the `npm -v` command - # This is because nvm uses this to check the version of npm - set argc (count $argv) - if test $argc -eq 1 - switch $argv[1] - case "-v" "--version" - command npm $argv - return - end - end - - wrapSafeChainCommand "npm" "aikido-npm" $argv -end diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh b/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh index 353c6c0..5c32143 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh +++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh @@ -1,3 +1,39 @@ +export PATH="$PATH:$HOME/.safe-chain/bin" + +function npx() { + wrapSafeChainCommand "npx" "$@" +} + +function yarn() { + wrapSafeChainCommand "yarn" "$@" +} + +function pnpm() { + wrapSafeChainCommand "pnpm" "$@" +} + +function pnpx() { + wrapSafeChainCommand "pnpx" "$@" +} + +function bun() { + wrapSafeChainCommand "bun" "$@" +} + +function bunx() { + wrapSafeChainCommand "bunx" "$@" +} + +function npm() { + if [[ "$1" == "-v" || "$1" == "--version" ]] && [[ $# -eq 1 ]]; then + # If args is just -v or --version and nothing else, just run the npm version command + # This is because nvm uses this to check the version of npm + command npm "$@" + return + fi + + wrapSafeChainCommand "npm" "$@" +} function printSafeChainWarning() { # \033[43;30m is used to set the background color to yellow and text color to black @@ -9,15 +45,10 @@ function printSafeChainWarning() { function wrapSafeChainCommand() { local original_cmd="$1" - local aikido_cmd="$2" - # Remove the first 2 arguments (original_cmd and aikido_cmd) from $@ - # so that "$@" now contains only the arguments passed to the original command - shift 2 - - if command -v "$aikido_cmd" > /dev/null 2>&1; then + if command -v safe-chain > /dev/null 2>&1; then # If the aikido command is available, just run it with the provided arguments - "$aikido_cmd" "$@" + safe-chain "$@" else # If the aikido command is not available, print a warning and run the original command printSafeChainWarning "$original_cmd" @@ -25,38 +56,3 @@ function wrapSafeChainCommand() { command "$original_cmd" "$@" fi } - -function npx() { - wrapSafeChainCommand "npx" "aikido-npx" "$@" -} - -function yarn() { - wrapSafeChainCommand "yarn" "aikido-yarn" "$@" -} - -function pnpm() { - wrapSafeChainCommand "pnpm" "aikido-pnpm" "$@" -} - -function pnpx() { - wrapSafeChainCommand "pnpx" "aikido-pnpx" "$@" -} - -function bun() { - wrapSafeChainCommand "bun" "aikido-bun" "$@" -} - -function bunx() { - wrapSafeChainCommand "bunx" "aikido-bunx" "$@" -} - -function npm() { - if [[ "$1" == "-v" || "$1" == "--version" ]] && [[ $# -eq 1 ]]; then - # If args is just -v or --version and nothing else, just run the npm version command - # This is because nvm uses this to check the version of npm - command npm "$@" - return - fi - - wrapSafeChainCommand "npm" "aikido-npm" "$@" -} diff --git a/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 b/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 index a449405..4f58406 100644 --- a/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 +++ b/packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1 @@ -1,3 +1,43 @@ +# Use cross-platform path separator (: on Unix, ; on Windows) +$pathSeparator = if ($IsWindows) { ';' } else { ':' } +$safeChainBin = Join-Path $HOME '.safe-chain' 'bin' +$env:PATH = "$env:PATH$pathSeparator$safeChainBin" + +function npx { + Invoke-WrappedCommand "npx" $args +} + +function yarn { + Invoke-WrappedCommand "yarn" $args +} + +function pnpm { + Invoke-WrappedCommand "pnpm" $args +} + +function pnpx { + Invoke-WrappedCommand "pnpx" $args +} + +function bun { + Invoke-WrappedCommand "bun" $args +} + +function bunx { + Invoke-WrappedCommand "bunx" $args +} + +function npm { + # If args is just -v or --version and nothing else, just run the npm version command + # This is because nvm uses this to check the version of npm + if (($args.Length -eq 1) -and (($args[0] -eq "-v") -or ($args[0] -eq "--version"))) { + Invoke-RealCommand "npm" $args + return + } + + Invoke-WrappedCommand "npm" $args +} + function Write-SafeChainWarning { param([string]$Command) @@ -39,50 +79,14 @@ function Invoke-RealCommand { function Invoke-WrappedCommand { param( [string]$OriginalCmd, - [string]$AikidoCmd, [string[]]$Arguments ) - if (Test-CommandAvailable $AikidoCmd) { - & $AikidoCmd @Arguments + if (Test-CommandAvailable "safe-chain") { + & safe-chain $OriginalCmd @Arguments } else { Write-SafeChainWarning $OriginalCmd Invoke-RealCommand $OriginalCmd $Arguments } } - -function npx { - Invoke-WrappedCommand "npx" "aikido-npx" $args -} - -function yarn { - Invoke-WrappedCommand "yarn" "aikido-yarn" $args -} - -function pnpm { - Invoke-WrappedCommand "pnpm" "aikido-pnpm" $args -} - -function pnpx { - Invoke-WrappedCommand "pnpx" "aikido-pnpx" $args -} - -function bun { - Invoke-WrappedCommand "bun" "aikido-bun" $args -} - -function bunx { - Invoke-WrappedCommand "bunx" "aikido-bunx" $args -} - -function npm { - # If args is just -v or --version and nothing else, just run the npm version command - # This is because nvm uses this to check the version of npm - if (($args.Length -eq 1) -and (($args[0] -eq "-v") -or ($args[0] -eq "--version"))) { - Invoke-RealCommand "npm" $args - return - } - - Invoke-WrappedCommand "npm" "aikido-npm" $args -} diff --git a/test/e2e/pip.e2e.spec.js b/test/e2e/pip.e2e.spec.js index 5d39d8c..5f2b354 100644 --- a/test/e2e/pip.e2e.spec.js +++ b/test/e2e/pip.e2e.spec.js @@ -333,4 +333,207 @@ describe("E2E: pip coverage", () => { `Output did not include expected text. Output was:\n${result.output}` ); }); + + it(`pip3 config set should work and persist configuration`, async () => { + const shell = await container.openShell("zsh"); + + // Set a config value + const setResult = await shell.runCommand( + "pip3 config set global.timeout 60" + ); + + assert.ok( + setResult.output.includes("Writing to"), + `pip3 config set should write config. Output was:\n${setResult.output}` + ); + + // Verify it was persisted by reading it back + const getResult = await shell.runCommand( + "pip3 config get global.timeout" + ); + + assert.ok( + getResult.output.includes("60"), + `Config value should be 60. Output was:\n${getResult.output}` + ); + }); + + it(`pip3 config list should show user configuration`, async () => { + const shell = await container.openShell("zsh"); + + // Set a value first + await shell.runCommand("pip3 config set global.timeout 90"); + + // List config + const listResult = await shell.runCommand("pip3 config list"); + + assert.ok( + listResult.output.includes("timeout") && listResult.output.includes("90"), + `Config list should show timeout=90. Output was:\n${listResult.output}` + ); + }); + + it(`pip3 config unset should remove configuration`, async () => { + const shell = await container.openShell("zsh"); + + // Set a value + await shell.runCommand("pip3 config set global.timeout 120"); + + // Verify it exists + const getResult = await shell.runCommand("pip3 config get global.timeout"); + assert.ok(getResult.output.includes("120")); + + // Unset it + const unsetResult = await shell.runCommand("pip3 config unset global.timeout"); + assert.ok( + unsetResult.output.includes("Writing to"), + `pip3 config unset should write config. Output was:\n${unsetResult.output}` + ); + }); + + it(`pip3 cache dir should return cache directory path`, async () => { + const shell = await container.openShell("zsh"); + + const result = await shell.runCommand("pip3 cache dir"); + + // Should output a directory path + assert.ok( + result.output.includes("/") && result.output.includes("cache"), + `Should output a cache directory path. Output was:\n${result.output}` + ); + }); + + it(`pip3 cache info should show cache information`, async () => { + const shell = await container.openShell("zsh"); + + // Install something first to populate cache + await shell.runCommand("pip3 install --break-system-packages certifi"); + + const result = await shell.runCommand("pip3 cache info"); + + // Output should contain cache-related information + assert.ok( + result.output.match(/cache|wheel|http/i), + `Should output cache information. Output was:\n${result.output}` + ); + }); + + it(`pip3 cache list should list cached packages`, async () => { + const shell = await container.openShell("zsh"); + + // Download a package to ensure something is in cache + await shell.runCommand("pip3 download certifi"); + + const result = await shell.runCommand("pip3 cache list certifi"); + + // Should show either cached wheels or "No locally built wheels" + assert.ok( + result.output.includes("certifi") || result.output.includes("No locally built"), + `Should output cache list information. Output was:\n${result.output}` + ); + }); + + it(`pip3 debug should output debug information`, async () => { + const shell = await container.openShell("zsh"); + + const result = await shell.runCommand("pip3 debug"); + + // Should contain debug information about pip environment + assert.ok( + result.output.match(/pip version|sys\.version|sys\.executable/i), + `Should output debug information. Output was:\n${result.output}` + ); + + // Should NOT show safe-chain's temporary config file in the debug output + assert.ok( + !result.output.includes("safe-chain-pip-"), + `Debug output should not reference safe-chain temp config. Output was:\n${result.output}` + ); + }); + + it(`pip3 completion should generate shell completion script`, async () => { + const shell = await container.openShell("zsh"); + + const result = await shell.runCommand("pip3 completion --zsh"); + + // Should output shell completion code + assert.ok( + result.output.includes("compdef") || result.output.includes("_pip") || result.output.includes("pip completion"), + `Should output completion code. Output was:\n${result.output}` + ); + }); + + it(`pip3 install still works after config operations`, async () => { + const shell = await container.openShell("zsh"); + + // Perform config operations + await shell.runCommand("pip3 config set global.timeout 60"); + await shell.runCommand("pip3 cache dir"); + + // Now install should still work with malware protection + const result = await shell.runCommand( + "pip3 install --break-system-packages certifi" + ); + + assert.ok( + result.output.includes("Successfully installed") || + result.output.includes("Requirement already satisfied"), + `Install should succeed after config operations. Output was:\n${result.output}` + ); + + assert.ok( + result.output.includes("no malware found."), + `Should still scan for malware. Output was:\n${result.output}` + ); + }); + + it(`pip3 download works after configuring pip settings`, async () => { + const shell = await container.openShell("zsh"); + + // Configure pip with timeout and extra index URL + const configTimeout = await shell.runCommand("pip3 config set global.timeout 60"); + assert.ok( + configTimeout.output.includes("Writing to"), + `Config set should succeed. Output was:\n${configTimeout.output}` + ); + + const configIndex = await shell.runCommand( + "pip3 config set global.extra-index-url https://pypi.org/simple" + ); + assert.ok( + configIndex.output.includes("Writing to"), + `Config set should succeed. Output was:\n${configIndex.output}` + ); + + // Verify config persisted + const listConfig = await shell.runCommand("pip3 config list"); + assert.ok( + listConfig.output.includes("timeout") && listConfig.output.includes("60"), + `Config should show timeout=60. Output was:\n${listConfig.output}` + ); + assert.ok( + listConfig.output.includes("extra-index-url") && listConfig.output.includes("pypi.org"), + `Config should show extra-index-url. Output was:\n${listConfig.output}` + ); + + // Now download packages with the configured settings + const downloadResult = await shell.runCommand( + "pip3 download -d /tmp/packages requests certifi" + ); + + assert.ok( + downloadResult.output.includes("no malware found."), + `Should scan for malware. Output was:\n${downloadResult.output}` + ); + + // Verify downloads succeeded + assert.ok( + downloadResult.output.includes("Saved") || downloadResult.output.includes("requests"), + `Download should succeed with configured settings. Output was:\n${downloadResult.output}` + ); + assert.ok( + downloadResult.output.includes("certifi"), + `Should download certifi. Output was:\n${downloadResult.output}` + ); + }); });