milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Type check safe-chain package

Browse source
This commit is contained in:
Hans Ott 2025-11-01 13:06:06 +01:00
parent d5dc801c00
commit c88b1a624f
60 changed files with 1179 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

23
packages/safe-chain/src/scanning/audit/index.js
View file

@ -3,6 +3,25 @@ import {
openMalwareDatabase,
} from "../malwareDatabase.js";
/**
* @typedef PackageChange
* @property {string} name
* @property {string} version
* @property {string} type
*/
/**
* @typedef AuditResult
* @property {PackageChange[]} allowedChanges
* @property {(PackageChange & {reason: string})[]} disallowedChanges
* @property {boolean} isAllowed
*/
/**
* @param {PackageChange[]} changes
*
* @returns {Promise<AuditResult>}
*/
export async function auditChanges(changes) {
const allowedChanges = [];
const disallowedChanges = [];
@ -34,6 +53,10 @@ export async function auditChanges(changes) {
return auditResults;
}
/**
* @param {{name: string, version: string, type: string}[]} changes
* @returns {Promise<{name: string, version: string, status: string}[]>}
*/
async function getPackagesWithMalware(changes) {
if (changes.length === 0) {
return [];