Implement a proxy blocking tarball requests for packages containing malware.

2026-05-26 12:10:49 +00:00 · 2025-09-30 13:52:21 +02:00 · 2025-09-30 13:52:21 +02:00 · e2afcb16e3
commit e2afcb16e3
parent 04cb001006
16 changed files with 633 additions and 33 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -3323,6 +3323,15 @@
        "node": ">= 0.6"
      }
    },
+    "node_modules/node-forge": {
+      "version": "1.3.1",
+      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.1.tgz",
+      "integrity": "sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA==",
+      "license": "(BSD-3-Clause OR GPL-2.0)",
+      "engines": {
+        "node": ">= 6.13.0"
+      }
+    },
    "node_modules/node-pty": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/node-pty/-/node-pty-1.0.0.tgz",
@ -4878,6 +4887,7 @@
        "abbrev": "3.0.1",
        "chalk": "5.4.1",
        "make-fetch-happen": "14.0.3",
+        "node-forge": "1.3.1",
        "npm-registry-fetch": "18.0.2",
        "ora": "8.2.0",
        "semver": "7.7.2"