milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
892 commits 61 branches 106 tags 3.3 MiB
Commit graph

468 commits

Author SHA1 Message Date
bitterpanda
07aa10d869
Fix naming of SafeChain Agent 2026-02-11 14:23:55 +01:00
Sander Declerck
09130c3294
Add explaining comments for powershell scritps 2026-02-11 14:23:55 +01:00
Sander Declerck
641bfe9835
Cleanup debug logging 2026-02-11 14:23:55 +01:00
Sander Declerck
fc43d93828
Fix uninstall 2026-02-11 14:23:54 +01:00
Sander Declerck
1de6a4ac4b
Use execSync to execute powershell command 2026-02-11 14:23:54 +01:00
Sander Declerck
a7315d29c4
Write stdout stderr 2026-02-11 14:23:54 +01:00
Sander Declerck
38888813cf
Temporarily disable cleanup 2026-02-11 14:23:54 +01:00
Sander Declerck
3c40c60a3e
Write error output 2026-02-11 14:23:54 +01:00
Sander Declerck
3483219925
Improve error handling 2026-02-11 14:23:53 +01:00
Sander Declerck
e9b1c487b7
Code quality: use early return 2026-02-11 14:23:53 +01:00
Sander Declerck
5fd3ce0b6e
Use safeSpawn instead of execSync 2026-02-11 14:23:53 +01:00
Sander Declerck
67b4be83f9
Log when installer file cleanup failed 2026-02-11 14:23:53 +01:00
Sander Declerck
d86246a71d
Handle code quality comments 2026-02-11 14:23:53 +01:00
Sander Declerck
fa94784130
Move download name construction to os installer function 2026-02-11 14:23:52 +01:00
Sander Declerck
27980aec82
Restructure code into separate files 2026-02-11 14:23:52 +01:00
Sander Declerck
d03a3a3a4b
Improve output 2026-02-11 14:23:52 +01:00
Sander Declerck
bee196cc55
Check if the agents service is running before starting it 2026-02-11 14:23:52 +01:00
Sander Declerck
0be42c8132
Parse cli args in ultimate installation 2026-02-11 14:23:52 +01:00
Sander Declerck
14ff245924
Uninstall safe-chain agent if it's there, before re-installing 2026-02-11 14:23:51 +01:00
Sander Declerck
2bfce02e66
Fix linting 2026-02-11 14:23:51 +01:00
Sander Declerck
8410b94b4c
Improve updating existing agent install 2026-02-11 14:23:51 +01:00
Sander Declerck
7f6ce79f44
Overwrite the agent if it's already installed. 2026-02-11 14:23:50 +01:00
Sander Declerck
2a649c5ef8
Start and stop safe-chain agent's Windows service. 2026-02-11 14:23:50 +01:00
Sander Declerck
dba101daa7
Add ultimate installer for Windows 2026-02-11 14:23:50 +01:00
Uriel Corfa
b1fa9f5492
Add the same handler for fish 2026-02-11 14:23:50 +01:00
Uriel Corfa
11d9e26a2d
init-posix: preserve arguments when exec'ing the original_cmd 2026-02-11 14:23:50 +01:00
Uriel Corfa
607b4ee87d
Propagate command-not-found errors when invoking wrapped commands 
Before this change, if a package manager was not installed, safe-chain still
sets the function and when invoked, the wrapper will invoke safe-chain, which
will exit with error code 127 when it fails to invoke the wrapped command. As an
example (with a shell prompt that shows $? when non-zero):

```
$ type -f pip
bash: type: pip: not found
1$ pip
127$
```

With this patch, the wrapper first checks for the existence of the wrapped
command (ignoring functions), and if no such command exists, it instructs the
shell to invoke it anyway. This results in the shell failing to find the
command, and reporting an error as if the wrapper function wasn't there:

```
$ source init-posix.sh
$ type -f pip
bash: type: pip: not found
1$ pip
Command 'pip' not found, but can be installed with:
sudo apt install python3-pip
127$
```
 2026-02-11 14:23:49 +01:00
Sander Declerck
20cc62d6e1
Only allow wildcards for scoped packages (@scope/*) 2026-02-11 14:23:49 +01:00
Sander Declerck
2d609066c8
Allow trailing * for wildcard matching 2026-02-11 14:23:49 +01:00
Sander Declerck
d7a9884ff6
Allow to exclude packages from the minimum package age 2026-02-11 14:23:49 +01:00
Reinier Criel
4ef4218eb5
Remove comment 2026-02-11 14:23:49 +01:00
Reinier Criel
5c431291c7
Fix some logic 2026-02-11 14:23:48 +01:00
Reinier Criel
b7f793f1f9
Attempted fix for powershell swallowing '--' 2026-02-11 14:23:48 +01:00
bitterpanda
3210b68b43
Update packages/safe-chain/src/api/aikido.js 2026-02-11 14:23:48 +01:00
Sander Declerck
0e6d002b4c
Don't swallow error on retry 2026-02-11 14:23:48 +01:00
Sander Declerck
cf8e39c5fd
Handle pr comments 2026-02-11 14:23:48 +01:00
Sander Declerck
4a53a7b20d
Add tests for malware db retry 2026-02-11 14:23:47 +01:00
Sander Declerck
14e94dcb62
Retry downloading the malware database 3 times 2026-02-11 14:23:47 +01:00
bitterpanda
a7388bbdcf
Update packages/safe-chain/src/registryProxy/interceptors/npm/modifyNpmInfo.js 2026-02-11 14:23:47 +01:00
Reinier Criel
2cba4be1aa
Include package name in logging when minimum package age is not met 2026-02-11 14:23:47 +01:00
Sander Declerck
0411a579ae
Wait and poll until proxy starts for max 60s 2026-01-13 10:02:48 +01:00
Sander Declerck
6006760b67
Only inherit io when loglevel verbose 2026-01-12 15:39:26 +01:00
Sander Declerck
9d1f7ac6fd
Use ramaproxy if it's available. 2026-01-12 14:15:30 +01:00
Sander Declerck
595f269f62
Add comment about backwards compat. 2026-01-12 11:20:25 +01:00
Sander Declerck
3573ef2bc5
Allow to configure loglevel through an env variable 2026-01-12 10:50:06 +01:00
Sander Declerck
094d1416ca
Merge pull request #272 from graemechapman/patch-1 
fix: Allow running commands if safe-chain npm package is not installed
 2026-01-07 12:03:19 +01:00
Sander Declerck
8bfbe1c77d
Merge pull request #232 from galargh/pip-custom-registries 
feat: allow python custom registries configuration
 2026-01-05 14:01:51 +01:00
Sander Declerck
74c57cd86a
Merge pull request #262 from AikidoSec/safe-chain-verify-command 
Add command to verify safe-chain is intercepting the package managers commands
 2026-01-05 09:10:05 +01:00
galargh
b23ba9d9c4 chore: update test parametrization 2026-01-02 10:39:15 +01:00
Graeme Chapman
c510d886a9
Simplify command execution in init-posix.sh 2025-12-31 10:57:08 +00:00