milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
658 commits 61 branches 106 tags 3.3 MiB
Commit graph

658 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hans Ott
41ab4b1edb Use oxlint instead of eslint 
- Less dev dependencies
- Much faster
- More helpful output
- More sane defaults
- Easier config
 2025-10-09 18:03:45 +02:00
Hans Ott
459f3a5b14 Remove unused import 2025-10-09 17:35:29 +02:00
Sander Declerck
7603a29182
Merge pull request #98 from AikidoSec/yarn-tls-errors 
Don't set YARN_HTTPS_CA_FILE_PATH, it ignores all system CAs
 2025-10-09 16:57:53 +02:00
Hans Ott
36213a52f1 Run unit tests on windows 2025-10-09 16:52:05 +02:00
Hans Ott
0afea0eed6 Remove safeSpawnSync (unused) 2025-10-09 16:44:55 +02:00
Sander Declerck
ad7e94dac4
Add unit tests for yarn environment variables 2025-10-09 15:35:43 +02:00
Sander Declerck
d5620b2d12
Don't set YARN_HTTPS_CA_FILE_PATH, it ignores all system CAs 2025-10-09 14:58:06 +02:00
Sander Declerck
662b26a2d5
Merge pull request #95 from AikidoSec/proxy-socket-check-if-writable 
Check if a socket is writable before writing to it
 2025-10-08 19:51:57 +02:00
Sander Declerck
abc0add350
Downgrade safe-chain in e2e tests to 1.0.24 2025-10-08 19:43:11 +02:00
Sander Declerck
219a189993
Check if a socket is writable before writing to it 2025-10-08 19:32:25 +02:00
Sander Declerck
cfce641053
Merge pull request #94 from AikidoSec/readme-1-1-0 
Update readme for version 1.1.0
 2025-10-08 16:57:44 +02:00
Sander Declerck
79a2186c1f
Mention proxy in "how it works" 2025-10-08 16:42:59 +02:00
Sander Declerck
41e88d422e
Add mention of bun everywhere 2025-10-08 16:42:59 +02:00
Sander Declerck
b08b4e2d4e
Wrap bun with safe-chain to block downloads of packages with malware 2025-10-08 16:42:59 +02:00
Sander Declerck
329405e8f2
Merge pull request #93 from AikidoSec/bun-wrapper 
Wrap bun with safe-chain to block downloads of packages with malware
 2025-10-08 16:27:56 +02:00
Sander Declerck
d737abd24a
Update readme for version 1.1.0 2025-10-08 16:25:56 +02:00
Sander Declerck
0318fea784
Merge pull request #92 from AikidoSec/use-safe-chain-ourselves 
Use safe-chain ourselves in CI/CD
 2025-10-08 15:49:20 +02:00
Sander Declerck
361b56a715
Merge pull request #85 from AikidoSec/powerrshell-line-explosion-fix 
Fix line explosion on Windows PowerShell
 2025-10-08 15:49:10 +02:00
Sander Declerck
43dcba8802
Wrap bun with safe-chain to block downloads of packages with malware 2025-10-08 15:12:06 +02:00
Sander Declerck
62a9339a71
Merge pull request #82 from AikidoSec/intercept-registry-http 
Implement a proxy blocking tarball requests for packages with malware.
 2025-10-08 14:31:40 +02:00
Sander Declerck
16c76de0f3
Add comment on how safe-chain works with the system proxy. 2025-10-08 11:38:21 +02:00
Sander Declerck
8950d528d5
Fix tests to match new behavior 2025-10-08 10:56:31 +02:00
Sander Declerck
240123372a
Handle PR Comments 2025-10-08 10:49:04 +02:00
Sander Declerck
28ccb55033
Use safe-chain ourselves in CI/CD 2025-10-06 16:55:46 +02:00
Sander Declerck
486a4b8f68
Escape special chars in shell scripts 2025-10-06 16:25:12 +02:00
Sander Declerck
ea383a18de
Insert proxy settings for npx as well 2025-10-06 16:23:56 +02:00
Sander Declerck
3ef4ed8bad
Update main.js code flow so proxy always gets stopped + add comment on why exit status is handled in bin/aikido-(tool).js 2025-10-06 13:47:38 +02:00
Sander Declerck
ccaa7934ee
Improve cli output. 2025-10-03 16:21:55 +02:00
Sander Declerck
cc4d20e380
Fix line explosion on Windows PowerShell 2025-10-02 15:15:04 +02:00
Sander Declerck
32f5ef9b16
Add e2e tests to verify existing proxy is being respected. 2025-10-02 10:47:58 +02:00
Sander Declerck
53bfb14fea
Only load the malware database once 2025-10-02 09:20:59 +02:00
Sander Declerck
a6980d5108
Add upstream proxy support 2025-10-02 09:06:35 +02:00
Sander Declerck
60543308f4
Change validity of generateCertForHost to 1 hour. 2025-10-01 10:01:04 +02:00
Sander Declerck
49fd0f5928
Better error-handling when stopping the proxy 2025-10-01 09:24:18 +02:00
Sander Declerck
67304751bd
Handle process exit better + some PR cleanup 2025-10-01 08:53:56 +02:00
Sander Declerck
bf97f089ca
Change npm test version to 10.2.0 2025-10-01 08:36:00 +02:00
Sander Declerck
95663dc5f4
Fix proxy for npm 10.0.0 -> 10.4.0 2025-10-01 08:10:49 +02:00
Sander Declerck
3b145a4695
Create verifyNoMaliciousPackages function in proxy 2025-09-30 15:11:00 +02:00
Sander Declerck
6c08c6adce
Add end-to-end tests for proxy blocking malware packages 2025-09-30 15:03:49 +02:00
Sander Declerck
a3f91b8b55
Fix linting issue 2025-09-30 13:53:59 +02:00
Sander Declerck
e2afcb16e3
Implement a proxy blocking tarball requests for packages containing malware. 2025-09-30 13:52:21 +02:00
Sander Declerck
04cb001006
Merge pull request #78 from AikidoSec/fish-test-command-not-working 
init-fish: split up if to prevent expanded args to break the condition
 2025-09-24 15:47:12 +02:00
Sander Declerck
cea4507559
Merge pull request #70 from AikidoSec/non-interactive-terminal-support 
Support for CI/CD
 2025-09-24 15:37:36 +02:00
Sander Declerck
dc295cff80
Merge pull request #74 from AikidoSec/pnpm-broken-in-powershell 
Fix broken pnpm on Windows PowerShell when installed as a global npm package
 2025-09-24 15:37:25 +02:00
Sander Declerck
be6895a87e
Merge pull request #75 from AikidoSec/update-docs 
Update docs
 2025-09-24 15:37:17 +02:00
Sander Declerck
1514fb44c5
init-fish: split up if to prevent expanded args to break the condition 2025-09-24 14:51:32 +02:00
Sander Declerck
e38dcc1ea8
Clarify how path is modified in Azure Pipelines with a comment 2025-09-24 14:35:48 +02:00
Sander Declerck
83141d375a
Escape args before running spawn 2025-09-24 14:29:49 +02:00
Sander Declerck
534aeee457
Use execSync instead of spawnSync for pnpm. 2025-09-23 14:32:20 +02:00
Sander Declerck
e557887da9
Merge branch 'main' into pnpm-broken-in-powershell 2025-09-23 14:16:38 +02:00