AikidoSec-safe-chain

mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00

Author	SHA1	Message	Date
Reinier Criel	d691c614ac	Cleanup	2025-10-30 20:19:16 -07:00
Reinier Criel	f38a12c6d5	Combine certificates	2025-10-30 16:00:32 -07:00
Reinier Criel	1755fe829c	Make test a little safer	2025-10-30 12:52:10 -07:00
Reinier Criel	8b7784ecc0	Omly pass --cert when using known registry	2025-10-30 12:36:32 -07:00
Reinier Criel	86ce7ac45e	Remove unused var	2025-10-28 15:44:36 -07:00
Reinier Criel	a17e14c988	Ensure that --cert parameters do not get overriden	2025-10-28 15:02:59 -07:00
Reinier Criel	70dc89c3e8	Simplify setting certificates	2025-10-28 13:56:27 -07:00
Reinier Criel	b886bb1cfe	Call safeSpawn iso safeSpawnPy	2025-10-28 13:38:31 -07:00
Reinier Criel	190607de92	Adapt per review	2025-10-27 09:23:47 -07:00
Reinier Criel	38d3b46939	Some more cleanup	2025-10-25 14:03:19 -07:00
Reinier Criel	9914c0ccb3	Some fixes	2025-10-24 13:47:22 -07:00
Reinier Criel	6b2db6dace	Fix ranges issue	2025-10-24 13:14:57 -07:00
Reinier Criel	059cba06bc	Implement e2e tests	2025-10-23 11:41:13 -07:00
Reinier Criel	1fdb15a392	Fix some border cases	2025-10-23 09:14:05 -07:00
Reinier Criel	1b82aeb6b0	Adapt the structure to parse the initial pip commands	2025-10-22 15:28:27 -07:00
Reinier Criel	982da4aa77	more cleanup	2025-10-22 15:16:53 -07:00
Reinier Criel	f086aeb2be	Skeleton	2025-10-22 06:59:32 -07:00
Reinier Criel	d0f2edec0a	Skeleton	2025-10-21 15:25:12 -07:00
Sander Declerck	b935f8d4f4	Merge pull request #105 from AikidoSec/kill-dry-run Remove dry-run scanner for npm, relying on the proxy to block maliscious package downloads instead	2025-10-15 12:04:26 +02:00
Sander Declerck	3e8ce13db5	Move generated abbrevs to a separate file	2025-10-15 11:51:56 +02:00
Sander Declerck	ea92ea0731	Remove abbrev package	2025-10-10 16:19:38 +02:00
Sander Declerck	8aebb1b96b	Remove dry-run scanner for npm, relying on the proxy to block maliscious package downloads instead	2025-10-10 16:18:43 +02:00
Sander Declerck	ad7e94dac4	Add unit tests for yarn environment variables	2025-10-09 15:35:43 +02:00
Sander Declerck	d5620b2d12	Don't set YARN_HTTPS_CA_FILE_PATH, it ignores all system CAs	2025-10-09 14:58:06 +02:00
Sander Declerck	43dcba8802	Wrap bun with safe-chain to block downloads of packages with malware	2025-10-08 15:12:06 +02:00
Sander Declerck	ea383a18de	Insert proxy settings for npx as well	2025-10-06 16:23:56 +02:00
Sander Declerck	67304751bd	Handle process exit better + some PR cleanup	2025-10-01 08:53:56 +02:00
Sander Declerck	e2afcb16e3	Implement a proxy blocking tarball requests for packages containing malware.	2025-09-30 13:52:21 +02:00
Sander Declerck	83141d375a	Escape args before running spawn	2025-09-24 14:29:49 +02:00
Sander Declerck	534aeee457	Use execSync instead of spawnSync for pnpm.	2025-09-23 14:32:20 +02:00
Sander Declerck	e557887da9	Merge branch 'main' into pnpm-broken-in-powershell	2025-09-23 14:16:38 +02:00
Sander Declerck	644b51795a	Add logs to diagnose broken pnpm	2025-09-22 15:15:41 +02:00
Sander Declerck	ea7ee5c6b9	Clarify doesCommandReturnNonZero function with a comment.	2025-09-19 13:13:28 +02:00
Sander Declerck	5a5afc1810	Fix liniting error	2025-09-19 08:55:34 +02:00
Sander Declerck	528a60c166	Exit installation when detecting changes failed due to non-zero exit code in dry-run	2025-09-19 08:52:42 +02:00
Sander Declerck	4e3fe7b738	Rely on npm version rather than node version to determine which scanner to use. Fixes #46	2025-09-15 09:39:41 +02:00
Sander Declerck	fdaa60b211	Add coverage for pnpm i alias, fixes #36	2025-09-10 09:25:49 +02:00
Sander Declerck	fd89ef3965	Add coverage for pnpm install command, fixes #32	2025-09-09 08:41:26 +02:00
Sander Declerck	7673d32912	Move safe-chain package to packages/safe-chain	2025-09-05 11:19:37 +02:00

1 2

89 commits