milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1056 commits 61 branches 106 tags 3.3 MiB
Commit graph

56 commits

Author SHA1 Message Date
bitterpanda
da9e3d475e
Merge pull request #365 from 123Haynes/main 
add a configuration option for custom malwaredb and newpackagelist urls.
 2026-04-03 02:26:34 +02:00
Reinier Criel
4564b7f607 Initial 2026-04-01 14:32:36 -07:00
123Haynes
f01d935bb1 remove trailing slashes and fix test failures 2026-04-01 07:08:30 +00:00
Reinier Criel
d84270be8d Adapt per review 2026-03-28 16:51:33 -07:00
Reinier Criel
aa7bbbd4e9 Code Quality 2026-03-28 11:39:02 -07:00
Reinier Criel
fd6fb456b4 Add minimum package age check for pypi 2026-03-28 10:15:13 -07:00
bitterpanda
2c8a1b4972
Merge pull request #356 from AikidoSec/split-up-new-packages-database 
Split up newPackagesDatabse into builder, warnigns, cache
 2026-03-27 16:22:35 -07:00
BitterPanda
4b21ba2709 Fix ts error 2026-03-27 16:12:15 -07:00
BitterPanda
77659efe1f remove mentions of scraped_on field from types & test cases 2026-03-27 16:10:18 -07:00
BitterPanda
706e5040ae Merge remote-tracking branch 'origin/split-up-new-packages-database' into split-up-new-packages-database 2026-03-27 16:09:50 -07:00
bitterpanda
10c078a993 fix broken test case for newPackagesListCache 2026-03-27 16:09:04 -07:00
bitterpanda
faf0ba898c
Apply suggestions from code review 
Co-authored-by: bitterpanda <bitterpanda@proton.me>
 2026-03-27 15:54:30 -07:00
bitterpanda
5b1cd7e8da Split up newPackagesDatabse into builder, warnigns, cache 2026-03-27 15:52:07 -07:00
Reinier Criel
2df8ce463c Adapt per review 2026-03-27 13:17:58 -07:00
Reinier Criel
8353f353ae Fix per review comment 2026-03-27 11:52:55 -07:00
Reinier Criel
ac09534070 Adapt per latest core 2026-03-20 09:11:02 -07:00
Reinier Criel
07e315a382 Adapt doc 2026-03-19 16:07:31 -07:00
Reinier Criel
2f4268f1af Add extra check 2026-03-19 15:58:42 -07:00
Reinier Criel
cddcec9ba5 Fetch new package list 2026-03-19 14:14:13 -07:00
Sander Declerck
c8df7566b5
Remove ora dependency 2025-11-25 14:22:31 +01:00
bitterpanda
bb0d06cdfc
Merge pull request #144 from AikidoSec/only-write-stdout-when-safe-chain-audited 
Add interceptors for MITM
 2025-11-12 14:27:27 +01:00
Sander Declerck
f4694ba119
Move npm and pip mitm interception to separate files 2025-11-07 10:10:27 +01:00
Reinier Criel
35bd3dfb6f Merge branch 'main' into feature/pypi-ci 2025-11-05 10:35:59 -08:00
Sander Declerck
378b0ac7c9
Rename verifiedPackages to totalPackages, fix e2e tests 2025-11-05 12:19:47 +01:00
Sander Declerck
e4c40330f7
Only write to stdout when safe-chain audited packages 2025-11-05 12:01:08 +01:00
Reinier Criel
03312cd707 Clean up logging 2025-11-04 14:34:26 -08:00
Reinier Criel
d789491561 Merge branch 'main' into feature/pypi 2025-11-04 06:54:00 -08:00
Sander Declerck
3ea4e82acb
Write a warning if no version was returned from the malware download, causing the malware db not to be cached. 2025-11-04 11:26:07 +01:00
Reinier Criel
86f82d6065 Fix more documentation issues 2025-11-03 10:53:35 -08:00
Reinier Criel
a2fb94d0f0 Fix type check issues 2025-11-03 07:13:36 -08:00
Reinier Criel
548d416996 Merge remote-tracking branch 'origin/main' into feature/pypi 2025-11-03 06:49:53 -08:00
Sander Declerck
14c4c4997e
Remove @ts-expect-error suppressions 2025-11-03 13:57:29 +01:00
Sander Declerck
be6a6dccd9
Merge branch 'main' into verbose-logging 2025-11-03 11:37:47 +01:00
Hans Ott
484cbcd960 Use @typedef {Object} X 
When you write @typedef {Object} ScanResult, you’re telling both JSDoc and TypeScript’s parser that this typedef represents an object type, not just an abstract name. This is important because it makes tools like IDEs, linters, and TypeScript’s JSDoc inference more reliable. It avoids ambiguity, especially in cases where the typedef might later be confused with something like a primitive, union, or function type. The official TypeScript documentation and the JSDoc spec both show this form as the canonical one for object shapes.
 2025-11-01 13:28:11 +01:00
Hans Ott
c88b1a624f Type check safe-chain package 2025-11-01 13:06:06 +01:00
Reinier Criel
e25146a2d2 Merge main into feature 2025-10-27 09:27:51 -07:00
Reinier Criel
190607de92 Adapt per review 2025-10-27 09:23:47 -07:00
Sander Declerck
ddc8218a2d
Rename writeVerboseInformation to writeVerbose 2025-10-27 17:14:45 +01:00
Sander Declerck
c5e25f4813
Add verbose logging setting + setup buffering of logs to prevent interleaving logs with the package manager. 2025-10-27 17:09:28 +01:00
Sander Declerck
ab3319a310
Remove --safe-chain-malware-action flag 2025-10-27 11:51:19 +01:00
Reinier Criel
38d3b46939 Some more cleanup 2025-10-25 14:03:19 -07:00
Reinier Criel
41fda7f6ed Update logging for audit 2025-10-25 13:35:18 -07:00
Reinier Criel
6b2db6dace Fix ranges issue 2025-10-24 13:14:57 -07:00
Reinier Criel
15785fad73 Make sure we use a different version.txt to prevent having to redownload DB 2025-10-24 09:59:53 -07:00
Reinier Criel
059cba06bc Implement e2e tests 2025-10-23 11:41:13 -07:00
Sander Declerck
0f164d055f
Fix mocking in tests 2025-10-23 17:48:26 +02:00
Sander Declerck
9a78cafbfd
Introduce silent mode to disable logging 2025-10-23 17:45:03 +02:00
Reinier Criel
fbb7e0f95f Add tests 2025-10-22 14:51:44 -07:00
Sander Declerck
8950d528d5
Fix tests to match new behavior 2025-10-08 10:56:31 +02:00
Sander Declerck
240123372a
Handle PR Comments 2025-10-08 10:49:04 +02:00