milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
1176 commits 61 branches 106 tags 3.3 MiB
Commit graph

41 commits

Author SHA1 Message Date
James
84346fdea7
Merge branch 'main' into feature/add-rush-monorepo-support 2026-04-23 16:29:15 +01:00
Stephen Benjamin
14c8abffea Add uvx support 
Add uvx as a supported package manager so that `uvx` commands are
routed through safe-chain's MITM proxy for malware detection, just
like `uv`. Previously, `uvx` bypassed all safe-chain protections.

The uvx package manager reuses the existing uv command runner since
uvx is functionally equivalent to `uv tool run`.

Fixes #268

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 10:04:10 -04:00
James McMeeking
178b8a4423
Merge branch 'main' into feature/add-rush-monorepo-support 2026-04-08 16:24:23 +01:00
Sander Declerck
070afb9364
Remove archiver dependency and safe-chain ultimate troubleshooting 2026-04-07 17:19:45 +02:00
James McMeeking
5690e55d99
Add rush command wrapper and tests 2026-04-02 12:31:02 +01:00
BitterPanda
768de61401 install deps in safe-chain/package.json 2026-01-30 15:48:39 +01:00
Reinier Criel
d2fc531c81 Fix tests and add command support 2025-12-18 10:33:31 +01:00
Reinier Criel
c1a12c9573 Merge branch 'main' into feature/poetry-2 2025-12-03 07:41:52 -08:00
Sander Declerck
ab446e081d
Restore fork 2025-11-28 16:33:09 +01:00
Sander Declerck
8d82d4d56f
Clean up the PR 2025-11-28 16:28:45 +01:00
Sander Declerck
35ab58c440
Try package downgrade 2025-11-28 15:53:38 +01:00
Reinier Criel
7ab51a992c Merge branch 'main' into feature/poetry-2 2025-11-27 12:54:55 -08:00
Sander Declerck
afbf3d94c2
Merge branch 'main' into safe-chain-binaries 2025-11-27 15:14:52 +01:00
Sander Declerck
b14ff4cb33
First time build of the safe-chain binaries 2025-11-27 15:01:57 +01:00
Sander Declerck
c5b4fbf238
Update node-forge, npm-registry-fetch and make-fetch-happen 2025-11-27 10:34:11 +01:00
Reinier Criel
4bfc315b57 Skeleton 2025-11-26 14:13:49 -08:00
Reinier Criel
cab3a0aba3 Add uv (Astral Python package manager) support 
- Add uv package manager implementation following pip pattern
- Configure MITM proxy with CA bundle for PyPI packages
- Add shell integration (bash/zsh/fish/PowerShell)
- Conditional on --include-python flag
- Add 33 comprehensive E2E tests covering:
  - uv pip install/sync/compile commands
  - uv add for project dependencies
  - uv tool install for global tools
  - uv run --with for ephemeral dependencies
  - uv sync for project syncing
  - Malware blocking verification for all methods
- Update documentation and package.json
- Install uv in Docker test environment
 2025-11-25 14:10:20 -08:00
Sander Declerck
c8df7566b5
Remove ora dependency 2025-11-25 14:22:31 +01:00
Reinier Criel
474d91d29a Indentation 2025-11-13 13:32:49 -08:00
Reinier Criel
f4ff18304a Fix imports 2025-11-13 13:20:11 -08:00
Reinier Criel
61c9f1a1ef Merge config file if it exists 2025-11-13 11:14:45 -08:00
Reinier Criel
f400c5576a WIP 2025-11-06 08:32:25 -08:00
Reinier Criel
548d416996 Merge remote-tracking branch 'origin/main' into feature/pypi 2025-11-03 06:49:53 -08:00
Hans Ott
6f962a9299 Use Node.js 18 types 2025-11-01 13:09:08 +01:00
Hans Ott
c88b1a624f Type check safe-chain package 2025-11-01 13:06:06 +01:00
Reinier Criel
f38a12c6d5 Combine certificates 2025-10-30 16:00:32 -07:00
Reinier Criel
8b7784ecc0 Omly pass --cert when using known registry 2025-10-30 12:36:32 -07:00
Reinier Criel
190607de92 Adapt per review 2025-10-27 09:23:47 -07:00
Reinier Criel
d0f2edec0a Skeleton 2025-10-21 15:25:12 -07:00
Sander Declerck
ea92ea0731
Remove abbrev package 2025-10-10 16:19:38 +02:00
Hans Ott
5518846e96
Update packages/safe-chain/package.json 
Co-authored-by: Timo Kössler <info@timokoessler.de>
 2025-10-10 11:45:34 +02:00
Hans Ott
41ab4b1edb Use oxlint instead of eslint 
- Less dev dependencies
- Much faster
- More helpful output
- More sane defaults
- Easier config
 2025-10-09 18:03:45 +02:00
Sander Declerck
41e88d422e
Add mention of bun everywhere 2025-10-08 16:42:59 +02:00
Sander Declerck
b08b4e2d4e
Wrap bun with safe-chain to block downloads of packages with malware 2025-10-08 16:42:59 +02:00
Sander Declerck
a6980d5108
Add upstream proxy support 2025-10-02 09:06:35 +02:00
Sander Declerck
e2afcb16e3
Implement a proxy blocking tarball requests for packages containing malware. 2025-09-30 13:52:21 +02:00
Sander Declerck
d5cd59fd25
Use strict dependency versions 2025-09-17 14:14:04 +02:00
Sander Declerck
3d75b56ebd
Respect HTTPS_PROXY when fetching malware database. 2025-09-15 13:39:14 +02:00
Sander Declerck
f163101200
Remove @inquirer/prompts, update eslint. 2025-09-15 10:04:49 +02:00
Sander Declerck
dc3ab32078
Implement basic bun security scanner for safe chain 2025-09-05 14:19:02 +02:00
Sander Declerck
7673d32912
Move safe-chain package to packages/safe-chain 2025-09-05 11:19:37 +02:00