milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1287 commits 61 branches 106 tags 3.3 MiB
Commit graph

702 commits

Author SHA1 Message Date
Sander Declerck
5f82e45b2b
Merge branch 'rama-integration-beta' into rama-min-package-age-reporting 2026-05-04 16:07:20 +02:00
Sander Declerck
9f0e1aeab0
Merge branch 'main' into rama-integration-beta 2026-05-04 14:10:34 +02:00
Sander Declerck
64a825f43a
Merge branch 'main' into rama-integration-beta 2026-05-04 12:40:20 +02:00
Xander Van Raemdonck
19d2dee5c9
Bind registry proxy to loopback only 
Without an explicit host, `server.listen(0)` binds to every interface,
turning safe-chain's unauthenticated forward proxy into an open relay
while `aikido-*` commands are running. Anyone reachable on the network
can use it to hit the victim's localhost, intranet, or cloud metadata
endpoints. The advertised HTTPS_PROXY URL already used `localhost`
(loopback), but the listener itself was wide open.

Bind to 127.0.0.1 explicitly and update the advertised URL to match.
Add a regression test that verifies the listener refuses connections
on non-loopback interfaces.
 2026-04-30 20:37:41 +02:00
Sander Declerck
9fae225277
Make sure rejected promise is not cached in malware list / new packages cache 2026-04-21 09:31:26 +02:00
Sander Declerck
2930894624
Fix concurrency bug leading to multiple fetches of the malware database 2026-04-21 09:26:07 +02:00
Reinier Criel
33c3bec43d Fix PyPI minimum-age fallback when cached metadata bypasses rewrite 2026-04-17 09:37:40 -07:00
Reinier Criel
782af8e789
Merge pull request #411 from AikidoSec/feat/dynamic-install-dir 
Add support for custom install directory
 2026-04-16 10:04:25 -07:00
Reinier Criel
b3372cc50e Rename function 2026-04-15 15:33:37 -07:00
Reinier Criel
7ed943d46f Fix Windows bash 2026-04-15 09:19:20 -07:00
Reinier Criel
a68cf97f89 One more fix 2026-04-14 16:14:05 -07:00
Reinier Criel
bafa997a70 Some fixes 2026-04-14 16:02:46 -07:00
Reinier Criel
6ff2ee3367 Adapt per review 2026-04-14 11:30:29 -07:00
Stephen Benjamin
14c8abffea Add uvx support 
Add uvx as a supported package manager so that `uvx` commands are
routed through safe-chain's MITM proxy for malware detection, just
like `uv`. Previously, `uvx` bypassed all safe-chain protections.

The uvx package manager reuses the existing uv command runner since
uvx is functionally equivalent to `uv tool run`.

Fixes #268

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 10:04:10 -04:00
Reinier Criel
e54869ddd0 Code Quality 2026-04-13 14:40:42 -07:00
Reinier Criel
38a8130f4a Some fixes 2026-04-13 13:32:55 -07:00
Reinier Criel
f7324ccfc0 Merge branch 'feat/dynamic-install-dir' of github.com:AikidoSec/safe-chain into feat/dynamic-install-dir 2026-04-13 12:22:03 -07:00
Reinier Criel
60732c5b6a Test 2026-04-13 12:21:31 -07:00
Reinier Criel
56a54b8683
Update packages/safe-chain/src/shell-integration/supported-shells/zsh.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:51 -07:00
Reinier Criel
32408c6583
Update packages/safe-chain/src/shell-integration/supported-shells/windowsPowershell.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:39 -07:00
Reinier Criel
f2bdd28ae6
Update packages/safe-chain/src/shell-integration/supported-shells/powershell.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:27 -07:00
Reinier Criel
5bbf3da576
Update packages/safe-chain/src/shell-integration/supported-shells/fish.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:15 -07:00
Reinier Criel
f07d0ea888
Update packages/safe-chain/src/shell-integration/supported-shells/bash.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:02 -07:00
Reinier Criel
031c9683b1 Some more cleanup 2026-04-13 11:10:16 -07:00
Reinier Criel
d064d46668 Cleanup 2026-04-13 11:01:45 -07:00
Reinier Criel
98dcda78da Some more cleanup 2026-04-10 15:33:30 -07:00
Reinier Criel
e5c79e5bd6
Update packages/safe-chain/src/shell-integration/supported-shells/windowsPowershell.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-10 15:21:05 -07:00
Reinier Criel
8cf41dc4a6
Update packages/safe-chain/src/shell-integration/supported-shells/bash.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-10 15:20:53 -07:00
Reinier Criel
d7400a0bc0
Update packages/safe-chain/src/shell-integration/supported-shells/zsh.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-10 15:20:37 -07:00
Reinier Criel
eb9d0bba3e Code Quality 2026-04-10 15:16:33 -07:00
Reinier Criel
6628e1d4fd Some cleanup 2026-04-10 14:57:45 -07:00
Reinier Criel
32c95dbb9d Fix WIndows shell + unit tests 2026-04-10 14:27:55 -07:00
Reinier Criel
b0f392522b Some cleanup 2026-04-10 14:08:59 -07:00
Reinier Criel
24af6f21eb Add regular setup support 2026-04-10 12:09:40 -07:00
Reinier Criel
1635bee387 Add support for setup-ci with custom install dir 2026-04-10 10:18:49 -07:00
Reinier Criel
422963b38a Do not hardcode path in setup-ci 2026-04-10 09:05:29 -07:00
Reinier Criel
a0fb8d6b3d Add env var support for home dir 2026-04-10 08:57:08 -07:00
Sander Declerck
070afb9364
Remove archiver dependency and safe-chain ultimate troubleshooting 2026-04-07 17:19:45 +02:00
Reinier Criel
aeb3a47cab Change log level 2026-04-03 14:32:10 -07:00
bitterpanda
da9e3d475e
Merge pull request #365 from 123Haynes/main 
add a configuration option for custom malwaredb and newpackagelist urls.
 2026-04-03 02:26:34 +02:00
123Haynes
edc708f8ff log which url was used to fetch the malware lists and why 2026-04-02 21:02:05 +00:00
Reinier Criel
1a2805ba56 Adapt per review 2026-04-02 13:00:01 -07:00
Reinier Criel
0aabba668e Adapt per review 2026-04-02 08:56:20 -07:00
Reinier Criel
06ef0c3990 Adapt per review 2026-04-01 20:08:56 -07:00
Reinier Criel
c696386825 Some more cleanup 2026-04-01 15:38:42 -07:00
Reinier Criel
2b1247cf36 Code Quality 2026-04-01 15:23:25 -07:00
Reinier Criel
27e77d9b0b Fix regex 2026-04-01 15:19:39 -07:00
Reinier Criel
1a811edc95 More cleanup 2026-04-01 14:57:24 -07:00
Reinier Criel
e29c11546c Some cleanup 2026-04-01 14:43:00 -07:00
Reinier Criel
4564b7f607 Initial 2026-04-01 14:32:36 -07:00