milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
881 commits 61 branches 106 tags 3.3 MiB
Commit graph

456 commits

Author SHA1 Message Date
Sander Declerck
67b4be83f9
Log when installer file cleanup failed 2026-02-11 14:23:53 +01:00
Sander Declerck
d86246a71d
Handle code quality comments 2026-02-11 14:23:53 +01:00
Sander Declerck
fa94784130
Move download name construction to os installer function 2026-02-11 14:23:52 +01:00
Sander Declerck
27980aec82
Restructure code into separate files 2026-02-11 14:23:52 +01:00
Sander Declerck
d03a3a3a4b
Improve output 2026-02-11 14:23:52 +01:00
Sander Declerck
bee196cc55
Check if the agents service is running before starting it 2026-02-11 14:23:52 +01:00
Sander Declerck
0be42c8132
Parse cli args in ultimate installation 2026-02-11 14:23:52 +01:00
Sander Declerck
14ff245924
Uninstall safe-chain agent if it's there, before re-installing 2026-02-11 14:23:51 +01:00
Sander Declerck
2bfce02e66
Fix linting 2026-02-11 14:23:51 +01:00
Sander Declerck
8410b94b4c
Improve updating existing agent install 2026-02-11 14:23:51 +01:00
Sander Declerck
7f6ce79f44
Overwrite the agent if it's already installed. 2026-02-11 14:23:50 +01:00
Sander Declerck
2a649c5ef8
Start and stop safe-chain agent's Windows service. 2026-02-11 14:23:50 +01:00
Sander Declerck
dba101daa7
Add ultimate installer for Windows 2026-02-11 14:23:50 +01:00
Uriel Corfa
b1fa9f5492
Add the same handler for fish 2026-02-11 14:23:50 +01:00
Uriel Corfa
11d9e26a2d
init-posix: preserve arguments when exec'ing the original_cmd 2026-02-11 14:23:50 +01:00
Uriel Corfa
607b4ee87d
Propagate command-not-found errors when invoking wrapped commands 
Before this change, if a package manager was not installed, safe-chain still
sets the function and when invoked, the wrapper will invoke safe-chain, which
will exit with error code 127 when it fails to invoke the wrapped command. As an
example (with a shell prompt that shows $? when non-zero):

```
$ type -f pip
bash: type: pip: not found
1$ pip
127$
```

With this patch, the wrapper first checks for the existence of the wrapped
command (ignoring functions), and if no such command exists, it instructs the
shell to invoke it anyway. This results in the shell failing to find the
command, and reporting an error as if the wrapper function wasn't there:

```
$ source init-posix.sh
$ type -f pip
bash: type: pip: not found
1$ pip
Command 'pip' not found, but can be installed with:
sudo apt install python3-pip
127$
```
 2026-02-11 14:23:49 +01:00
Sander Declerck
20cc62d6e1
Only allow wildcards for scoped packages (@scope/*) 2026-02-11 14:23:49 +01:00
Sander Declerck
2d609066c8
Allow trailing * for wildcard matching 2026-02-11 14:23:49 +01:00
Sander Declerck
d7a9884ff6
Allow to exclude packages from the minimum package age 2026-02-11 14:23:49 +01:00
Reinier Criel
4ef4218eb5
Remove comment 2026-02-11 14:23:49 +01:00
Reinier Criel
5c431291c7
Fix some logic 2026-02-11 14:23:48 +01:00
Reinier Criel
b7f793f1f9
Attempted fix for powershell swallowing '--' 2026-02-11 14:23:48 +01:00
bitterpanda
3210b68b43
Update packages/safe-chain/src/api/aikido.js 2026-02-11 14:23:48 +01:00
Sander Declerck
0e6d002b4c
Don't swallow error on retry 2026-02-11 14:23:48 +01:00
Sander Declerck
cf8e39c5fd
Handle pr comments 2026-02-11 14:23:48 +01:00
Sander Declerck
4a53a7b20d
Add tests for malware db retry 2026-02-11 14:23:47 +01:00
Sander Declerck
14e94dcb62
Retry downloading the malware database 3 times 2026-02-11 14:23:47 +01:00
bitterpanda
a7388bbdcf
Update packages/safe-chain/src/registryProxy/interceptors/npm/modifyNpmInfo.js 2026-02-11 14:23:47 +01:00
Reinier Criel
2cba4be1aa
Include package name in logging when minimum package age is not met 2026-02-11 14:23:47 +01:00
Sander Declerck
0411a579ae
Wait and poll until proxy starts for max 60s 2026-01-13 10:02:48 +01:00
Sander Declerck
6006760b67
Only inherit io when loglevel verbose 2026-01-12 15:39:26 +01:00
Sander Declerck
9d1f7ac6fd
Use ramaproxy if it's available. 2026-01-12 14:15:30 +01:00
Sander Declerck
595f269f62
Add comment about backwards compat. 2026-01-12 11:20:25 +01:00
Sander Declerck
3573ef2bc5
Allow to configure loglevel through an env variable 2026-01-12 10:50:06 +01:00
Sander Declerck
094d1416ca
Merge pull request #272 from graemechapman/patch-1 
fix: Allow running commands if safe-chain npm package is not installed
 2026-01-07 12:03:19 +01:00
Sander Declerck
8bfbe1c77d
Merge pull request #232 from galargh/pip-custom-registries 
feat: allow python custom registries configuration
 2026-01-05 14:01:51 +01:00
Sander Declerck
74c57cd86a
Merge pull request #262 from AikidoSec/safe-chain-verify-command 
Add command to verify safe-chain is intercepting the package managers commands
 2026-01-05 09:10:05 +01:00
galargh
b23ba9d9c4 chore: update test parametrization 2026-01-02 10:39:15 +01:00
Graeme Chapman
c510d886a9
Simplify command execution in init-posix.sh 2025-12-31 10:57:08 +00:00
Graeme Chapman
a0e19818a0
fix: Allow running commands if safe-chain npm package is not installed 2025-12-31 10:18:58 +00:00
galargh
c53a7347e2 feat: allow python custom registries configuration through config file 2025-12-22 13:49:45 +01:00
galargh
39e2001d97 Merge remote-tracking branch 'origin/main' into pip-custom-registries 2025-12-22 13:27:04 +01:00
jassanw
3b6beb7f16 default to port 443 if port is null or empty 2025-12-19 18:49:58 -08:00
cherryace
bd19f477f7 Using port from req url when creating proxy request instead of hardcoded port 443 2025-12-19 17:57:33 -08:00
Sander Declerck
b571aad6a0
Add command to verify safe-chain is intercepting the package managers commands 2025-12-19 16:18:21 +01:00
Sander Declerck
53c59e35e9
Merge pull request #258 from thomasbecker/fix/connection-timeout-issue-228 
fix: use true connection timeout instead of idle timeout
 2025-12-19 11:05:53 +01:00
Sander Declerck
120e12fd34
Merge pull request #259 from AikidoSec/configure-custom-npm-registries 
Allow to configure custom/private npm registries
 2025-12-19 10:42:51 +01:00
Reinier Criel
bbf5f8189b
Merge pull request #256 from AikidoSec/feature/pipx-2 
Add PIPX support
 2025-12-19 09:41:00 +01:00
Sander Declerck
9f93763b98
Handle code quality comments 2025-12-18 18:18:45 +01:00
Sander Declerck
deb0ad5428
Create a single emptyConfig object 2025-12-18 18:03:09 +01:00