milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
854 commits 61 branches 106 tags 3.3 MiB
Commit graph

433 commits

Author SHA1 Message Date
Sander Declerck
917bc66fb0
Merge branch 'main' into disable-mac-unit-tests 2025-12-15 10:51:58 +01:00
Sander Declerck
8d5e8cc58f
Add tests for: not shortcircuiting timeout on imds endpoint. 2025-12-15 10:50:51 +01:00
Sander Declerck
11bd9b3c19
Only timeout for imds endpoints 2025-12-15 10:50:51 +01:00
Reinier Criel
7f1cbab717
Remove unnecessary change 2025-12-15 10:50:51 +01:00
Reinier Criel
d96cf7d14d
Fix linting issues 2025-12-15 10:50:50 +01:00
Reinier Criel
4210d00ac4
Fix tests 2025-12-15 10:50:50 +01:00
Reinier Criel
7b5a700655
Fix some issues 2025-12-15 10:50:50 +01:00
Reinier Criel
3de53e1f8a
Some fixes 2025-12-15 10:50:50 +01:00
Reinier Criel
f3b7847697
Add unit tests 2025-12-15 10:50:49 +01:00
Reinier Criel
ec22421bd9
Check input file 2025-12-15 10:50:49 +01:00
Reinier Criel
314001eb0c
Some improvements 2025-12-15 10:50:49 +01:00
Reinier Criel
02c30a2544
Combine NODE_EXTRA_CA_CERTS with Safe Chain's certificate bundle 2025-12-15 10:50:29 +01:00
Sander Declerck
09809d29bc
Refactor mocking in configFile.spec.js 2025-12-15 10:49:52 +01:00
Reinier Criel
fc5df6cd14
Merge pull request #238 from AikidoSec/feature/cleanup-shims 
Cleanup shims at teardown
 2025-12-15 01:36:19 -08:00
bitterpanda
6a00b623a8
Merge pull request #242 from AikidoSec/allow-0-min-package-age 
Allow '0' for minimum package age setting.
 2025-12-13 01:40:25 +01:00
Reinier Criel
f47cd7ebc0 Remove unused import 2025-12-12 12:07:06 -08:00
Reinier Criel
a405a51706 Also remove script dir 2025-12-12 11:17:17 -08:00
Reinier Criel
7e88490bd1 Merge branch 'main' into feature/cleanup-shims 2025-12-12 08:03:12 -08:00
Sander Declerck
3d1e4b0489
Allow '0' for minimum package age setting. 2025-12-12 16:35:02 +01:00
Uriel Corfa
cb9f3ee145
Do not rely on asynchronous import of child_process. 
Importing child_process asynchronously causes loader errors when running the
binary dist:

$ ./dist/safe-chain python --safe-chain-logging=verbose
Safe-chain: Bypassing safe-chain for non-pip invocation: python
Failed to check for malicious packages: A dynamic import callback was not specified.
$

Relying on a regular import does not cause this issue. There is no obvious
reason for this import to be dynamic (in particular, there are no tests using
this to mock the spawn function), so let's simplify.
 2025-12-12 09:09:52 +01:00
Uriel Corfa
db2c272aea
Add a unit test for shouldBypassSafeChain 2025-12-12 09:09:52 +01:00
Uriel Corfa
64d87ae1e1
Flush buffered logs before exiting 2025-12-12 09:09:50 +01:00
Reinier Criel
092df57695 Change order 2025-12-11 20:29:58 -08:00
Reinier Criel
2b0f8d9f0d Skeleton 2025-12-11 15:13:15 -08:00
galargh
833fa285aa feat: allow python custom registries configuration 2025-12-10 13:27:18 +01:00
Reinier Criel
0b28cb8fdb Merge branch 'main' into feature/combine-certs 2025-12-09 14:31:05 -08:00
Sander Declerck
40650e7912
Add tests for: not shortcircuiting timeout on imds endpoint. 2025-12-09 15:46:37 +01:00
Sander Declerck
afc68618c6
Only timeout for imds endpoints 2025-12-09 15:25:19 +01:00
Reinier Criel
5d1807a551 Remove unnecessary change 2025-12-08 17:30:55 -08:00
Reinier Criel
b84b410fd8 Fix linting issues 2025-12-08 15:36:37 -08:00
Reinier Criel
c51956b2db Fix tests 2025-12-08 15:23:44 -08:00
Reinier Criel
d9fe775d11 Fix some issues 2025-12-08 15:18:06 -08:00
Reinier Criel
2bc6d249de Some fixes 2025-12-08 13:38:38 -08:00
Reinier Criel
091e6ec5f8 Merge branch 'main' into feature/combine-certs 2025-12-08 09:42:10 -08:00
bitterpanda
cef2194427
Merge pull request #225 from AikidoSec/fix-url-in-output-logs 
Fix undefined url in output logs
 2025-12-08 13:00:22 +01:00
Sander Declerck
19aed47f02
Add typedef for MalwareBlockedEvent 2025-12-08 11:54:30 +01:00
Sander Declerck
4840b0f694
Fix undefined url in output logs 2025-12-08 11:50:57 +01:00
Sander Declerck
a7946377b4
Log audit stats as verbose, not as information 2025-12-08 11:37:37 +01:00
Reinier Criel
2e9bae41f3 Add unit tests 2025-12-05 15:40:14 -08:00
Reinier Criel
d0c5f35707 Check input file 2025-12-05 15:31:19 -08:00
Reinier Criel
8aa0615293 Some improvements 2025-12-05 15:13:12 -08:00
Reinier Criel
7086cfa277 Combine NODE_EXTRA_CA_CERTS with Safe Chain's certificate bundle 2025-12-05 14:26:23 -08:00
bitterpanda
15cc6ff7fe
Merge pull request #178 from AikidoSec/feature/poetry-2 
Add Poetry support
 2025-12-05 15:56:20 +01:00
bitterpanda
2dd215d620
Merge pull request #220 from AikidoSec/feature/pypi-cleanup-2 
[PYPI] Centralize pip/python bypass logic in runPipCommand
 2025-12-05 14:26:17 +01:00
Sander Declerck
883bae737c
Merge pull request #214 from AikidoSec/pwsh-join-path-issue 
Fix Join-Path error for Windows Powershell
 2025-12-05 14:07:12 +01:00
Sander Declerck
e421414b8a
Don't repeatedly call isImdsEndpoint 2025-12-05 12:12:22 +01:00
Sander Declerck
57a0e88fa4
Add tests and clarifying comments 2025-12-05 12:09:19 +01:00
Reinier Criel
e211f531c5 Refactor PyPI logic and cleanup 2025-12-04 12:37:59 -08:00
Reinier Criel
d018246292 More cleanup 2025-12-04 07:13:32 -08:00
Sander Declerck
a9ebec14f6
Remove 192.0.2.1 2025-12-04 15:21:47 +01:00