milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 20:20:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1234 commits 61 branches 106 tags 3.3 MiB
Commit graph

625 commits

Author SHA1 Message Date
bitterpanda
85759f5bf8
Merge 338598973a into 9453c8c0c9 2026-05-21 14:11:52 -07:00
Chris Ingram
bf2d37d114
Merge branch 'main' into feat/pdm-support 2026-05-15 08:46:06 +01:00
Chris Ingram
54db058ac7
Use getPackageManagerList in safe-chain setup help text 
The install message in `safe-chain setup` help was hardcoding a stale
list of package managers (missing uv, uvx, poetry, pipx, pdm). Use the
existing getPackageManagerList() helper so the list stays in sync with
knownAikidoTools.
 2026-05-14 10:04:18 +01:00
Chris Ingram
8453012f7b
Merge remote-tracking branch 'aikido/main' into feat/pdm-support 2026-05-14 09:51:31 +01:00
Reinier Criel
d9b7aefd34 unset PKG_EXECPATH before invoking safe-chain binary 2026-05-13 14:33:58 -07:00
James McMeeking
7ce44b4c62
Remove the unecessary proxy setting 2026-05-08 13:12:40 +01:00
James McMeeking
55f2123f5c
Remove the normalisation bits added in error 2026-05-08 11:25:07 +01:00
James McMeeking
08ae1ef732
Pull parsing logic into distinct file and remove invalid continue 2026-05-08 11:08:58 +01:00
James McMeeking
98a1ba7d10
Add rushx support too 
Co-authored-by: Copilot <copilot@github.com>
 2026-05-01 17:04:38 +01:00
James McMeeking
5cf2ffe201
Merge branch 'main' into feature/add-rush-monorepo-support 2026-05-01 16:49:49 +01:00
Xander Van Raemdonck
19d2dee5c9
Bind registry proxy to loopback only 
Without an explicit host, `server.listen(0)` binds to every interface,
turning safe-chain's unauthenticated forward proxy into an open relay
while `aikido-*` commands are running. Anyone reachable on the network
can use it to hit the victim's localhost, intranet, or cloud metadata
endpoints. The advertised HTTPS_PROXY URL already used `localhost`
(loopback), but the listener itself was wide open.

Bind to 127.0.0.1 explicitly and update the advertised URL to match.
Add a regression test that verifies the listener refuses connections
on non-loopback interfaces.
 2026-04-30 20:37:41 +02:00
James
84346fdea7
Merge branch 'main' into feature/add-rush-monorepo-support 2026-04-23 16:29:15 +01:00
Chris Ingram
abbe0480b6
Merge branch 'main' into feat/pdm-support 2026-04-22 14:25:32 +01:00
Sander Declerck
9fae225277
Make sure rejected promise is not cached in malware list / new packages cache 2026-04-21 09:31:26 +02:00
Sander Declerck
2930894624
Fix concurrency bug leading to multiple fetches of the malware database 2026-04-21 09:26:07 +02:00
Reinier Criel
33c3bec43d Fix PyPI minimum-age fallback when cached metadata bypasses rewrite 2026-04-17 09:37:40 -07:00
Reinier Criel
782af8e789
Merge pull request #411 from AikidoSec/feat/dynamic-install-dir 
Add support for custom install directory
 2026-04-16 10:04:25 -07:00
Reinier Criel
b3372cc50e Rename function 2026-04-15 15:33:37 -07:00
Reinier Criel
7ed943d46f Fix Windows bash 2026-04-15 09:19:20 -07:00
Reinier Criel
a68cf97f89 One more fix 2026-04-14 16:14:05 -07:00
Reinier Criel
bafa997a70 Some fixes 2026-04-14 16:02:46 -07:00
Reinier Criel
6ff2ee3367 Adapt per review 2026-04-14 11:30:29 -07:00
Stephen Benjamin
14c8abffea Add uvx support 
Add uvx as a supported package manager so that `uvx` commands are
routed through safe-chain's MITM proxy for malware detection, just
like `uv`. Previously, `uvx` bypassed all safe-chain protections.

The uvx package manager reuses the existing uv command runner since
uvx is functionally equivalent to `uv tool run`.

Fixes #268

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 10:04:10 -04:00
Reinier Criel
e54869ddd0 Code Quality 2026-04-13 14:40:42 -07:00
Reinier Criel
38a8130f4a Some fixes 2026-04-13 13:32:55 -07:00
Reinier Criel
f7324ccfc0 Merge branch 'feat/dynamic-install-dir' of github.com:AikidoSec/safe-chain into feat/dynamic-install-dir 2026-04-13 12:22:03 -07:00
Reinier Criel
60732c5b6a Test 2026-04-13 12:21:31 -07:00
Reinier Criel
56a54b8683
Update packages/safe-chain/src/shell-integration/supported-shells/zsh.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:51 -07:00
Reinier Criel
32408c6583
Update packages/safe-chain/src/shell-integration/supported-shells/windowsPowershell.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:39 -07:00
Reinier Criel
f2bdd28ae6
Update packages/safe-chain/src/shell-integration/supported-shells/powershell.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:27 -07:00
Reinier Criel
5bbf3da576
Update packages/safe-chain/src/shell-integration/supported-shells/fish.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:15 -07:00
Reinier Criel
f07d0ea888
Update packages/safe-chain/src/shell-integration/supported-shells/bash.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-13 11:17:02 -07:00
Reinier Criel
031c9683b1 Some more cleanup 2026-04-13 11:10:16 -07:00
Reinier Criel
d064d46668 Cleanup 2026-04-13 11:01:45 -07:00
Reinier Criel
98dcda78da Some more cleanup 2026-04-10 15:33:30 -07:00
Reinier Criel
e5c79e5bd6
Update packages/safe-chain/src/shell-integration/supported-shells/windowsPowershell.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-10 15:21:05 -07:00
Reinier Criel
8cf41dc4a6
Update packages/safe-chain/src/shell-integration/supported-shells/bash.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-10 15:20:53 -07:00
Reinier Criel
d7400a0bc0
Update packages/safe-chain/src/shell-integration/supported-shells/zsh.js 
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
 2026-04-10 15:20:37 -07:00
Reinier Criel
eb9d0bba3e Code Quality 2026-04-10 15:16:33 -07:00
Reinier Criel
6628e1d4fd Some cleanup 2026-04-10 14:57:45 -07:00
Reinier Criel
32c95dbb9d Fix WIndows shell + unit tests 2026-04-10 14:27:55 -07:00
Reinier Criel
b0f392522b Some cleanup 2026-04-10 14:08:59 -07:00
Reinier Criel
24af6f21eb Add regular setup support 2026-04-10 12:09:40 -07:00
Reinier Criel
1635bee387 Add support for setup-ci with custom install dir 2026-04-10 10:18:49 -07:00
Reinier Criel
422963b38a Do not hardcode path in setup-ci 2026-04-10 09:05:29 -07:00
Reinier Criel
a0fb8d6b3d Add env var support for home dir 2026-04-10 08:57:08 -07:00
James McMeeking
178b8a4423
Merge branch 'main' into feature/add-rush-monorepo-support 2026-04-08 16:24:23 +01:00
Sander Declerck
070afb9364
Remove archiver dependency and safe-chain ultimate troubleshooting 2026-04-07 17:19:45 +02:00
Chris Ingram
ced5e26420 File mode on aikido-pdm.js 2026-04-07 11:19:04 +01:00
James
f26cdab1f6
Merge branch 'main' into feature/add-rush-monorepo-support 2026-04-06 18:52:18 +01:00