milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
575 commits 61 branches 106 tags 3.3 MiB
Commit graph

47 commits

Author SHA1 Message Date
bitterpanda
c0076091c2
Update packages/safe-chain/bin/safe-chain.js 2025-12-03 11:10:47 +01:00
Sander Declerck
dc6f16a034
PR comments 2025-12-02 15:28:59 +01:00
Sander Declerck
1361abc4e8
Fix top-level await 2025-11-28 18:06:31 +01:00
Sander Declerck
8852afb5fa
Fix e2e tests 2025-11-28 18:05:09 +01:00
Sander Declerck
552fd37294
Remove certificate command 2025-11-28 16:30:18 +01:00
Sander Declerck
0fffcf2cc1
Add certificate command 2025-11-28 14:51:54 +01:00
Sander Declerck
a3bff105cc
Update startup scripts to use safe-chain instead of aikido-* 2025-11-28 14:01:11 +01:00
Sander Declerck
f1ee6567df
Fix __dirname for esm / fix e2e tests. 2025-11-28 12:57:48 +01:00
Sander Declerck
9c149f3bb3
Create and run build.js 2025-11-28 10:51:43 +01:00
Sander Declerck
b14ff4cb33
First time build of the safe-chain binaries 2025-11-27 15:01:57 +01:00
Reinier Criel
e03bceba88 Some cleanup 2025-11-25 14:37:31 -08:00
Reinier Criel
cab3a0aba3 Add uv (Astral Python package manager) support 
- Add uv package manager implementation following pip pattern
- Configure MITM proxy with CA bundle for PyPI packages
- Add shell integration (bash/zsh/fish/PowerShell)
- Conditional on --include-python flag
- Add 33 comprehensive E2E tests covering:
  - uv pip install/sync/compile commands
  - uv add for project dependencies
  - uv tool install for global tools
  - uv run --with for ephemeral dependencies
  - uv sync for project syncing
  - Malware blocking verification for all methods
- Update documentation and package.json
- Install uv in Docker test environment
 2025-11-25 14:10:20 -08:00
Sander Declerck
c6bcd6f646
Add feature flag in setup for python support. 2025-11-14 14:12:44 +01:00
Reinier Criel
d3a4f81b3c More cleanup 2025-11-06 13:44:34 -08:00
Reinier Criel
61a53b24fd Some cleanup 2025-11-06 13:24:00 -08:00
Reinier Criel
e88aede939 Remove some debug logging 2025-11-06 12:25:55 -08:00
Reinier Criel
032fc3847f Fix args 2025-11-06 11:09:28 -08:00
Reinier Criel
9bd29056c6 Some cleanup 2025-11-06 11:02:03 -08:00
Reinier Criel
28d24bb6ea Another iteration 2025-11-06 10:26:26 -08:00
Reinier Criel
f400c5576a WIP 2025-11-06 08:32:25 -08:00
Reinier Criel
3b56a0181f Update comment 2025-11-05 09:55:09 -08:00
Reinier Criel
2b6b9b6737 Cleanup comments 2025-11-04 06:59:45 -08:00
Reinier Criel
d789491561 Merge branch 'main' into feature/pypi 2025-11-04 06:54:00 -08:00
Reinier Criel
9a0b6f45bb Use comment iso type checking 2025-11-03 08:12:48 -08:00
Reinier Criel
a2fb94d0f0 Fix type check issues 2025-11-03 07:13:36 -08:00
Reinier Criel
548d416996 Merge remote-tracking branch 'origin/main' into feature/pypi 2025-11-03 06:49:53 -08:00
Sander Declerck
14c4c4997e
Remove @ts-expect-error suppressions 2025-11-03 13:57:29 +01:00
Hans Ott
c88b1a624f Type check safe-chain package 2025-11-01 13:06:06 +01:00
Reinier Criel
8f877742d0 Fix permissions issue with aikido-pip3 2025-10-27 11:48:30 -07:00
Reinier Criel
190607de92 Adapt per review 2025-10-27 09:23:47 -07:00
Reinier Criel
38d3b46939 Some more cleanup 2025-10-25 14:03:19 -07:00
Reinier Criel
059cba06bc Implement e2e tests 2025-10-23 11:41:13 -07:00
Reinier Criel
f817bf887a Update documentation 2025-10-23 10:23:42 -07:00
Reinier Criel
982da4aa77 more cleanup 2025-10-22 15:16:53 -07:00
Reinier Criel
fbb7e0f95f Add tests 2025-10-22 14:51:44 -07:00
Reinier Criel
8b9ffc28ed Some cleanup 2025-10-22 07:04:35 -07:00
Reinier Criel
f086aeb2be Skeleton 2025-10-22 06:59:32 -07:00
Reinier Criel
d0f2edec0a Skeleton 2025-10-21 15:25:12 -07:00
Sander Declerck
b935f8d4f4
Merge pull request #105 from AikidoSec/kill-dry-run 
Remove dry-run scanner for npm, relying on the proxy to block maliscious package downloads instead
 2025-10-15 12:04:26 +02:00
Sander Declerck
8aebb1b96b
Remove dry-run scanner for npm, relying on the proxy to block maliscious package downloads instead 2025-10-10 16:18:43 +02:00
Sander Declerck
4fc33d2387
Add command to get the safe-chain version 2025-10-10 15:34:33 +02:00
Sander Declerck
43dcba8802
Wrap bun with safe-chain to block downloads of packages with malware 2025-10-08 15:12:06 +02:00
Sander Declerck
67304751bd
Handle process exit better + some PR cleanup 2025-10-01 08:53:56 +02:00
Sander Declerck
d1c0982942
Base safe-chain setupci implementation 2025-09-18 17:44:42 +02:00
Sander Declerck
4e3fe7b738
Rely on npm version rather than node version to determine which scanner to use. Fixes #46 2025-09-15 09:39:41 +02:00
Sander Declerck
0c1087bee0
Also mention pnpx in safe-chain-setup 2025-09-09 09:01:48 +02:00
Sander Declerck
7673d32912
Move safe-chain package to packages/safe-chain 2025-09-05 11:19:37 +02:00