AikidoSec-safe-chain

mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00

Author	SHA1	Message	Date
Hans Ott	c88b1a624f	Type check safe-chain package	2025-11-01 13:06:06 +01:00
Sander Declerck	3721ca9113	Fix linter issues	2025-10-31 13:56:35 +01:00
Sander Declerck	78fd93b72a	End clientsocket without 502 in case of proxySocket error	2025-10-31 11:41:39 +01:00
Sander Declerck	4dc14397ad	Use correct event name in comment (error)	2025-10-31 11:40:01 +01:00
Sander Declerck	df5c424a42	Add missing import (ui) in mitmRequestHandler.js	2025-10-31 11:38:39 +01:00
Sander Declerck	bae43d0dcd	MITM handler: Close the response on server error	2025-10-31 11:38:16 +01:00
Sander Declerck	efb0044419	Add global exception handlers	2025-10-31 10:26:56 +01:00
Sander Declerck	65c9ca62de	Subscribe to more error events to prevent the process from crashing	2025-10-31 09:39:16 +01:00
Sander Declerck	ab3319a310	Remove --safe-chain-malware-action flag	2025-10-27 11:51:19 +01:00
Sander Declerck	95d9cefcc9	Merge pull request #123 from AikidoSec/logging-silent-mode Introduce silent mode to disable logging	2025-10-27 11:29:26 +01:00
Sander Declerck	23c8a2e324	Merge pull request #91 from AikidoSec/escape-special-chars-in-shell Escape special chars in shell scripts	2025-10-27 11:29:09 +01:00
Sander Declerck	0029a7e1c1	Add extra comments for regex clarification	2025-10-27 10:49:26 +01:00
Sander Declerck	f5f3b91b40	Test if command is safe to execute	2025-10-24 17:36:51 +02:00
Sander Declerck	0f164d055f	Fix mocking in tests	2025-10-23 17:48:26 +02:00
Sander Declerck	9a78cafbfd	Introduce silent mode to disable logging	2025-10-23 17:45:03 +02:00
Sander Declerck	7a55be49f4	Fix linting error	2025-10-23 13:29:14 +02:00
Sander Declerck	08c1328b52	Cleanup code, add some tests	2025-10-23 13:23:08 +02:00
Sander Declerck	c74c23b0ff	Fix unit tests	2025-10-23 10:52:03 +02:00
Sander Declerck	8447d3cac5	Merge branch 'main' into escape-special-chars-in-shell	2025-10-23 09:52:38 +02:00
Hans Ott	7e72ae7d3d	On Unix/macOS, pass args to `spawn` to avoid escaping issues	2025-10-23 09:46:15 +02:00
Sander Declerck	2e1ee0dfa4	Merge pull request #119 from AikidoSec/proxy-unit-tests Add tests for the proxy	2025-10-22 15:47:16 +02:00
Sander Declerck	f4cdf91fc9	Add tests for the proxy	2025-10-22 15:41:33 +02:00
Sander Declerck	1ded3899b0	Commit new tests	2025-10-21 14:56:46 +02:00
Sander Declerck	da865f855d	Fix crash when a package does not contain a version (retracted packages)	2025-10-21 14:29:17 +02:00
Sander Declerck	b935f8d4f4	Merge pull request #105 from AikidoSec/kill-dry-run Remove dry-run scanner for npm, relying on the proxy to block maliscious package downloads instead	2025-10-15 12:04:26 +02:00
bitterpanda	e123c0e019	Merge pull request #106 from AikidoSec/remove-abbrev-package Remove abbrev package	2025-10-15 12:03:07 +02:00
Sander Declerck	05354ba2f0	Add some more comments on why http / https is handled in different code paths	2025-10-15 11:56:03 +02:00
Sander Declerck	3e8ce13db5	Move generated abbrevs to a separate file	2025-10-15 11:51:56 +02:00
Sander Declerck	37ef3e187b	Further cleanup	2025-10-15 09:25:24 +02:00
Sander Declerck	fce7550609	Cleanup debugging code from test again	2025-10-15 09:21:23 +02:00
Sander Declerck	ee82134c19	Proxyres on close and end	2025-10-14 14:54:58 +02:00
Sander Declerck	a2d05b0cf0	More logs	2025-10-14 14:18:33 +02:00
Sander Declerck	2968960b41	Cleanup registryProxy, increase timeout on DockerTestContainer	2025-10-14 13:22:58 +02:00
Sander Declerck	8ed2330a3c	Allow the safe-chain to act as a regular http proxy too (besides the CONNECT tunneling implementation)	2025-10-13 15:49:42 +02:00
Sander Declerck	ea92ea0731	Remove abbrev package	2025-10-10 16:19:38 +02:00
Sander Declerck	8aebb1b96b	Remove dry-run scanner for npm, relying on the proxy to block maliscious package downloads instead	2025-10-10 16:18:43 +02:00
Sander Declerck	4fc33d2387	Add command to get the safe-chain version	2025-10-10 15:34:33 +02:00
Sander Declerck	dc4352bffb	Merge pull request #99 from AikidoSec/remove-sync Remove `safeSpawnSync` (unused)	2025-10-10 15:04:39 +02:00
Hans Ott	2fa14b82f3	Simplify tests	2025-10-10 14:57:28 +02:00
Sander Declerck	831621323b	Merge pull request #101 from AikidoSec/oxlint Use oxlint instead of eslint	2025-10-10 14:54:54 +02:00
Sander Declerck	a377fd6caa	Listen to error events on sockets	2025-10-10 13:55:39 +02:00
Hans Ott	5518846e96	Update packages/safe-chain/package.json Co-authored-by: Timo Kössler <info@timokoessler.de>	2025-10-10 11:45:34 +02:00
Hans Ott	41ab4b1edb	Use oxlint instead of eslint - Less dev dependencies - Much faster - More helpful output - More sane defaults - Easier config	2025-10-09 18:03:45 +02:00
Hans Ott	459f3a5b14	Remove unused import	2025-10-09 17:35:29 +02:00
Hans Ott	0afea0eed6	Remove `safeSpawnSync` (unused)	2025-10-09 16:44:55 +02:00
Sander Declerck	ad7e94dac4	Add unit tests for yarn environment variables	2025-10-09 15:35:43 +02:00
Sander Declerck	d5620b2d12	Don't set YARN_HTTPS_CA_FILE_PATH, it ignores all system CAs	2025-10-09 14:58:06 +02:00
Sander Declerck	219a189993	Check if a socket is writable before writing to it	2025-10-08 19:32:25 +02:00
Sander Declerck	41e88d422e	Add mention of bun everywhere	2025-10-08 16:42:59 +02:00
Sander Declerck	b08b4e2d4e	Wrap bun with safe-chain to block downloads of packages with malware	2025-10-08 16:42:59 +02:00

1 2 3

106 commits