milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
1065 commits 61 branches 106 tags 3.3 MiB
Commit graph

49 commits

Author SHA1 Message Date
Chris Ingram
1eb4fe05fd Add pdm package manager support 
PDM is a modern Python package manager using pyproject.toml (PEP 621).
Uses the same MITM-only proxy approach as poetry/uv/pipx — all malware
detection and minimum package age enforcement happens at the proxy layer
by intercepting PyPI requests.
 2026-04-06 13:01:42 +01:00
BitterPanda
768de61401 install deps in safe-chain/package.json 2026-01-30 15:48:39 +01:00
BitterPanda
90a44d999a Revert "install archiver" 
This reverts commit 4c29eb3549.
 2026-01-30 15:47:49 +01:00
BitterPanda
ceaf69c27d Revert "add 'archiver' types" 
This reverts commit ef05762635.
 2026-01-30 15:47:41 +01:00
bitterpanda
ef05762635 add 'archiver' types 2026-01-30 14:42:43 +01:00
BitterPanda
4c29eb3549 install archiver 2026-01-30 14:22:21 +01:00
Reinier Criel
d2fc531c81 Fix tests and add command support 2025-12-18 10:33:31 +01:00
Reinier Criel
c1a12c9573 Merge branch 'main' into feature/poetry-2 2025-12-03 07:41:52 -08:00
Sander Declerck
0fd54b159b
Lock down @yao-pkg/pkg dependency 2025-12-03 11:38:30 +01:00
Reinier Criel
c7edefd247 Fix issue during manual testing 2025-11-30 20:25:13 -08:00
Sander Declerck
ab446e081d
Restore fork 2025-11-28 16:33:09 +01:00
Sander Declerck
35ab58c440
Try package downgrade 2025-11-28 15:53:38 +01:00
Sander Declerck
9c149f3bb3
Create and run build.js 2025-11-28 10:51:43 +01:00
Sander Declerck
afbf3d94c2
Merge branch 'main' into safe-chain-binaries 2025-11-27 15:14:52 +01:00
Sander Declerck
b14ff4cb33
First time build of the safe-chain binaries 2025-11-27 15:01:57 +01:00
Sander Declerck
c5b4fbf238
Update node-forge, npm-registry-fetch and make-fetch-happen 2025-11-27 10:34:11 +01:00
Sander Declerck
156522912e
Remove the safe-chain-bun package 2025-11-25 15:10:42 +01:00
Sander Declerck
c8df7566b5
Remove ora dependency 2025-11-25 14:22:31 +01:00
Reinier Criel
f4ff18304a Fix imports 2025-11-13 13:20:11 -08:00
Reinier Criel
61c9f1a1ef Merge config file if it exists 2025-11-13 11:14:45 -08:00
Reinier Criel
f400c5576a WIP 2025-11-06 08:32:25 -08:00
Reinier Criel
bffb1995bd Fix lock file 2025-11-03 07:19:08 -08:00
Reinier Criel
3d98bb5084 Fix package-lock.json 2025-11-03 07:07:41 -08:00
Reinier Criel
548d416996 Merge remote-tracking branch 'origin/main' into feature/pypi 2025-11-03 06:49:53 -08:00
Hans Ott
6f962a9299 Use Node.js 18 types 2025-11-01 13:09:08 +01:00
Hans Ott
c88b1a624f Type check safe-chain package 2025-11-01 13:06:06 +01:00
Reinier Criel
f38a12c6d5 Combine certificates 2025-10-30 16:00:32 -07:00
Reinier Criel
8b7784ecc0 Omly pass --cert when using known registry 2025-10-30 12:36:32 -07:00
Reinier Criel
f6381f5e91 Correct package-lock.json 2025-10-27 12:09:41 -07:00
Reinier Criel
9dacf5cff3 Revert package-lock.json to match main 2025-10-25 14:27:05 -07:00
Reinier Criel
059cba06bc Implement e2e tests 2025-10-23 11:41:13 -07:00
Reinier Criel
c85802dd2e Undo unnecessary changes 2025-10-23 09:17:13 -07:00
Reinier Criel
fbb7e0f95f Add tests 2025-10-22 14:51:44 -07:00
Reinier Criel
f086aeb2be Skeleton 2025-10-22 06:59:32 -07:00
Reinier Criel
d0f2edec0a Skeleton 2025-10-21 15:25:12 -07:00
Sander Declerck
4be412483e
Also push new lockfile 2025-10-10 16:20:56 +02:00
Hans Ott
41ab4b1edb Use oxlint instead of eslint 
- Less dev dependencies
- Much faster
- More helpful output
- More sane defaults
- Easier config
 2025-10-09 18:03:45 +02:00
Sander Declerck
a6980d5108
Add upstream proxy support 2025-10-02 09:06:35 +02:00
Sander Declerck
e2afcb16e3
Implement a proxy blocking tarball requests for packages containing malware. 2025-09-30 13:52:21 +02:00
Sander Declerck
d5cd59fd25
Use strict dependency versions 2025-09-17 14:14:04 +02:00
Sander Declerck
3d75b56ebd
Respect HTTPS_PROXY when fetching malware database. 2025-09-15 13:39:14 +02:00
Sander Declerck
f163101200
Remove @inquirer/prompts, update eslint. 2025-09-15 10:04:49 +02:00
Sander Declerck
dc3ab32078
Implement basic bun security scanner for safe chain 2025-09-05 14:19:02 +02:00
Sander Declerck
a9678f6fb4
Commit package-lock.json 2025-09-05 11:35:19 +02:00
Sander Declerck
7673d32912
Move safe-chain package to packages/safe-chain 2025-09-05 11:19:37 +02:00
Sander Declerck
cf6f895724
Merge branch 'main' into fix/aikido-security-update-packages-5669664-mBXT 2025-08-05 15:13:21 +02:00
aikido-autofix[bot]
9101c2c367
fix(security): update brace-expansion from 2.0.1 to 2.0.2 2025-07-17 17:19:54 +00:00
Sander Declerck
f10749923a
Implement pnpm and pnpx support 2025-07-17 10:08:49 +02:00
Sander Declerck
5eaf6ac3b3
Initial commit 2025-07-11 17:14:52 +02:00