milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
1104 commits 61 branches 106 tags 3.3 MiB
Commit graph

589 commits

Author SHA1 Message Date
Sander Declerck
6815b62019
Allow to exclude packages from the minimum package age 2026-01-14 17:41:23 +01:00
bitterpanda
9d55afbf85
Update packages/safe-chain/src/api/aikido.js 2026-01-14 15:33:09 +01:00
Sander Declerck
6f4eaf5234
Don't swallow error on retry 2026-01-14 15:31:37 +01:00
Sander Declerck
a5d545f29b
Handle pr comments 2026-01-14 14:55:11 +01:00
Sander Declerck
8d2655a4bf
Add tests for malware db retry 2026-01-14 14:41:06 +01:00
Sander Declerck
d83a381231
Retry downloading the malware database 3 times 2026-01-14 14:02:27 +01:00
bitterpanda
c38f1bcb3e
Update packages/safe-chain/src/registryProxy/interceptors/npm/modifyNpmInfo.js 2026-01-13 19:33:00 +01:00
Reinier Criel
f678ff8dd1 Include package name in logging when minimum package age is not met 2026-01-13 10:09:59 -08:00
Reinier Criel
340e9a90a5 Remove comment 2026-01-12 15:13:34 -08:00
Reinier Criel
9a902af917 Fix some logic 2026-01-12 15:12:19 -08:00
Reinier Criel
19652c49c9 Attempted fix for powershell swallowing '--' 2026-01-12 14:53:23 -08:00
Sander Declerck
595f269f62
Add comment about backwards compat. 2026-01-12 11:20:25 +01:00
Sander Declerck
3573ef2bc5
Allow to configure loglevel through an env variable 2026-01-12 10:50:06 +01:00
Uriel Corfa
0ce0a87557
Add the same handler for fish 2026-01-08 10:01:13 +01:00
Uriel Corfa
4e894dd0fd
init-posix: preserve arguments when exec'ing the original_cmd 2026-01-08 09:56:59 +01:00
Uriel Corfa
3bfca9e296
Propagate command-not-found errors when invoking wrapped commands 
Before this change, if a package manager was not installed, safe-chain still
sets the function and when invoked, the wrapper will invoke safe-chain, which
will exit with error code 127 when it fails to invoke the wrapped command. As an
example (with a shell prompt that shows $? when non-zero):

```
$ type -f pip
bash: type: pip: not found
1$ pip
127$
```

With this patch, the wrapper first checks for the existence of the wrapped
command (ignoring functions), and if no such command exists, it instructs the
shell to invoke it anyway. This results in the shell failing to find the
command, and reporting an error as if the wrapper function wasn't there:

```
$ source init-posix.sh
$ type -f pip
bash: type: pip: not found
1$ pip
Command 'pip' not found, but can be installed with:
sudo apt install python3-pip
127$
```
 2026-01-07 17:18:48 +01:00
Sander Declerck
094d1416ca
Merge pull request #272 from graemechapman/patch-1 
fix: Allow running commands if safe-chain npm package is not installed
 2026-01-07 12:03:19 +01:00
Sander Declerck
8bfbe1c77d
Merge pull request #232 from galargh/pip-custom-registries 
feat: allow python custom registries configuration
 2026-01-05 14:01:51 +01:00
Sander Declerck
74c57cd86a
Merge pull request #262 from AikidoSec/safe-chain-verify-command 
Add command to verify safe-chain is intercepting the package managers commands
 2026-01-05 09:10:05 +01:00
galargh
b23ba9d9c4 chore: update test parametrization 2026-01-02 10:39:15 +01:00
Graeme Chapman
c510d886a9
Simplify command execution in init-posix.sh 2025-12-31 10:57:08 +00:00
Graeme Chapman
a0e19818a0
fix: Allow running commands if safe-chain npm package is not installed 2025-12-31 10:18:58 +00:00
galargh
c53a7347e2 feat: allow python custom registries configuration through config file 2025-12-22 13:49:45 +01:00
galargh
39e2001d97 Merge remote-tracking branch 'origin/main' into pip-custom-registries 2025-12-22 13:27:04 +01:00
jassanw
3b6beb7f16 default to port 443 if port is null or empty 2025-12-19 18:49:58 -08:00
cherryace
bd19f477f7 Using port from req url when creating proxy request instead of hardcoded port 443 2025-12-19 17:57:33 -08:00
Sander Declerck
b571aad6a0
Add command to verify safe-chain is intercepting the package managers commands 2025-12-19 16:18:21 +01:00
Sander Declerck
53c59e35e9
Merge pull request #258 from thomasbecker/fix/connection-timeout-issue-228 
fix: use true connection timeout instead of idle timeout
 2025-12-19 11:05:53 +01:00
Sander Declerck
120e12fd34
Merge pull request #259 from AikidoSec/configure-custom-npm-registries 
Allow to configure custom/private npm registries
 2025-12-19 10:42:51 +01:00
Reinier Criel
bbf5f8189b
Merge pull request #256 from AikidoSec/feature/pipx-2 
Add PIPX support
 2025-12-19 09:41:00 +01:00
Sander Declerck
9f93763b98
Handle code quality comments 2025-12-18 18:18:45 +01:00
Sander Declerck
deb0ad5428
Create a single emptyConfig object 2025-12-18 18:03:09 +01:00
Sander Declerck
e3aa2e15cb
Add npmjs.com to known registries too. 2025-12-18 17:59:15 +01:00
Sander Declerck
41cc24d1f5
Allow to configure custom/prinvate npm registries 2025-12-18 13:52:49 +01:00
Reinier Criel
287bd7a41f Remove redundant comment 2025-12-18 13:41:18 +01:00
Reinier Criel
6ce3791140 Fix check 2025-12-18 13:37:29 +01:00
Thomas Becker
878e549211 fix: use true connection timeout instead of idle timeout 
socket.setTimeout() is an idle timeout in Node.js (node docs)[https://nodejs.org/api/net.html#socketsettimeouttimeout-callback]
- it fires after N ms of inactivity, not N ms after the connection attempt. This
caused false timeout errors after successful data transfers when connections
went idle for longer than the timeout period.

Replace with JS setTimeout() that:
- Fires N ms after connection attempt starts
- Gets cleared on successful connect
- Return 504 Gateway Timeout (more accurate than 502)

Also adds proper close event handlers for socket cleanup.

Fixes #228
 2025-12-18 12:53:49 +01:00
Reinier Criel
28f34a8380 Fix env func 2025-12-18 12:09:28 +01:00
Reinier Criel
a1d348b768 Fix test 2025-12-18 11:45:43 +01:00
Reinier Criel
dbc7272fb4 Some cleanup 2025-12-18 10:43:27 +01:00
Reinier Criel
d2fc531c81 Fix tests and add command support 2025-12-18 10:33:31 +01:00
Reinier Criel
b9de94f0f1 Merge branch 'main' into feature/pipx-2 2025-12-17 14:28:14 +01:00
Reinier Criel
5de43c1bf2 Some modifications 2025-12-17 13:26:14 +01:00
Reinier Criel
3c18ad76f7 Skeleton 2025-12-17 11:37:51 +01:00
bitterpanda
9db8a2cc24
Merge pull request #250 from AikidoSec/bug/py-flag-warning 
Emit deprecation warning when --include-python flag is used
 2025-12-16 15:25:38 +01:00
Reinier Criel
379cd20154 Fix linter issue 2025-12-16 15:05:03 +01:00
Reinier Criel
a47ea153da Simplify 2025-12-16 14:53:30 +01:00
Reinier Criel
037a83e1ff Print warning if deprecated --include-python flag is given 2025-12-16 14:47:53 +01:00
Sander Declerck
316922e9a6
Merge branch 'main' into fix-powershell-install-script-path-separator 2025-12-16 13:06:57 +01:00
Reinier Criel
b0faf9d48d Merge branch 'main' into feature/remove-pypi-flag 2025-12-16 09:05:10 +01:00