Install script for linux x64 as well

Use ramaproxy if it's available.
2026-05-26 20:20:49 +00:00 · 2026-01-12 15:25:40 +01:00 · 2026-01-12 14:15:30 +01:00
147 changed files with 1367 additions and 8909 deletions
--- a/.github/workflows/build-and-release.yml
+++ b/.github/workflows/build-and-release.yml
@ -4,8 +4,6 @@ on:
  push:
    tags:
      - "*"
  release:
    types: [published]
 permissions:
  id-token: write
@ -14,19 +12,30 @@ permissions:
 jobs:
  set-version:
    name: Set version number
-    if: github.event_name == 'push'
+    runs-on: ubuntu-latest
    runs-on: open-source-releaser
    outputs:
      version: ${{ steps.get_version.outputs.tag }}
      is_prerelease: ${{ steps.check_prerelease.outputs.is_prerelease }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: Set version number
        id: get_version
        run: |
          version="${{ github.ref_name }}"
          echo "tag=$version" >> $GITHUB_OUTPUT
      - name: Check if pre-release
        id: check_prerelease
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          IS_PRERELEASE=$(gh release view ${{ steps.get_version.outputs.tag }} --json isPrerelease --jq '.isPrerelease')
          echo "is_prerelease=$IS_PRERELEASE" >> $GITHUB_OUTPUT
          echo "Release ${{ steps.get_version.outputs.tag }} is pre-release: $IS_PRERELEASE"
  create-binaries:
    if: github.event_name == 'push'
    needs: set-version
    uses: ./.github/workflows/create-artifact.yml
    with:
@ -34,9 +43,9 @@ jobs:
  publish-binaries:
    name: Publish to GitHub release
    if: github.event_name == 'push'
    needs: [set-version, create-binaries]
-    runs-on: open-source-releaser
+    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
@ -60,59 +69,20 @@ jobs:
          mv binaries/safe-chain-win-x64/safe-chain.exe release-artifacts/safe-chain-win-x64.exe
          mv binaries/safe-chain-win-arm64/safe-chain.exe release-artifacts/safe-chain-win-arm64.exe
-      - name: Move install scripts and hard-code version and checksums
+      - name: Move install scripts and hard-code version
        env:
          VERSION: ${{ needs.set-version.outputs.version }}
        run: |
-          SHA_MACOS_X64=$(sha256sum release-artifacts/safe-chain-macos-x64         | awk '{print $1}')
+          sed "s/\$(fetch_latest_version)/${VERSION}/" install-scripts/install-safe-chain.sh > release-artifacts/install-safe-chain.sh
-          SHA_MACOS_ARM64=$(sha256sum release-artifacts/safe-chain-macos-arm64     | awk '{print $1}')
+          sed "s/\$Version = Get-LatestVersion/\$Version = \"${VERSION}\"/" install-scripts/install-safe-chain.ps1 > release-artifacts/install-safe-chain.ps1
          SHA_LINUX_X64=$(sha256sum release-artifacts/safe-chain-linux-x64         | awk '{print $1}')
          SHA_LINUX_ARM64=$(sha256sum release-artifacts/safe-chain-linux-arm64     | awk '{print $1}')
          SHA_LINUXSTATIC_X64=$(sha256sum release-artifacts/safe-chain-linuxstatic-x64     | awk '{print $1}')
          SHA_LINUXSTATIC_ARM64=$(sha256sum release-artifacts/safe-chain-linuxstatic-arm64 | awk '{print $1}')
          SHA_WIN_X64=$(sha256sum release-artifacts/safe-chain-win-x64.exe         | awk '{print $1}')
          SHA_WIN_ARM64=$(sha256sum release-artifacts/safe-chain-win-arm64.exe     | awk '{print $1}')
          sed \
            -e "s/\$(fetch_latest_version)/${VERSION}/" \
            -e "s|^SHA256_MACOS_X64=\"\"|SHA256_MACOS_X64=\"${SHA_MACOS_X64}\"|" \
            -e "s|^SHA256_MACOS_ARM64=\"\"|SHA256_MACOS_ARM64=\"${SHA_MACOS_ARM64}\"|" \
            -e "s|^SHA256_LINUX_X64=\"\"|SHA256_LINUX_X64=\"${SHA_LINUX_X64}\"|" \
            -e "s|^SHA256_LINUX_ARM64=\"\"|SHA256_LINUX_ARM64=\"${SHA_LINUX_ARM64}\"|" \
            -e "s|^SHA256_LINUXSTATIC_X64=\"\"|SHA256_LINUXSTATIC_X64=\"${SHA_LINUXSTATIC_X64}\"|" \
            -e "s|^SHA256_LINUXSTATIC_ARM64=\"\"|SHA256_LINUXSTATIC_ARM64=\"${SHA_LINUXSTATIC_ARM64}\"|" \
            -e "s|^SHA256_WIN_X64=\"\"|SHA256_WIN_X64=\"${SHA_WIN_X64}\"|" \
            -e "s|^SHA256_WIN_ARM64=\"\"|SHA256_WIN_ARM64=\"${SHA_WIN_ARM64}\"|" \
            install-scripts/install-safe-chain.sh > release-artifacts/install-safe-chain.sh
          sed \
            -e "s/\$Version = Get-LatestVersion/\$Version = \"${VERSION}\"/" \
            -e "s|^\$SHA256_MACOS_X64 = \"\"|\$SHA256_MACOS_X64 = \"${SHA_MACOS_X64}\"|" \
            -e "s|^\$SHA256_MACOS_ARM64 = \"\"|\$SHA256_MACOS_ARM64 = \"${SHA_MACOS_ARM64}\"|" \
            -e "s|^\$SHA256_LINUX_X64 = \"\"|\$SHA256_LINUX_X64 = \"${SHA_LINUX_X64}\"|" \
            -e "s|^\$SHA256_LINUX_ARM64 = \"\"|\$SHA256_LINUX_ARM64 = \"${SHA_LINUX_ARM64}\"|" \
            -e "s|^\$SHA256_LINUXSTATIC_X64 = \"\"|\$SHA256_LINUXSTATIC_X64 = \"${SHA_LINUXSTATIC_X64}\"|" \
            -e "s|^\$SHA256_LINUXSTATIC_ARM64 = \"\"|\$SHA256_LINUXSTATIC_ARM64 = \"${SHA_LINUXSTATIC_ARM64}\"|" \
            -e "s|^\$SHA256_WIN_X64 = \"\"|\$SHA256_WIN_X64 = \"${SHA_WIN_X64}\"|" \
            -e "s|^\$SHA256_WIN_ARM64 = \"\"|\$SHA256_WIN_ARM64 = \"${SHA_WIN_ARM64}\"|" \
            install-scripts/install-safe-chain.ps1 > release-artifacts/install-safe-chain.ps1
          cp install-scripts/uninstall-safe-chain.sh release-artifacts/uninstall-safe-chain.sh
          cp install-scripts/uninstall-safe-chain.ps1 release-artifacts/uninstall-safe-chain.ps1
          cp install-scripts/install-endpoint-mac.sh release-artifacts/install-endpoint-mac.sh
          cp install-scripts/install-endpoint-windows.ps1 release-artifacts/install-endpoint-windows.ps1
          cp install-scripts/uninstall-endpoint-mac.sh release-artifacts/uninstall-endpoint-mac.sh
          cp install-scripts/uninstall-endpoint-windows.ps1 release-artifacts/uninstall-endpoint-windows.ps1
-      - name: Create draft release and upload assets
+      - name: Upload binaries to existing GitHub Release
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          VERSION: ${{ needs.set-version.outputs.version }}
        run: |
-          if ! gh release view "$VERSION" &>/dev/null; then
+          gh release upload ${{ needs.set-version.outputs.version }} \
            gh release create "$VERSION" --draft --title "$VERSION" --generate-notes
          fi
          gh release upload "$VERSION" --clobber \
            release-artifacts/safe-chain-macos-x64 \
            release-artifacts/safe-chain-macos-arm64 \
            release-artifacts/safe-chain-linux-x64 \
@ -124,15 +94,12 @@ jobs:
            release-artifacts/install-safe-chain.sh \
            release-artifacts/install-safe-chain.ps1 \
            release-artifacts/uninstall-safe-chain.sh \
-            release-artifacts/uninstall-safe-chain.ps1 \
+            release-artifacts/uninstall-safe-chain.ps1
            release-artifacts/install-endpoint-mac.sh \
            release-artifacts/install-endpoint-windows.ps1 \
            release-artifacts/uninstall-endpoint-mac.sh \
            release-artifacts/uninstall-endpoint-windows.ps1
  publish-npm:
    name: Publish to npm
-    if: github.event_name == 'release'
+    needs: [set-version, create-binaries]
    if: needs.set-version.outputs.is_prerelease != 'true'
    runs-on: ubuntu-latest
    steps:
@ -144,12 +111,14 @@ jobs:
        with:
          node-version: "lts/*"
          registry-url: "https://registry.npmjs.org/"
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}
      - name: Setup safe-chain
        run: curl -fsSL https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.sh | sh -s -- --ci
      - name: Set the version in safe-chain package
-        run: npm --no-git-tag-version version ${{ github.event.release.tag_name }} --workspace=packages/safe-chain
+        run: npm --no-git-tag-version version ${{ needs.set-version.outputs.version }} --workspace=packages/safe-chain
      - name: Install dependencies
        run: npm ci
@ -162,15 +131,8 @@ jobs:
          cp README.md packages/safe-chain/
          cp LICENSE packages/safe-chain/
          cp -r docs packages/safe-chain/
          cp npm-shrinkwrap.json packages/safe-chain/
      - name: Publish to npm
        run: |
-          VERSION="${{ github.event.release.tag_name }}"
+          echo "Publishing version ${{ needs.set-version.outputs.version }} to NPM"
-          echo "Publishing version $VERSION to NPM"
+          npm publish --workspace=packages/safe-chain --access public --provenance
          if [[ "$VERSION" == *"-"* ]]; then
            PRERELEASE_TAG=$(echo "$VERSION" | sed 's/.*-\([^-]*\)$/\1/')
            npm publish --workspace=packages/safe-chain --access public --provenance --tag "$PRERELEASE_TAG"
          else
            npm publish --workspace=packages/safe-chain --access public --provenance
          fi
--- a/.github/workflows/bump-endpoint.yml
+++ b/.github/workflows/bump-endpoint.yml
@ -1,82 +0,0 @@
 name: Bump Device Protection Automatically
 on:
  schedule:
    - cron: '0 * * * *' # every hour
  workflow_dispatch:
 permissions:
  contents: write
  pull-requests: write
 jobs:
  bump-endpoint:
    runs-on: open-source-releaser
    steps:
      - uses: actions/checkout@v4
      - name: Get latest safechain-internals release
        id: latest
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          VERSION=$(gh api repos/AikidoSec/safechain-internals/releases/latest --jq '.tag_name')
          echo "version=$VERSION" >> $GITHUB_OUTPUT
      - name: Get current version from install script
        id: current
        run: |
          CURRENT=$(grep -oP '(?<=releases/download/)[^/]+(?=/EndpointProtection\.pkg)' install-scripts/install-endpoint-mac.sh)
          echo "version=$CURRENT" >> $GITHUB_OUTPUT
      - name: Download assets and compute checksums
        if: steps.latest.outputs.version != steps.current.outputs.version
        id: checksums
        run: |
          VERSION="${{ steps.latest.outputs.version }}"
          BASE="https://github.com/AikidoSec/safechain-internals/releases/download/${VERSION}"
          curl -fsSL "${BASE}/EndpointProtection.pkg" -o /tmp/EndpointProtection.pkg
          curl -fsSL "${BASE}/EndpointProtection.msi" -o /tmp/EndpointProtection.msi
          echo "mac=$(sha256sum /tmp/EndpointProtection.pkg | cut -d' ' -f1)" >> $GITHUB_OUTPUT
          echo "win=$(sha256sum /tmp/EndpointProtection.msi | cut -d' ' -f1)" >> $GITHUB_OUTPUT
      - name: Update install scripts
        if: steps.latest.outputs.version != steps.current.outputs.version
        run: |
          NEW="${{ steps.latest.outputs.version }}"
          OLD="${{ steps.current.outputs.version }}"
          MAC_SHA="${{ steps.checksums.outputs.mac }}"
          WIN_SHA="${{ steps.checksums.outputs.win }}"
          sed -i "s|${OLD}/EndpointProtection.pkg|${NEW}/EndpointProtection.pkg|" install-scripts/install-endpoint-mac.sh
          sed -i "s|^DOWNLOAD_SHA256=\"[^\"]*\"|DOWNLOAD_SHA256=\"${MAC_SHA}\"|" install-scripts/install-endpoint-mac.sh
          sed -i "s|${OLD}/EndpointProtection.msi|${NEW}/EndpointProtection.msi|" install-scripts/install-endpoint-windows.ps1
          sed -i 's|^\$DownloadSha256 = "[^"]*"|\$DownloadSha256 = "'"${WIN_SHA}"'"|' install-scripts/install-endpoint-windows.ps1
      - name: Open PR
        if: steps.latest.outputs.version != steps.current.outputs.version
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
        run: |
          NEW="${{ steps.latest.outputs.version }}"
          OLD="${{ steps.current.outputs.version }}"
          BRANCH="bump/endpoint-${NEW}"
          if git ls-remote --exit-code --heads origin "$BRANCH" &>/dev/null; then
            echo "Branch $BRANCH already exists, skipping."
            exit 0
          fi
          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git checkout -b "$BRANCH"
          git add install-scripts/install-endpoint-mac.sh install-scripts/install-endpoint-windows.ps1
          git commit -m "Bump Endpoint to ${NEW}"
          git push origin "$BRANCH"
          PR_URL="https://github.com/${{ github.repository }}/compare/main...${BRANCH}?expand=1"
          curl -s -X POST "$SLACK_WEBHOOK_URL" \
            -H "Content-Type: application/json" \
            -d "{\"text\": \"update to ${NEW} - ${PR_URL}\"}"
--- a/.github/workflows/create-artifact.yml
+++ b/.github/workflows/create-artifact.yml
@ -69,19 +69,21 @@ jobs:
        with:
          node-version: "20.x"
-      - name: Setup safe-chain
+      - name: Setup safe-chain (Mac/Linux)
        if: runner.os != 'Windows'
        run: curl -fsSL https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.sh | sh -s -- --ci
-        shell: bash
+
      - name: Setup safe-chain (Windows)
        if: runner.os == 'Windows'
        shell: pwsh
        run: iex "& { $(iwr 'https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.ps1' -UseBasicParsing) } -ci"
      - name: Install dependencies
        run: npm ci --ignore-scripts
      - name: Set the version in safe-chain package
        if: inputs.version != ''
-        env:
+        run: npm --no-git-tag-version version ${{ inputs.version }} --workspace=packages/safe-chain --ignore-scripts
          VERSION: ${{ inputs.version }}
        shell: bash
        run: npm --no-git-tag-version version $VERSION --workspace=packages/safe-chain --ignore-scripts
      - name: Create binary
        run: |
--- a/.github/workflows/test-on-pr.yml
+++ b/.github/workflows/test-on-pr.yml
@ -22,9 +22,14 @@ jobs:
        with:
          node-version: "lts/*"
-      - name: Setup safe-chain
+      - name: Setup safe-chain (Mac/Linux)
        if: runner.os != 'Windows'
        run: curl -fsSL https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.sh | sh -s -- --ci
-        shell: bash
+
      - name: Setup safe-chain (Windows)
        if: runner.os == 'Windows'
        shell: pwsh
        run: iex "& { $(iwr 'https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.ps1' -UseBasicParsing) } -ci"
      - name: Install dependencies
        run: npm ci --ignore-scripts
@ -77,7 +82,7 @@ jobs:
          - node_version: "20"
            npm_version: "9.0.0"
            yarn_version: "latest"
-            pnpm_version: "10.0.0"
+            pnpm_version: "latest"
          # Version pinning scenario
          - node_version: "22"
            npm_version: "10.2.0"
@ -87,12 +92,17 @@ jobs:
          - node_version: "18"
            npm_version: "latest"
            yarn_version: "latest"
-            pnpm_version: "10.0.0"
+            pnpm_version: "latest"
          # Future compatibility (becomes LTS October 2025)
          - node_version: "24"
            npm_version: "latest"
            yarn_version: "latest"
            pnpm_version: "latest"
          # EOL compatibility testing - Node 16 (EOL Sept 2023)
          - node_version: "16"
            npm_version: "8.0.0"
            yarn_version: "1.22.0"
            pnpm_version: "8.0.0"
    steps:
      - name: Checkout code
--- a/README.md
+++ b/README.md
@ -7,17 +7,9 @@
 - ✅ **Block malware on developer laptops and CI/CD**
 - ✅ **Supports npm and PyPI** more package managers coming
- ✅ **Blocks packages newer than 48 hours** without breaking your build
+- ✅ **Blocks packages newer than 24 hours** without breaking your build
 - ✅ **Tokenless, free, no build data shared**
 ## Need protection beyond npm & PyPI?
 [Aikido Endpoint](https://www.aikido.dev/protect/endpoint-protection?utm_source=github.com&utm_medium=referral&utm_campaign=safechain) builds on Safe Chain, extending package and extension security across more ecosystems: **npm**, **PyPI**, **Maven**, **NuGet**, **VS Code**, **Open VSX** - (Cursor, Windsurf, Kiro, Vs Codium, ...), **Chrome extensions**, **Skills.sh AI skills** and more.
 Get centralized policy management, request-and-approval workflows, and visibility across every developer workstation in your org. Powered by the same Aikido Intel feed. Deploy it manually or manage it through your MDM tool (Jamf, Fleet, or Iru).
 ---
 Aikido Safe Chain supports the following package managers:
 - 📦 **npm**
@ -25,17 +17,13 @@ Aikido Safe Chain supports the following package managers:
 - 📦 **yarn**
 - 📦 **pnpm**
 - 📦 **pnpx**
 - 📦 **rush**
 - 📦 **rushx**
 - 📦 **bun**
 - 📦 **bunx**
 - 📦 **pip**
 - 📦 **pip3**
 - 📦 **uv**
 - 📦 **poetry**
 - 📦 **uvx**
 - 📦 **pipx**
 - 📦 **pdm**
 # Usage
@ -78,7 +66,8 @@ You can find all available versions on the [releases page](https://github.com/Ai
 ### Verify the installation
 1. **❗Restart your terminal** to start using the Aikido Safe Chain.
-   - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, pip, pip3, poetry, uv, uvx, pipx and pdm are loaded correctly. If you do not restart your terminal, the aliases will not be available.
+
   - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, bunx, pip, pip3, poetry, uv and pipx are loaded correctly. If you do not restart your terminal, the aliases will not be available.
 2. **Verify the installation** by running the verification command:
@ -109,7 +98,7 @@ You can find all available versions on the [releases page](https://github.com/Ai
   - The output should show that Aikido Safe Chain is blocking the installation of these test packages as they are flagged as malware.
-When running `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `rush`, `rushx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `uvx`, `poetry`, `pipx` and `pdm` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. It also intercepts Python module invocations for pip when available (e.g., `python -m pip install ...`, `python3 -m pip download ...`). If any malware is detected, it will prompt you to exit the command.
+When running `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `poetry` and `pipx` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. It also intercepts Python module invocations for pip when available (e.g., `python -m pip install ...`, `python3 -m pip download ...`). If any malware is detected, it will prompt you to exit the command.
 You can check the installed version by running:
@ -121,26 +110,17 @@ safe-chain --version
 ### Malware Blocking
-The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry and PyPI. When you run npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, pip, pip3, uv, uvx, poetry, pipx or pdm commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
+The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry and PyPI. When you run npm, npx, yarn, pnpm, pnpx, bun, bunx, pip, pip3, uv, poetry or pipx commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
-### Minimum package age
+### Minimum package age (npm only)
-Safe Chain applies minimum package age checks to supported ecosystems.
+For npm packages, Safe Chain temporarily suppresses packages published within the last 24 hours (by default) until they have been validated against malware. This provides an additional security layer during the critical period when newly published packages are most vulnerable to containing undetected threats. You can configure this threshold or bypass this protection entirely - see the [Minimum Package Age Configuration](#minimum-package-age) section below.
-Current enforcement differs by ecosystem:
+⚠️ This feature **only applies to npm-based package managers** (npm, npx, yarn, pnpm, pnpx, bun, bunx) and does not apply to Python package managers (uv, pip, pip3, poetry, pipx).
 - npm-based package managers:
  - during normal package resolution, Safe Chain suppresses versions that are newer than the configured minimum age from the package metadata returned by the registry
  - for direct package download requests that bypass that metadata flow, Safe Chain can block the request itself using a cached list of newly released packages
 - Python package managers:
  - during package resolution, Safe Chain suppresses too-young files and releases from PyPI metadata responses
  - for direct package download requests that bypass that metadata flow, Safe Chain can block the request itself using a cached list of newly released packages
 By default, the minimum package age is 48 hours. This provides an additional security layer during the critical period when newly published packages are most vulnerable to containing undetected threats. You can configure this threshold or bypass this protection entirely - see the [Minimum Package Age Configuration](#minimum-package-age) section below.
 ### Shell Integration
-The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, and Python package managers (pip, uv, uvx, poetry, pipx, pdm). It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which manage the proxy server before executing the original commands. We currently support:
+The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm, pnpx, bun, bunx, and Python package managers (pip, uv, poetry, pipx). It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which manage the proxy server before executing the original commands. We currently support:
 - ✅ **Bash**
 - ✅ **Zsh**
@ -179,6 +159,7 @@ You can control the output from Aikido Safe Chain using the `--safe-chain-loggin
 You can set the logging level through multiple sources (in order of priority):
 1. **CLI Argument** (highest priority):
   - `--safe-chain-logging=silent` - Suppresses all Aikido Safe Chain output except when malware is blocked. The package manager output is written to stdout as normal, and Safe Chain only writes a short message if it has blocked malware and causes the process to exit.
     ```shell
@ -204,17 +185,7 @@ You can set the logging level through multiple sources (in order of priority):
 ## Minimum Package Age
-You can configure how long packages must exist before Safe Chain allows their installation. By default, packages must be at least 48 hours old before they can be installed.
+You can configure how long packages must exist before Safe Chain allows their installation. By default, packages must be at least 24 hours old before they can be installed through npm-based package managers.
 For npm-based package managers, this check currently has two enforcement modes:
 - Safe Chain suppresses too-young versions from package metadata during normal dependency resolution.
 - Safe Chain blocks direct package download requests when they are matched against the cached newly released packages list.
 For Python package managers, this check currently has two enforcement modes:
 - Safe Chain suppresses too-young files and releases from PyPI metadata during dependency resolution.
 - Safe Chain blocks direct package download requests when they are matched against the cached newly released packages list.
 ### Configuration Options
@ -233,7 +204,7 @@ You can set the minimum package age through multiple sources (in order of priori
   npm install express
   ```
-3. **Config File** (`~/.safe-chain/config.json`):
+3. **Config File** (`~/.aikido/config.json`):
   ```json
   {
@ -241,25 +212,6 @@ You can set the minimum package age through multiple sources (in order of priori
   }
   ```
 ### Excluding Packages
 Exclude trusted packages from minimum age filtering via environment variable or config file (both are merged). Use `@scope/*` to trust all packages from an organization:
 ```shell
 export SAFE_CHAIN_MINIMUM_PACKAGE_AGE_EXCLUSIONS="@aikidosec/*"
 ```
 ```json
 {
  "npm": {
    "minimumPackageAgeExclusions": ["@aikidosec/*"]
  },
  "pip": {
    "minimumPackageAgeExclusions": ["requests"]
  }
 }
 ```
 ## Custom Registries
 Configure Safe Chain to scan packages from custom or private registries.
@ -280,7 +232,7 @@ You can set custom registries through environment variable or config file. Both
   export SAFE_CHAIN_PIP_CUSTOM_REGISTRIES="pip.company.com,registry.internal.net"
   ```
-2. **Config File** (`~/.safe-chain/config.json`):
+2. **Config File** (`~/.aikido/config.json`):
   ```json
   {
@ -293,65 +245,6 @@ You can set custom registries through environment variable or config file. Both
   }
   ```
 ## PYPI Configuration File
 If you rely on a `pip.conf` file for pip configuration you must point pip at it explicitly via the `PIP_CONFIG_FILE` environment variable so Safe Chain can merge it.
 Safe Chain runs pip behind its MITM proxy and writes a temporary pip configuration file to inject its certificate and proxy settings. When `PIP_CONFIG_FILE` is set, Safe Chain merges its settings into a copy of your file (your original file is never modified) so your `index-url`, credentials, and other options are preserved. When `PIP_CONFIG_FILE` is not set, pip's user-level config (e.g. `~/.config/pip/pip.conf`) might be overridden by Safe Chain's temporary file and your settings will not be picked up.
 ## Malware List Base URL
 Configure Safe Chain to fetch malware databases and new packages lists from a custom mirror URL. This allows you to host your own copy of the Aikido malware database.
 ### Configuration Options
 You can set the malware list base URL through multiple sources (in order of priority):
 1. **CLI Argument** (highest priority):
   ```shell
   npm install express --safe-chain-malware-list-base-url=https://your-mirror.com
   ```
 2. **Environment Variable**:
   ```shell
   export SAFE_CHAIN_MALWARE_LIST_BASE_URL=https://your-mirror.com
   npm install express
   ```
 3. **Config File** (`~/.safe-chain/config.json`):
   ```json
   {
     "malwareListBaseUrl": "https://your-mirror.com"
   }
   ```
 The base URL should point to a server that mirrors the structure of `https://malware-list.aikido.dev/`, including the following paths:
 - `/malware_predictions.json` (JavaScript ecosystem malware database)
 - `/malware_pypi.json` (Python ecosystem malware database)
 - `/releases/npm.json` (JavaScript new packages list)
 - `/releases/pypi.json` (Python new packages list)
 ## Custom Install Directory
 By default, Safe Chain installs itself into `~/.safe-chain`. You can change this by passing an explicit install directory to the installer. This is useful for system-wide installations (e.g. inside a Docker image) or when you need to avoid conflicts with other tools.
 When set, all Safe Chain data (binary, shims, scripts, config) is placed under the custom directory instead of `~/.safe-chain`.
 ### Unix/Linux/macOS
 ```shell
 curl -fsSL https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.sh | sh -s -- --install-dir /usr/local/.safe-chain
 ```
 ### Windows
 ```powershell
 iex "& { $(iwr 'https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.ps1' -UseBasicParsing) } -InstallDir 'C:\ProgramData\safe-chain'"
 ```
 # Usage in CI/CD
 You can protect your CI/CD pipelines from malicious packages by integrating Aikido Safe Chain into your build process. This ensures that any packages installed during your automated builds are checked for malware before installation.
@ -378,8 +271,6 @@ iex "& { $(iwr 'https://github.com/AikidoSec/safe-chain/releases/latest/download
 - ✅ **Azure Pipelines**
 - ✅ **CircleCI**
 - ✅ **Jenkins**
 - ✅ **Bitbucket Pipelines**
 - ✅ **GitLab Pipelines**
 ## GitHub Actions Example
@ -442,7 +333,6 @@ pipeline {
  environment {
    // Jenkins does not automatically persist PATH updates from setup-ci,
    // so add the shims + binary directory explicitly for all stages.
    // If you installed into a custom directory, replace ~/.safe-chain with that path here.
    PATH = "${env.HOME}/.safe-chain/shims:${env.HOME}/.safe-chain/bin:${env.PATH}"
  }
@ -470,97 +360,8 @@ pipeline {
 }
 ```
 ## Bitbucket Pipelines Example
 ```yaml
 image: node:22
 steps:
  - step:
      name: Install
      script:
        - curl -fsSL https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.sh | sh -s -- --ci
        - export PATH=~/.safe-chain/shims:~/.safe-chain/bin:$PATH
        - npm ci
 ```
 After setup, all subsequent package manager commands in your CI pipeline will automatically be protected by Aikido Safe Chain's malware detection.
 ## GitLab Pipelines Example
 To add safe-chain in GitLab pipelines, you need to install it in the image running the pipeline. This can be done by:
 1. Define a dockerfile to run your build
   ```dockerfile
   FROM node:lts
   # Install safe-chain
   RUN curl -fsSL https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.sh | sh -s -- --ci
   # Add safe-chain to PATH (update paths if you used a custom install dir)
   ENV PATH="/root/.safe-chain/shims:/root/.safe-chain/bin:${PATH}"
   ```
 2. Build the Docker image in your CI pipeline
   ```yaml
   build-image:
     stage: build-image
     image: docker:latest
     services:
       - docker:dind
     script:
       - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
       - docker build -t $CI_REGISTRY_IMAGE:latest .
       - docker push $CI_REGISTRY_IMAGE:latest
   ```
 3. Use the image in your pipeline:
   ```yaml
   npm-ci:
     stage: install
     image: $CI_REGISTRY_IMAGE:latest
     script:
       - npm ci
   ```
 The full pipeline for this example looks like this:
 ```yaml
 stages:
  - build-image
  - install
 build-image:
  stage: build-image
  image: docker:latest
  services:
    - docker:dind
  script:
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker build -t $CI_REGISTRY_IMAGE:latest .
    - docker push $CI_REGISTRY_IMAGE:latest
 npm-ci:
  stage: install
  image: $CI_REGISTRY_IMAGE:latest
  script:
    - npm ci
 ```
 # Troubleshooting
-Having issues? See the [Troubleshooting Guide](./docs/troubleshooting) for help with common problems.
+Having issues? See the [Troubleshooting Guide](https://github.com/AikidoSec/safe-chain/blob/main/docs/troubleshooting.md) for help with common problems.
 # Report Issues
 If you encounter problems:
 1. Visit [GitHub Issues](https://github.com/AikidoSec/safe-chain/issues)
 2. Include:
   * Operating system and version
   * Shell type and version
   * `safe-chain --version` output
   * Output from verification commands
   * Verbose logs of the failing command (add the `--safe-chain-logging=verbose` argument)
--- a/docs/Release.md
+++ b/docs/Release.md
@ -1,25 +0,0 @@
 # Release Guide
 ## Steps
 ### 1. Create and push a version tag
 ```bash
 git tag 1.0.0
 git push origin 1.0.0
 ```
 This triggers the build pipeline, which compiles binaries for all platforms and creates a draft GitHub release.
 ### 2. Wait for artifacts to build
 Monitor the [Actions tab](https://github.com/AikidoSec/safe-chain/actions) until the `Create Release` workflow completes.
 ### 3. Publish the GitHub release
 1. Go to the [Releases page](https://github.com/AikidoSec/safe-chain/releases)
 2. Open the draft release created for your tag
 3. Add release notes
 4. Click **Publish release**
 Publishing the release automatically triggers an npm publish. Pre-release versions (e.g. `1.0.0-beta`) are published to npm under a tag matching the pre-release identifier (e.g. `beta`). Stable versions are published to the `latest` tag.
--- a/docs/shell-integration.md
+++ b/docs/shell-integration.md
@ -2,7 +2,7 @@
 ## Overview
-The shell integration automatically wraps common package manager commands (`npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `rush`, `rushx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `uvx`, `poetry`, `pipx`) with Aikido's security scanning functionality. It also intercepts Python module invocations for pip when available: `python -m pip`, `python -m pip3`, `python3 -m pip`, `python3 -m pip3`. This is achieved by sourcing startup scripts that define shell functions to wrap these commands with their Aikido-protected equivalents.
+The shell integration automatically wraps common package manager commands (`npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `poetry`, `pipx`) with Aikido's security scanning functionality. It also intercepts Python module invocations for pip when available: `python -m pip`, `python -m pip3`, `python3 -m pip`, `python3 -m pip3`. This is achieved by sourcing startup scripts that define shell functions to wrap these commands with their Aikido-protected equivalents.
 ## Supported Shells
@ -28,7 +28,7 @@ This command:
 - Copies necessary startup scripts to Safe Chain's installation directory (`~/.safe-chain/scripts`)
 - Detects all supported shells on your system
- Sources each shell's startup file to add Safe Chain functions for `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `rush`, `rushx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `uvx`, `poetry` and `pipx`
+- Sources each shell's startup file to add Safe Chain functions for `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `poetry` and `pipx`
 - Adds lightweight interceptors so `python -m pip[...]` and `python3 -m pip[...]` route through Safe Chain when invoked by name
 ❗ After running this command, **you must restart your terminal** for the changes to take effect. This ensures that the startup scripts are sourced correctly.
@ -78,7 +78,7 @@ The system modifies the following files to source Safe Chain startup scripts:
 This means the shell functions are working but the Aikido commands aren't installed or available in your PATH:
 - Make sure Aikido Safe Chain is properly installed on your system
- Verify the `aikido-npm`, `aikido-npx`, `aikido-yarn`, `aikido-pnpm`, `aikido-pnpx`, `aikido-rush`, `aikido-rushx`, `aikido-bun`, `aikido-bunx`, `aikido-pip`, `aikido-pip3`, `aikido-uv`, `aikido-uvx`, `aikido-poetry` and `aikido-pipx` commands exist
+- Verify the `aikido-npm`, `aikido-npx`, `aikido-yarn`, `aikido-pnpm`, `aikido-pnpx`, `aikido-bun`, `aikido-bunx`, `aikido-pip`, `aikido-pip3`, `aikido-uv`, `aikido-poetry` and `aikido-pipx` commands exist
 - Check that these commands are in your system's PATH
 ### Manual Verification
@ -121,7 +121,7 @@ npm() {
 }
 ```
-Repeat this pattern for `npx`, `yarn`, `pnpm`, `pnpx`, `rush`, `rushx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `uvx`, `poetry` and `pipx` using their respective `aikido-*` commands. After adding these functions, restart your terminal to apply the changes.
+Repeat this pattern for `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `poetry` and `pipx` using their respective `aikido-*` commands. After adding these functions, restart your terminal to apply the changes.
 To intercept Python module invocations for pip without altering Python itself, you can add small forwarding functions:
--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@ -4,38 +4,49 @@ This guide helps you diagnose and resolve common issues with Aikido Safe Chain.
 ## Verification & Diagnostics
-**Check Installation**
+### Check Installation
 ```bash
 # Check version
 safe-chain --version
 ```
-**Verify Shell Integration**
+### Verify Shell Integration
 Run the verification command for your package manager:
 ```bash
 npm safe-chain-verify
 pnpm safe-chain-verify
 pip safe-chain-verify
 uv safe-chain-verify
 # Any other supported package manager: {packagemanager} safe-chain-verify
 ```
 ```
 Expected output: `OK: Safe-chain works!`
 ```
-**Test Malware Blocking**
+### Test Malware Blocking
 Verify that malware detection is working:
-```
+
 **For JavaScript/Node.js:**
 ```bash
 npm install safe-chain-test
 ```
 **For Python:**
 ```bash
 pip3 install safe-chain-pi-test
 ```
 These test packages are flagged as malware and should be blocked by Safe Chain.
-**If the test package installs successfully instead of being blocked**, see Malware Not Being Blocked below.
+**If the test package installs successfully instead of being blocked**, see [Malware Not Being Blocked](#malware-not-being-blocked) below.
-## Logging Options
+### Logging Options
 Use logging flags or environment variables to get more information:
@ -63,39 +74,41 @@ Safe-chain blocks malicious packages by intercepting network requests to package
 When a package is already cached locally, the package manager skips downloading it from the registry, which bypasses the proxy.
-**Resolution Steps**
+**Resolution Steps:**
-1) Clear your package manager's cache
+1. **Clear your package manager's cache:**
-```bash
+   ```bash
-# For npm
+   # For npm
-npm cache clean --force
+   npm cache clean --force
-# For pnpm
+   # For pnpm
-pnpm store prune
+   pnpm store prune
-# For yarn (classic)
+   # For yarn (classic)
-yarn cache clean
+   yarn cache clean
-# For yarn (berry/v2+)
+   # For yarn (berry/v2+)
-yarn cache clean --all
+   yarn cache clean --all
-# For bun
+   # For bun
-bun pm cache rm
+   bun pm cache rm
-```
+   ```
-2) Clean local installation artifacts:
+   > **⚠️ Warning:** Cache clearing is safe but will remove all cached packages. Subsequent installations will need to re-download packages. In CI/CD environments or monorepos, this may affect build times.
-```bash
+2. **Clean local installation artifacts:**
 # Remove node_modules if you want a completely fresh install
 rm -rf node_modules
 ```
-3) Re-test malware blocking:
+   ```bash
   # Remove node_modules if you want a completely fresh install
   rm -rf node_modules
   ```
-```bash
+3. **Re-test malware blocking:**
-npm install safe-chain-test    # Should be blocked
+
-```
+   ```bash
   npm install safe-chain-test    # Should be blocked
   ```
 ### Shell Aliases Not Working After Installation
@ -115,10 +128,10 @@ Should show: `npm is a function`
 Check that your startup file sources safe-chain scripts from `~/.safe-chain/scripts/`:
-* Bash: `~/.bashrc`
+- Bash: `~/.bashrc`
-* Zsh: `~/.zshrc`
+- Zsh: `~/.zshrc`
-* Fish: `~/.config/fish/config.fish`
+- Fish: `~/.config/fish/config.fish`
-* PowerShell: `$PROFILE`
+- PowerShell: `$PROFILE`
 ### "Command Not Found: safe-chain"
@ -136,52 +149,19 @@ Should include `~/.safe-chain/bin`
 **If persists:** Re-run the installation script
 ### PowerShell Execution Policy Blocks Scripts (Windows)
 **Symptom:** When opening PowerShell, you see an error like:
 ```
 . : File C:\Users\<username>\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1 cannot be loaded because
 running scripts is disabled on this system.
 CategoryInfo          : SecurityError: (:) [], PSSecurityException
 FullyQualifiedErrorId : UnauthorizedAccess
 ```
 **Cause:** Windows PowerShell's default execution policy (`Restricted`) blocks all script execution, including safe-chain's initialization script that's sourced from your PowerShell profile.
 **Resolution**
 1) Set the execution policy to allow local scripts
 Open PowerShell as Administrator and run:
 ```powershell
 Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
 ```
 This allows:
 * Local scripts (like safe-chain's) to run without signing
 * Downloaded scripts to run only if signed by a trusted publisher
 2) Restart PowerShell and verify the error is resolved.
 > [!IMPORTANT]
 > `RemoteSigned` is Microsoft's recommended execution policy for client computers. It provides a good balance between security and usability.
 ### Shell Aliases Persist After Uninstallation
 **Symptom:** safe-chain commands still active after running uninstall script
-**Steps**
+**Steps:**
 1. Run `safe-chain teardown` (if binary still exists)
 2. Restart your terminal
 3. If still present, manually edit shell config files:
-   * Bash: `~/.bashrc`
+   - Bash: `~/.bashrc`
-   * Zsh: `~/.zshrc`
+   - Zsh: `~/.zshrc`
-   * Fish: `~/.config/fish/config.fish`
+   - Fish: `~/.config/fish/config.fish`
-   * PowerShell: `$PROFILE`
+   - PowerShell: `$PROFILE`
 4. Remove lines that source scripts from `~/.safe-chain/scripts/`
 5. Restart terminal again
@ -206,10 +186,10 @@ type pip
 **Expected `which` output:**
-* Standalone binary (correct): `~/.safe-chain/bin/safe-chain` or `/Users/<username>/.safe-chain/bin/safe-chain`
+- Standalone binary (correct): `~/.safe-chain/bin/safe-chain` or `/Users/<username>/.safe-chain/bin/safe-chain`
-* npm global (outdated): path containing `node_modules` or nvm version paths
+- npm global (outdated): path containing `node_modules` or nvm version paths
-If `which` shows an npm installation, see Check for Conflicting Installations.
+If `which` shows an npm installation, see [Check for Conflicting Installations](#check-for-conflicting-installations).
 ### Check Shell Integration
@ -248,23 +228,23 @@ for version in $(nvm list | grep -oE 'v[0-9]+\.[0-9]+\.[0-9]+'); do
 done
 ```
-### Manual Cleanup
+## Manual Cleanup
 > **Note:** The install and uninstall scripts automatically handle these cleanup steps. Use these manual commands only if automatic cleanup fails.
-#### Remove npm Global Installation
+### Remove npm Global Installation
 ```bash
 npm uninstall -g @aikidosec/safe-chain
 ```
-#### Remove Volta Installation
+### Remove Volta Installation
 ```bash
 volta uninstall @aikidosec/safe-chain
 ```
-#### Remove nvm Installations (All Versions)
+### Remove nvm Installations (All Versions)
 ```bash
 # Automated approach
@ -277,22 +257,50 @@ nvm use <version>
 npm uninstall -g @aikidosec/safe-chain
 ```
-#### Clean Shell Configuration Files
+### Clean Shell Configuration Files
 Manually remove safe-chain entries from:
-* Bash: `~/.bashrc`
+- Bash: `~/.bashrc`
-* Zsh: `~/.zshrc`
+- Zsh: `~/.zshrc`
-* Fish: `~/.config/fish/config.fish`
+- Fish: `~/.config/fish/config.fish`
-* PowerShell: `$PROFILE`
+- PowerShell: `$PROFILE`
 Look for and remove:
-* Lines sourcing from `~/.safe-chain/scripts/`
+- Lines sourcing from `~/.safe-chain/scripts/`
-* Any safe-chain related function definitions
+- Any safe-chain related function definitions
-#### Remove Installation Directory
+### Remove Installation Directory
 ```bash
 rm -rf ~/.safe-chain
 ```
 ## Getting More Information
 ### Enable Verbose Logging
 Get detailed diagnostic output using a CLI flag or environment variable:
 ```bash
 # Using CLI flag
 npm install express --safe-chain-logging=verbose
 pip install requests --safe-chain-logging=verbose
 # Using environment variable (applies to all commands)
 export SAFE_CHAIN_LOGGING=verbose
 npm install express
 ```
 ### Report Issues
 If you encounter problems:
 1. Visit [GitHub Issues](https://github.com/AikidoSec/safe-chain/issues)
 2. Include:
   - Operating system and version
   - Shell type and version
   - `safe-chain --version` output
   - Output from verification commands
   - Verbose logs of the failing command (add the `--safe-chain-logging=verbose` argument)
--- a/install-scripts/install-endpoint-mac.sh
+++ b/install-scripts/install-endpoint-mac.sh
@ -1,133 +0,0 @@
 #!/bin/sh
 # Downloads and installs Aikido Endpoint Protection on macOS
 #
 # Usage: curl -fsSL <url> | sudo sh -s -- --token <TOKEN>
 set -e  # Exit on error
 # Configuration
 INSTALL_URL="https://github.com/AikidoSec/safechain-internals/releases/download/v1.5.6/EndpointProtection.pkg"
 DOWNLOAD_SHA256="345b26168b3090de5268c48d923cdf115cc617c39c37d44cc40fb9150409a6ba"
 TOKEN_FILE="/tmp/aikido_endpoint_token.txt"
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 NC='\033[0m' # No Color
 # Helper functions
 info() {
    printf "${GREEN}[INFO]${NC} %s\n" "$1"
 }
 error() {
    printf "${RED}[ERROR]${NC} %s\n" "$1" >&2
    exit 1
 }
 # Download file
 download() {
    url="$1"
    dest="$2"
    if command -v curl >/dev/null 2>&1; then
        curl -fsSL "$url" -o "$dest" || error "Failed to download from $url"
    elif command -v wget >/dev/null 2>&1; then
        wget -q "$url" -O "$dest" || error "Failed to download from $url"
    else
        error "Neither curl nor wget found. Please install one of them."
    fi
 }
 # Verify SHA256 checksum
 verify_checksum() {
    file="$1"
    expected="$2"
    actual=$(shasum -a 256 "$file" | awk '{ print $1 }')
    if [ "$actual" != "$expected" ]; then
        error "Checksum verification failed. Expected: $expected, Got: $actual"
    fi
    info "Checksum verified successfully."
 }
 # Cleanup temporary files
 cleanup() {
    if [ -f "$PKG_FILE" ]; then
        rm -f "$PKG_FILE"
    fi
    if [ -f "$TOKEN_FILE" ]; then
        rm -f "$TOKEN_FILE"
    fi
 }
 # Parse command-line arguments
 parse_arguments() {
    TOKEN=""
    while [ $# -gt 0 ]; do
        case "$1" in
            --token)
                if [ -z "${2:-}" ]; then
                    error "--token requires a value"
                fi
                TOKEN="$2"
                shift 2
                ;;
            *)
                error "Unknown argument: $1"
                ;;
        esac
    done
 }
 # Main installation
 main() {
    parse_arguments "$@"
    # 1. Check if we're running on macOS
    if [ "$(uname -s)" != "Darwin" ]; then
        error "This script is only supported on macOS."
    fi
    # Check if we're running as root
    if [ "$(id -u)" -ne 0 ]; then
        error "Root privileges required. Please re-run with sudo, e.g.: curl -fsSL <url> | sudo sh -s -- --token <TOKEN>"
    fi
    # Check if token is provided via command argument
    if [ -z "$TOKEN" ]; then
        error "Token is required. Pass it with --token <TOKEN> or enter it when prompted."
    fi
    # Validate token to prevent injection
    case "$TOKEN" in
        *[\"\'\;\`\$\ ]*)
            error "Invalid token format. Token must not contain quotes, semicolons, backticks, dollar signs, or whitespace."
            ;;
    esac
    # 2. Download and verify checksum
    PKG_FILE=$(mktemp /tmp/AikidoEndpoint.XXXXXX.pkg)
    trap cleanup EXIT
    info "Downloading Aikido Endpoint Protection..."
    download "$INSTALL_URL" "$PKG_FILE"
    info "Verifying checksum..."
    verify_checksum "$PKG_FILE" "$DOWNLOAD_SHA256"
    # 3. Write token to file for the installer
    printf "%s" "$TOKEN" > "$TOKEN_FILE"
    # 4. Install the package
    info "Installing Aikido Endpoint Protection..."
    installer -pkg "$PKG_FILE" -target /
    info "Aikido Endpoint Protection installed successfully!"
 }
 main "$@"
--- a/install-scripts/install-endpoint-windows.ps1
+++ b/install-scripts/install-endpoint-windows.ps1
@ -1,100 +0,0 @@
 # Downloads and installs Aikido Endpoint Protection on Windows
 #
 # Usage: iex "& { $(iwr '<url>' -UseBasicParsing) } -token <TOKEN>"
 param(
    [string]$token
 )
 # Configuration
 $InstallUrl = "https://github.com/AikidoSec/safechain-internals/releases/download/v1.5.6/EndpointProtection.msi"
 $DownloadSha256 = "70382b65036c6a4f0fc64e221ab3e74b06ec23bce54f93616a1e59abaac5442d"
 # Ensure TLS 1.2 is enabled for downloads
 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
 # Helper functions
 function Write-Info {
    param([string]$Message)
    Write-Host "[INFO] $Message" -ForegroundColor Green
 }
 function Write-Error-Custom {
    param([string]$Message)
    Write-Host "[ERROR] $Message" -ForegroundColor Red
    exit 1
 }
 # Check if running as Administrator
 function Test-Administrator {
    $identity = [Security.Principal.WindowsIdentity]::GetCurrent()
    $principal = New-Object Security.Principal.WindowsPrincipal($identity)
    return $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
 }
 # Main installation
 function Install-Endpoint {
    # 1. Check if we're running as Administrator
    if (-not (Test-Administrator)) {
        Write-Error-Custom "Administrator privileges required. Please run this script in an elevated terminal (Run as Administrator)."
    }
    # Check if token is provided, prompt if not
    if ([string]::IsNullOrWhiteSpace($token)) {
        $token = Read-Host "Enter your Aikido endpoint token"
        if ([string]::IsNullOrWhiteSpace($token)) {
            Write-Error-Custom "Token is required. Pass it with -token <TOKEN> or enter it when prompted."
        }
    }
    # Validate token to prevent command/property injection via msiexec
    if ($token -match '[";`$\s]') {
        Write-Error-Custom "Invalid token format. Token must not contain quotes, semicolons, backticks, dollar signs, or whitespace."
    }
    # 2. Download the .msi
    $msiFile = Join-Path $env:TEMP "AikidoEndpoint-$([System.Guid]::NewGuid().ToString('N')).msi"
    Write-Info "Downloading Aikido Endpoint Protection..."
    try {
        $ProgressPreference = 'SilentlyContinue'
        Invoke-WebRequest -Uri $InstallUrl -OutFile $msiFile -UseBasicParsing
        $ProgressPreference = 'Continue'
    }
    catch {
        Write-Error-Custom "Failed to download from $InstallUrl : $_"
    }
    try {
        # Verify SHA256 checksum
        Write-Info "Verifying checksum..."
        $actualHash = (Get-FileHash -Path $msiFile -Algorithm SHA256).Hash.ToLower()
        if ($actualHash -ne $DownloadSha256) {
            Write-Error-Custom "Checksum verification failed. Expected: $DownloadSha256, Got: $actualHash"
        }
        Write-Info "Checksum verified successfully."
        # 3. Install the package with token passed as MSI property
        Write-Info "Installing Aikido Endpoint Protection..."
        $process = Start-Process -FilePath "msiexec" -ArgumentList "/i", "`"$msiFile`"", "/qn", "/norestart", "AIKIDO_TOKEN=$token" -Wait -PassThru
        if ($process.ExitCode -ne 0) {
            Write-Error-Custom "MSI installer failed (exit code: $($process.ExitCode))."
        }
        Write-Info "Aikido Endpoint Protection installed successfully!"
    }
    finally {
        # Cleanup
        if (Test-Path $msiFile) {
            Remove-Item -Path $msiFile -Force -ErrorAction SilentlyContinue
        }
    }
 }
 # Run installation
 try {
    Install-Endpoint
 }
 catch {
    Write-Error-Custom "Installation failed: $_"
 }
--- a/install-scripts/install-safe-chain.ps1
+++ b/install-scripts/install-safe-chain.ps1
@ -4,68 +4,13 @@
 param(
    [switch]$ci,
-    [switch]$includepython,
+    [switch]$includepython
    [string]$InstallDir
 )
 # Validates and normalizes the requested install directory.
 # Rejects non-absolute, root, PATH-like, and traversal-containing paths.
 function Test-InstallDir {
    param([string]$Dir)
    if ([string]::IsNullOrWhiteSpace($Dir)) {
        return @{ Ok = $true; Normalized = $null }
    }
    if (-not [System.IO.Path]::IsPathRooted($Dir)) {
        return @{ Ok = $false; Reason = "-InstallDir must be an absolute path, got: $Dir" }
    }
    if ($Dir.Contains([System.IO.Path]::PathSeparator)) {
        return @{ Ok = $false; Reason = "-InstallDir must not contain the PATH separator ($([System.IO.Path]::PathSeparator))" }
    }
    $inputSegments = $Dir.Split([char[]]@('\', '/'), [System.StringSplitOptions]::RemoveEmptyEntries)
    if ($inputSegments -contains "..") {
        return @{ Ok = $false; Reason = "-InstallDir must not contain path traversal segments" }
    }
    $normalized = [System.IO.Path]::GetFullPath($Dir)
    $root = [System.IO.Path]::GetPathRoot($normalized)
    if ($normalized.TrimEnd('\', '/') -eq $root.TrimEnd('\', '/')) {
        return @{ Ok = $false; Reason = "-InstallDir cannot be a root or drive-root directory" }
    }
    return @{ Ok = $true; Normalized = $normalized }
 }
 $Version = $env:SAFE_CHAIN_VERSION  # Will be fetched from latest release if not set
-$SafeChainBase = if ($InstallDir) { $InstallDir } else { Join-Path $HOME ".safe-chain" }
+$InstallDir = Join-Path $env:USERPROFILE ".safe-chain\bin"
 $installDirValidation = Test-InstallDir -Dir $SafeChainBase
 if (-not $installDirValidation.Ok) {
    Write-Host "[ERROR] $($installDirValidation.Reason)" -ForegroundColor Red
    exit 1
 }
 $SafeChainBase = $installDirValidation.Normalized
 $InstallDir = Join-Path $SafeChainBase "bin"
 $RepoUrl = "https://github.com/AikidoSec/safe-chain"
 # SHA256 checksums for release binaries.
 # Empty in source; populated by the release pipeline.
 # When empty (running from main), checksum verification is skipped.
 # Non-Windows hashes are unused today (PS script is Windows-only) but baked in
 # for future cross-platform support.
 $SHA256_MACOS_X64 = ""
 $SHA256_MACOS_ARM64 = ""
 $SHA256_LINUX_X64 = ""
 $SHA256_LINUX_ARM64 = ""
 $SHA256_LINUXSTATIC_X64 = ""
 $SHA256_LINUXSTATIC_ARM64 = ""
 $SHA256_WIN_X64 = ""
 $SHA256_WIN_ARM64 = ""
 # Ensure TLS 1.2 is enabled for downloads
 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
@ -153,91 +98,6 @@ function Get-Architecture {
    }
 }
 # Emits the deprecation warning for SAFE_CHAIN_VERSION and prints the version-pinned install command.
 # Returns immediately when no version was provided through the environment.
 function Write-VersionDeprecationWarning {
    if ([string]::IsNullOrWhiteSpace($env:SAFE_CHAIN_VERSION)) {
        return
    }
    Write-Warn "SAFE_CHAIN_VERSION environment variable is deprecated."
    Write-Warn ""
    Write-Warn "Please use direct download URLs for version pinning instead:"
    Write-Warn ""
    if ($ci) {
        Write-Warn "  iex `"& { `$(iwr 'https://github.com/AikidoSec/safe-chain/releases/download/$env:SAFE_CHAIN_VERSION/install-safe-chain.ps1' -UseBasicParsing) } -ci`""
    } else {
        Write-Warn "  iex (iwr `"https://github.com/AikidoSec/safe-chain/releases/download/$env:SAFE_CHAIN_VERSION/install-safe-chain.ps1`" -UseBasicParsing)"
    }
    Write-Warn ""
 }
 # Builds the Windows release binary filename for the detected architecture.
 # Centralizes binary name generation for the download step.
 function Get-BinaryName {
    param([string]$Architecture)
    return "safe-chain-win-$Architecture.exe"
 }
 # Returns the expected SHA256 for the given OS+arch, or empty if not baked in.
 function Get-ExpectedSha256 {
    param([string]$Os, [string]$Architecture)
    switch ("$Os-$Architecture") {
        "macos-x64"         { return $SHA256_MACOS_X64 }
        "macos-arm64"       { return $SHA256_MACOS_ARM64 }
        "linux-x64"         { return $SHA256_LINUX_X64 }
        "linux-arm64"       { return $SHA256_LINUX_ARM64 }
        "linuxstatic-x64"   { return $SHA256_LINUXSTATIC_X64 }
        "linuxstatic-arm64" { return $SHA256_LINUXSTATIC_ARM64 }
        "win-x64"           { return $SHA256_WIN_X64 }
        "win-arm64"         { return $SHA256_WIN_ARM64 }
        default             { return "" }
    }
 }
 function Test-Checksum {
    param([string]$File, [string]$Expected)
    if ([string]::IsNullOrWhiteSpace($Expected)) { return }
    $actual = (Get-FileHash -Path $File -Algorithm SHA256).Hash.ToLowerInvariant()
    $expectedLower = $Expected.ToLowerInvariant()
    if ($actual -ne $expectedLower) {
        Remove-Item -Path $File -Force -ErrorAction SilentlyContinue
        Write-Error-Custom "Checksum verification failed. Expected: $expectedLower, Got: $actual"
    }
    Write-Info "Checksum verified."
 }
 # Runs safe-chain setup or setup-ci after the binary is installed.
 # Temporarily appends the install directory to PATH and downgrades setup failures to warnings.
 function Invoke-SafeChainSetup {
    param(
        [string]$BinaryPath,
        [string]$InstallDirectory
    )
    $setupCmd = if ($ci) { "setup-ci" } else { "setup" }
    Write-Info "Running safe-chain $setupCmd..."
    try {
        $env:Path = "$env:Path;$InstallDirectory"
        & $BinaryPath $setupCmd
        if ($LASTEXITCODE -ne 0) {
            Write-Warn "safe-chain was installed but setup encountered issues."
            Write-Warn "You can run 'safe-chain $setupCmd' manually later."
        }
    }
    catch {
        Write-Warn "safe-chain was installed but setup encountered issues: $_"
        Write-Warn "You can run 'safe-chain $setupCmd' manually later."
    }
 }
 # Check and uninstall npm global package if present
 function Remove-NpmInstallation {
    # Check if npm is available
@ -289,7 +149,19 @@ function Remove-VoltaInstallation {
 # Main installation
 function Install-SafeChain {
-    Write-VersionDeprecationWarning
+    # Show deprecation warning if SAFE_CHAIN_VERSION is set
    if (-not [string]::IsNullOrWhiteSpace($env:SAFE_CHAIN_VERSION)) {
        Write-Warn "SAFE_CHAIN_VERSION environment variable is deprecated."
        Write-Warn ""
        Write-Warn "Please use direct download URLs for version pinning instead:"
        Write-Warn ""
        if ($ci) {
            Write-Warn "  iex `"& { `$(iwr 'https://github.com/AikidoSec/safe-chain/releases/download/$env:SAFE_CHAIN_VERSION/install-safe-chain.ps1' -UseBasicParsing) } -ci`""
        } else {
            Write-Warn "  iex (iwr `"https://github.com/AikidoSec/safe-chain/releases/download/$env:SAFE_CHAIN_VERSION/install-safe-chain.ps1`" -UseBasicParsing)"
        }
        Write-Warn ""
    }
    # Fetch latest version if VERSION is not set
    if ([string]::IsNullOrWhiteSpace($Version)) {
@ -320,7 +192,7 @@ function Install-SafeChain {
    # Detect platform
    $arch = Get-Architecture
-    $binaryName = Get-BinaryName -Architecture $arch
+    $binaryName = "safe-chain-win-$arch.exe"
    Write-Info "Detected architecture: $arch"
@ -351,9 +223,6 @@ function Install-SafeChain {
        Write-Error-Custom "Failed to download from $downloadUrl : $_"
    }
    $expectedSha = Get-ExpectedSha256 -Os "win" -Architecture $arch
    Test-Checksum -File $tempFile -Expected $expectedSha
    # Rename to final location
    $finalFile = Join-Path $InstallDir "safe-chain.exe"
    try {
@ -369,7 +238,31 @@ function Install-SafeChain {
    Write-Info "Binary installed to: $finalFile"
-    Invoke-SafeChainSetup -BinaryPath $finalFile -InstallDirectory $InstallDir
+    # Build setup command based on parameters
    $setupCmd = if ($ci) { "setup-ci" } else { "setup" }
    $setupArgs = @()
    # Execute safe-chain setup
    Write-Info "Running safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })..."
    try {
        $env:Path = "$env:Path;$InstallDir"
        if ($setupArgs) {
            & $finalFile $setupCmd $setupArgs
        }
        else {
            & $finalFile $setupCmd
        }
        if ($LASTEXITCODE -ne 0) {
            Write-Warn "safe-chain was installed but setup encountered issues."
            Write-Warn "You can run 'safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })' manually later."
        }
    }
    catch {
        Write-Warn "safe-chain was installed but setup encountered issues: $_"
        Write-Warn "You can run 'safe-chain $setupCmd $(if ($setupArgs) { $setupArgs -join ' ' })' manually later."
    }
 }
 # Run installation
--- a/install-scripts/install-safe-chain.sh
+++ b/install-scripts/install-safe-chain.sh
@ -6,67 +6,11 @@
 set -e  # Exit on error
 # Validates a user-provided install dir and exits on unsafe values.
 # Rejects relative paths, root paths, PATH separators, and traversal segments.
 validate_install_dir() {
    dir="$1"
    if [ -z "$dir" ]; then
        return 0
    fi
    case "$dir" in
        /*) ;;
        *)
            printf '[ERROR] --install-dir must be an absolute path, got: %s\n' "$dir" >&2
            exit 1
            ;;
    esac
    case "$dir" in
        *:*)
            printf '[ERROR] --install-dir must not contain the PATH separator (:)\n' >&2
            exit 1
            ;;
    esac
    if [ "$dir" = "/" ]; then
        printf '[ERROR] --install-dir cannot be a root or drive-root directory\n' >&2
        exit 1
    fi
    old_ifs=$IFS
    IFS='/'
    set -- $dir
    IFS=$old_ifs
    for segment in "$@"; do
        if [ "$segment" = ".." ]; then
            printf '[ERROR] --install-dir must not contain path traversal segments\n' >&2
            exit 1
        fi
    done
 }
 # Configuration
 VERSION="${SAFE_CHAIN_VERSION:-}"  # Will be fetched from latest release if not set
-SAFE_CHAIN_BASE="${HOME}/.safe-chain"
+INSTALL_DIR="${HOME}/.safe-chain/bin"
 INSTALL_DIR="${SAFE_CHAIN_BASE}/bin"
 REPO_URL="https://github.com/AikidoSec/safe-chain"
 # SHA256 checksums for release binaries.
 # Empty in source; populated by the release pipeline via sed.
 # When empty (running from main), checksum verification is skipped.
 SHA256_MACOS_X64=""
 SHA256_MACOS_ARM64=""
 SHA256_LINUX_X64=""
 SHA256_LINUX_ARM64=""
 SHA256_LINUXSTATIC_X64=""
 SHA256_LINUXSTATIC_ARM64=""
 SHA256_WIN_X64=""
 SHA256_WIN_ARM64=""
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
@ -98,9 +42,8 @@ detect_os() {
                echo "linuxstatic"
            fi
            ;;
-        Darwin*)                echo "macos" ;;
+        Darwin*)    echo "macos" ;;
-        MINGW*|MSYS*|CYGWIN*)   echo "win" ;;
+        *)          error "Unsupported operating system: $(uname -s)" ;;
        *)                      error "Unsupported operating system: $(uname -s)" ;;
    esac
 }
@ -168,57 +111,6 @@ fetch_latest_version() {
    echo "$latest_version"
 }
 # Returns the expected SHA256 for the detected platform, or empty if the
 # release pipeline has not baked one in (i.e. running the source from main).
 get_expected_sha256() {
    os="$1"; arch="$2"
    case "${os}-${arch}" in
        macos-x64)         echo "$SHA256_MACOS_X64" ;;
        macos-arm64)       echo "$SHA256_MACOS_ARM64" ;;
        linux-x64)         echo "$SHA256_LINUX_X64" ;;
        linux-arm64)       echo "$SHA256_LINUX_ARM64" ;;
        linuxstatic-x64)   echo "$SHA256_LINUXSTATIC_X64" ;;
        linuxstatic-arm64) echo "$SHA256_LINUXSTATIC_ARM64" ;;
        win-x64)           echo "$SHA256_WIN_X64" ;;
        win-arm64)         echo "$SHA256_WIN_ARM64" ;;
        *)                 echo "" ;;
    esac
 }
 compute_sha256() {
    file="$1"
    if command_exists sha256sum; then
        sha256sum "$file" | awk '{print $1}'
    elif command_exists shasum; then
        shasum -a 256 "$file" | awk '{print $1}'
    else
        echo ""
    fi
 }
 # Verifies the downloaded binary against the expected hash baked in by the release pipeline.
 # No-op when no expected hash is set (running the script from main).
 verify_checksum() {
    file="$1"; expected="$2"
    if [ -z "$expected" ]; then
        return
    fi
    actual=$(compute_sha256 "$file")
    if [ -z "$actual" ]; then
        rm -f "$file"
        error "Cannot verify checksum: neither sha256sum nor shasum is available. Install one and re-run."
    fi
    if [ "$actual" != "$expected" ]; then
        rm -f "$file"
        error "Checksum verification failed. Expected: $expected, Got: $actual"
    fi
    info "Checksum verified."
 }
 # Download file
 download() {
    url="$1"
@ -233,75 +125,6 @@ download() {
    fi
 }
 # Prints the deprecation warning for SAFE_CHAIN_VERSION and the replacement install command.
 # Returns immediately when no version was pinned through the environment.
 warn_deprecated_version_env() {
    if [ -z "$SAFE_CHAIN_VERSION" ]; then
        return
    fi
    warn "SAFE_CHAIN_VERSION environment variable is deprecated."
    warn ""
    warn "Please use direct download URLs for version pinning instead:"
    warn ""
    if [ "$USE_CI_SETUP" = "true" ]; then
        warn "  curl -fsSL https://github.com/AikidoSec/safe-chain/releases/download/${SAFE_CHAIN_VERSION}/install-safe-chain.sh | sh -s -- --ci"
    else
        warn "  curl -fsSL https://github.com/AikidoSec/safe-chain/releases/download/${SAFE_CHAIN_VERSION}/install-safe-chain.sh | sh"
    fi
    warn ""
 }
 # Ensures VERSION is populated before installation continues.
 # Fetches the latest release only when no explicit version was provided.
 ensure_version() {
    if [ -n "$VERSION" ]; then
        return
    fi
    info "Fetching latest release version..."
    VERSION=$(fetch_latest_version)
 }
 # Constructs platform-specific binary filename to match GitHub release asset naming convention.
 get_binary_name() {
    os="$1"
    arch="$2"
    if [ "$os" = "win" ]; then
        printf 'safe-chain-%s-%s.exe\n' "$os" "$arch"
    else
        printf 'safe-chain-%s-%s\n' "$os" "$arch"
    fi
 }
 # Returns the final installation path for the downloaded safe-chain binary.
 # Uses INSTALL_DIR and the platform-specific executable name.
 get_final_binary_path() {
    os="$1"
    if [ "$os" = "win" ]; then
        printf '%s/safe-chain.exe\n' "$INSTALL_DIR"
    else
        printf '%s/safe-chain\n' "$INSTALL_DIR"
    fi
 }
 run_setup_command() {
    final_file="$1"
    setup_cmd="setup"
    if [ "$USE_CI_SETUP" = "true" ]; then
        setup_cmd="setup-ci"
    fi
    info "Running safe-chain $setup_cmd..."
    if ! "$final_file" "$setup_cmd"; then
        warn "safe-chain was installed but setup encountered issues."
        warn "You can run 'safe-chain $setup_cmd' manually later."
    fi
 }
 # Check and uninstall npm global package if present
 remove_npm_installation() {
    if ! command_exists npm; then
@ -405,39 +228,19 @@ remove_nvm_installation() {
 # Parse command-line arguments
 parse_arguments() {
-    while [ $# -gt 0 ]; do
+    for arg in "$@"; do
-        case "$1" in
+        case "$arg" in
            --ci)
                USE_CI_SETUP=true
                ;;
            --install-dir)
                shift
                if [ $# -eq 0 ]; then
                    error "Missing value for --install-dir"
                fi
                if [ -z "$1" ]; then
                    error "--install-dir must not be empty"
                fi
                SAFE_CHAIN_BASE="$1"
                ;;
            --install-dir=*)
                SAFE_CHAIN_BASE="${1#--install-dir=}"
                if [ -z "$SAFE_CHAIN_BASE" ]; then
                    error "--install-dir must not be empty"
                fi
                ;;
            --include-python)
                warn "--include-python is deprecated and ignored. Python ecosystem is now included by default."
                ;;
            *)
-                error "Unknown argument: $1"
+                error "Unknown argument: $arg"
                ;;
        esac
        shift
    done
    validate_install_dir "${SAFE_CHAIN_BASE}"
    INSTALL_DIR="${SAFE_CHAIN_BASE}/bin"
 }
 # Main installation
@ -448,9 +251,25 @@ main() {
    # Parse command-line arguments
    parse_arguments "$@"
-    warn_deprecated_version_env
+    # Show deprecation warning if SAFE_CHAIN_VERSION is set
    if [ -n "$SAFE_CHAIN_VERSION" ]; then
        warn "SAFE_CHAIN_VERSION environment variable is deprecated."
        warn ""
        warn "Please use direct download URLs for version pinning instead:"
        warn ""
        if [ "$USE_CI_SETUP" = "true" ]; then
            warn "  curl -fsSL https://github.com/AikidoSec/safe-chain/releases/download/${SAFE_CHAIN_VERSION}/install-safe-chain.sh | sh -s -- --ci"
        else
            warn "  curl -fsSL https://github.com/AikidoSec/safe-chain/releases/download/${SAFE_CHAIN_VERSION}/install-safe-chain.sh | sh"
        fi
        warn ""
    fi
-    ensure_version
+    # Fetch latest version if VERSION is not set
    if [ -z "$VERSION" ]; then
        info "Fetching latest release version..."
        VERSION=$(fetch_latest_version)
    fi
    # Check if the requested version is already installed
    if is_version_installed "$VERSION"; then
@ -474,7 +293,7 @@ main() {
    # Detect platform
    OS=$(detect_os)
    ARCH=$(detect_arch)
-    BINARY_NAME=$(get_binary_name "$OS" "$ARCH")
+    BINARY_NAME="safe-chain-${OS}-${ARCH}"
    info "Detected platform: ${OS}-${ARCH}"
@ -491,19 +310,56 @@ main() {
    info "Downloading from: $DOWNLOAD_URL"
    download "$DOWNLOAD_URL" "$TEMP_FILE"
    EXPECTED_SHA256=$(get_expected_sha256 "$OS" "$ARCH")
    verify_checksum "$TEMP_FILE" "$EXPECTED_SHA256"
    # Rename and make executable
-    FINAL_FILE=$(get_final_binary_path "$OS")
+    FINAL_FILE="${INSTALL_DIR}/safe-chain"
    mv "$TEMP_FILE" "$FINAL_FILE" || error "Failed to move binary to $FINAL_FILE"
-    if [ "$OS" != "win" ]; then
+    chmod +x "$FINAL_FILE" || error "Failed to make binary executable"
        chmod +x "$FINAL_FILE" || error "Failed to make binary executable"
    fi
    info "Binary installed to: $FINAL_FILE"
-    run_setup_command "$FINAL_FILE"
+    # Download safechain-proxy
    if [ "$OS" = "macos" ] || [ "$OS" = "linux" ] || [ "$OS" = "linuxstatic" ]; then
        info "Downloading safechain-proxy..."
        if [ "$OS" = "macos" ]; then
            if [ "$ARCH" = "arm64" ]; then
                PROXY_URL="https://github.com/AikidoSec/safechain-internals/releases/download/v0.2.0/safechain-proxy-darwin-arm64"
            else
                PROXY_URL="https://github.com/AikidoSec/safechain-internals/releases/download/v0.2.0/safechain-proxy-darwin-amd64"
            fi
        else
            # Linux (both linux and linuxstatic)
            if [ "$ARCH" = "x64" ]; then
                PROXY_URL="https://github.com/AikidoSec/safechain-internals/releases/download/v0.2.0/safechain-proxy-linux-amd64"
            else
                # Skip for non-x64 Linux architectures
                info "Skipping safechain-proxy download (not available for linux-${ARCH})"
                PROXY_URL=""
            fi
        fi
        if [ -n "$PROXY_URL" ]; then
            PROXY_FILE="${INSTALL_DIR}/safechain-proxy"
            download "$PROXY_URL" "$PROXY_FILE"
            chmod +x "$PROXY_FILE" || error "Failed to make proxy executable"
            info "Proxy installed to: $PROXY_FILE"
        fi
    fi
    # Build setup command based on arguments
    SETUP_CMD="setup"
    SETUP_ARGS=""
    if [ "$USE_CI_SETUP" = "true" ]; then
        SETUP_CMD="setup-ci"
    fi
    # Execute safe-chain setup
    info "Running safe-chain $SETUP_CMD $SETUP_ARGS..."
    if ! "$FINAL_FILE" $SETUP_CMD $SETUP_ARGS; then
        warn "safe-chain was installed but setup encountered issues."
        warn "You can run 'safe-chain $SETUP_CMD $SETUP_ARGS' manually later."
    fi
 }
 main "$@"
--- a/install-scripts/uninstall-endpoint-mac.sh
+++ b/install-scripts/uninstall-endpoint-mac.sh
@ -1,50 +0,0 @@
 #!/bin/sh
 # Uninstalls Aikido Endpoint Protection on macOS
 #
 # Usage: curl -fsSL <url> | sudo sh
 set -e  # Exit on error
 # Configuration
 UNINSTALL_SCRIPT="/Applications/Aikido Endpoint Protection.app/Contents/Resources/scripts/uninstall"
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 NC='\033[0m' # No Color
 # Helper functions
 info() {
    printf "${GREEN}[INFO]${NC} %s\n" "$1"
 }
 error() {
    printf "${RED}[ERROR]${NC} %s\n" "$1" >&2
    exit 1
 }
 # Main uninstallation
 main() {
    # Check if we're running on macOS
    if [ "$(uname -s)" != "Darwin" ]; then
        error "This script is only supported on macOS."
    fi
    # Check if we're running as root
    if [ "$(id -u)" -ne 0 ]; then
        error "Root privileges required. Please re-run with sudo, e.g.: curl -fsSL <url> | sudo sh"
    fi
    # Check if the uninstall script exists
    if [ ! -f "$UNINSTALL_SCRIPT" ]; then
        error "Aikido Endpoint Protection does not appear to be installed (uninstall script not found)."
    fi
    info "Uninstalling Aikido Endpoint Protection..."
    "$UNINSTALL_SCRIPT"
    info "Aikido Endpoint Protection uninstalled successfully!"
 }
 main "$@"
--- a/install-scripts/uninstall-endpoint-windows.ps1
+++ b/install-scripts/uninstall-endpoint-windows.ps1
@ -1,59 +0,0 @@
 # Uninstalls Aikido Endpoint Protection endpoint on Windows
 #
 # Usage: iex (iwr '<url>' -UseBasicParsing)
 # Configuration
 $AppName = "Aikido Endpoint Protection"
 # Helper functions
 function Write-Info {
    param([string]$Message)
    Write-Host "[INFO] $Message" -ForegroundColor Green
 }
 function Write-Error-Custom {
    param([string]$Message)
    Write-Host "[ERROR] $Message" -ForegroundColor Red
    exit 1
 }
 # Check if running as Administrator
 function Test-Administrator {
    $identity = [Security.Principal.WindowsIdentity]::GetCurrent()
    $principal = New-Object Security.Principal.WindowsPrincipal($identity)
    return $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
 }
 # Main uninstallation
 function Uninstall-Endpoint {
    # Check if we're running as Administrator
    if (-not (Test-Administrator)) {
        Write-Error-Custom "Administrator privileges required. Please run this script in an elevated terminal (Run as Administrator)."
    }
    # Find the installed product
    Write-Info "Looking for Aikido Endpoint Protection installation..."
    $app = Get-WmiObject -Class Win32_Product -Filter "Name='$AppName'"
    if (-not $app) {
        Write-Error-Custom "Aikido Endpoint Protection does not appear to be installed."
    }
    $productCode = $app.IdentifyingNumber
    Write-Info "Uninstalling Aikido Endpoint Protection..."
    $process = Start-Process -FilePath "msiexec" -ArgumentList "/x", $productCode, "/qn", "/norestart" -Wait -PassThru
    if ($process.ExitCode -ne 0) {
        Write-Error-Custom "Uninstall failed (exit code: $($process.ExitCode))."
    }
    Write-Info "Aikido Endpoint Protection uninstalled successfully!"
 }
 # Run uninstallation
 try {
    Uninstall-Endpoint
 }
 catch {
    Write-Error-Custom "Uninstallation failed: $_"
 }
--- a/install-scripts/uninstall-safe-chain.ps1
+++ b/install-scripts/uninstall-safe-chain.ps1
@ -4,6 +4,7 @@
 # Use HOME on Unix, USERPROFILE on Windows (PowerShell Core is cross-platform)
 $HomeDir = if ($env:HOME) { $env:HOME } else { $env:USERPROFILE }
 $InstallDir = Join-Path $HomeDir ".safe-chain/bin"
 # Helper functions
 function Write-Info {
@ -22,146 +23,6 @@ function Write-Error-Custom {
    exit 1
 }
 # Derives the safe-chain base install directory from a resolved binary path.
 # Rejects wrapper scripts and paths that do not match the packaged bin layout.
 function Get-InstallDirFromBinaryPath {
    param([string]$BinaryPath)
    if ([string]::IsNullOrWhiteSpace($BinaryPath)) {
        return $null
    }
    try {
        $resolvedPath = (Resolve-Path -LiteralPath $BinaryPath -ErrorAction Stop).Path
    }
    catch {
        $resolvedPath = [System.IO.Path]::GetFullPath($BinaryPath)
    }
    $fileName = [System.IO.Path]::GetFileName($resolvedPath)
    if (($fileName -ne "safe-chain") -and ($fileName -ne "safe-chain.exe")) {
        return $null
    }
    if ($resolvedPath -match '\.(js|cjs|mjs|cmd|ps1)$') {
        return $null
    }
    $binDir = Split-Path -Parent $resolvedPath
    if ((Split-Path -Leaf $binDir) -ne "bin") {
        return $null
    }
    return (Split-Path -Parent $binDir)
 }
 # Returns the first safe-chain command found on PATH, if any.
 # Used as the starting point for install-dir discovery.
 function Get-SafeChainCommand {
    return Get-Command safe-chain -ErrorAction SilentlyContinue | Select-Object -First 1
 }
 # Returns the safe-chain command path only when it points to a valid packaged binary install.
 # Prevents teardown from invoking arbitrary wrappers or scripts from PATH.
 function Get-ValidatedSafeChainCommandPath {
    $command = Get-SafeChainCommand
    if (-not $command -or [string]::IsNullOrWhiteSpace($command.Path)) {
        return $null
    }
    $installDir = Get-InstallDirFromBinaryPath -BinaryPath $command.Path
    if (-not $installDir) {
        return $null
    }
    return $command.Path
 }
 # Invokes the validated safe-chain binary with get-install-dir and returns the reported base directory.
 # Safely returns $null when the command is unavailable or the lookup fails.
 function Get-ReportedInstallDir {
    $safeChainPath = Get-ValidatedSafeChainCommandPath
    if (-not $safeChainPath) {
        return $null
    }
    try {
        $reportedInstallDir = & $safeChainPath get-install-dir 2>$null | Select-Object -First 1
        if ($reportedInstallDir) {
            $reportedInstallDir = $reportedInstallDir.Trim()
        }
        if ($reportedInstallDir) {
            return $reportedInstallDir
        }
    }
    catch {
        return $null
    }
    return $null
 }
 # Determines the safe-chain base install directory for uninstall.
 # Prefers the binary-reported location, then derives it from PATH, then falls back to the default home-dir layout.
 function Get-SafeChainInstallDir {
    $reportedInstallDir = Get-ReportedInstallDir
    if ($reportedInstallDir) {
        return $reportedInstallDir
    }
    $command = Get-SafeChainCommand
    if ($command -and $command.Path) {
        $discoveredInstallDir = Get-InstallDirFromBinaryPath -BinaryPath $command.Path
        if ($discoveredInstallDir) {
            return $discoveredInstallDir
        }
    }
    return (Join-Path $HomeDir ".safe-chain")
 }
 # Finds the installed safe-chain binary inside the resolved install directory.
 # Falls back to a validated safe-chain command when the expected file is missing.
 function Find-SafeChainBinary {
    param([string]$DotSafeChain)
    $safeChainExe = Join-Path $DotSafeChain "bin/safe-chain.exe"
    $safeChainBin = Join-Path $DotSafeChain "bin/safe-chain"
    if (Test-Path $safeChainExe) {
        return $safeChainExe
    }
    if (Test-Path $safeChainBin) {
        return $safeChainBin
    }
    return Get-ValidatedSafeChainCommandPath
 }
 # Runs safe-chain teardown before removing the installation directory.
 # Converts teardown failures into warnings so uninstall can still complete.
 function Invoke-SafeChainTeardown {
    param([string]$SafeChainPath)
    if (-not $SafeChainPath) {
        Write-Warn "safe-chain command not found. Proceeding with uninstallation."
        return
    }
    Write-Info "Running safe-chain teardown..."
    try {
        & $SafeChainPath teardown
        if ($LASTEXITCODE -ne 0) {
            Write-Warn "safe-chain teardown encountered issues, continuing with uninstallation..."
        }
    }
    catch {
        Write-Warn "safe-chain teardown encountered issues: $_"
        Write-Warn "Continuing with uninstallation..."
    }
 }
 # Check and uninstall npm global package if present
 function Remove-NpmInstallation {
    # Check if npm is available
@ -214,27 +75,82 @@ function Remove-VoltaInstallation {
 # Main uninstallation
 function Uninstall-SafeChain {
    Write-Info "Uninstalling safe-chain..."
-    $DotSafeChain = Get-SafeChainInstallDir
+
-    $safeChainPath = Find-SafeChainBinary -DotSafeChain $DotSafeChain
+    # Run teardown if safe-chain is available
-    Invoke-SafeChainTeardown -SafeChainPath $safeChainPath
+    # Check for both safe-chain.exe (Windows) and safe-chain (Unix) since PowerShell Core runs on all platforms
    $safeChainExe = Join-Path $InstallDir "safe-chain.exe"
    $safeChainBin = Join-Path $InstallDir "safe-chain"
    $safeChainPath = $null
    if (Test-Path $safeChainExe) {
        $safeChainPath = $safeChainExe
    }
    elseif (Test-Path $safeChainBin) {
        $safeChainPath = $safeChainBin
    }
    if ($safeChainPath) {
        Write-Info "Running safe-chain teardown..."
        try {
            & $safeChainPath teardown
            if ($LASTEXITCODE -ne 0) {
                Write-Warn "safe-chain teardown encountered issues, continuing with uninstallation..."
            }
        }
        catch {
            Write-Warn "safe-chain teardown encountered issues: $_"
            Write-Warn "Continuing with uninstallation..."
        }
    }
    elseif (Get-Command safe-chain -ErrorAction SilentlyContinue) {
        Write-Info "Running safe-chain teardown..."
        try {
            safe-chain teardown
            if ($LASTEXITCODE -ne 0) {
                Write-Warn "safe-chain teardown encountered issues, continuing with uninstallation..."
            }
        }
        catch {
            Write-Warn "safe-chain teardown encountered issues: $_"
            Write-Warn "Continuing with uninstallation..."
        }
    }
    else {
        Write-Warn "safe-chain command not found. Proceeding with uninstallation."
    }
    # Remove npm and Volta installations
    Remove-NpmInstallation
    Remove-VoltaInstallation
-    # Remove .safe-chain directory
+    # Remove installation directory
-    if (Test-Path $DotSafeChain) {
+    if (Test-Path $InstallDir) {
-        Write-Info "Removing installation directory: $DotSafeChain"
+        Write-Info "Removing installation directory: $InstallDir"
        try {
-            Remove-Item -Path $DotSafeChain -Recurse -Force
+            Remove-Item -Path $InstallDir -Recurse -Force
            Write-Info "Successfully removed installation directory"
        }
        catch {
-            Write-Error-Custom "Failed to remove $DotSafeChain : $_"
+            Write-Error-Custom "Failed to remove $InstallDir : $_"
        }
    }
    else {
-        Write-Info "Installation directory $DotSafeChain does not exist. Nothing to remove."
+        Write-Info "Installation directory $InstallDir does not exist. Nothing to remove."
    }
    # Also try to remove the parent .safe-chain directory if it's empty
    $parentDir = Split-Path $InstallDir -Parent
    if (Test-Path $parentDir) {
        $items = Get-ChildItem -Path $parentDir -Force
        if ($items.Count -eq 0) {
            Write-Info "Removing empty parent directory: $parentDir"
            try {
                Remove-Item -Path $parentDir -Force
            }
            catch {
                Write-Warn "Could not remove empty parent directory: $_"
            }
        }
    }
    Write-Info "safe-chain has been uninstalled successfully!"
--- a/install-scripts/uninstall-safe-chain.sh
+++ b/install-scripts/uninstall-safe-chain.sh
@ -7,6 +7,7 @@
 set -e  # Exit on error
 # Configuration
 INSTALL_DIR="${HOME}/.safe-chain/bin"
 # Colors for output
 RED='\033[0;31m'
@ -33,159 +34,6 @@ command_exists() {
    command -v "$1" >/dev/null 2>&1
 }
 # Resolves a path to its canonical filesystem location when possible.
 # Follows symlinks so binary validation can inspect the real installed path.
 resolve_path() {
    target="$1"
    while [ -L "$target" ]; do
        link_target=$(readlink "$target" 2>/dev/null || echo "")
        if [ -z "$link_target" ]; then
            break
        fi
        case "$link_target" in
            /*) target="$link_target" ;;
            *)
                target="$(dirname "$target")/$link_target"
                ;;
        esac
    done
    target_dir=$(dirname "$target")
    target_name=$(basename "$target")
    if cd "$target_dir" 2>/dev/null; then
        printf '%s/%s\n' "$(pwd -P)" "$target_name"
    else
        printf '%s\n' "$target"
    fi
 }
 # Derives the safe-chain base install directory from a packaged binary path.
 # Rejects wrapper scripts and paths that do not match the expected bin layout.
 derive_install_dir_from_binary() {
    binary_path="$1"
    if [ -z "$binary_path" ]; then
        return 1
    fi
    resolved_path=$(resolve_path "$binary_path")
    binary_name=$(basename "$resolved_path")
    case "$binary_name" in
        safe-chain|safe-chain.exe) ;;
        *) return 1 ;;
    esac
    case "$resolved_path" in
        *.js|*.cjs|*.mjs|*.cmd|*.ps1) return 1 ;;
    esac
    binary_dir=$(dirname "$resolved_path")
    if [ "$(basename "$binary_dir")" != "bin" ]; then
        return 1
    fi
    dirname "$binary_dir"
 }
 # Determines the installed safe-chain base directory for uninstall.
 # Prefers the binary-reported location, then infers it from PATH, then falls back to ~/.safe-chain.
 get_install_dir() {
    reported_install_dir=$(get_reported_install_dir || true)
    if [ -n "$reported_install_dir" ]; then
        printf '%s\n' "$reported_install_dir"
        return 0
    fi
    command_path=$(get_safe_chain_command_path || true)
    install_dir=$(derive_install_dir_from_binary "$command_path" || true)
    if [ -n "$install_dir" ]; then
        printf '%s\n' "$install_dir"
        return 0
    fi
    printf '%s\n' "${HOME}/.safe-chain"
 }
 # Returns the current safe-chain command path from PATH.
 # Fails when safe-chain is not currently resolvable.
 get_safe_chain_command_path() {
    if ! command_exists safe-chain; then
        return 1
    fi
    command -v safe-chain
 }
 # Returns the safe-chain command path only when it resolves to a valid packaged binary install.
 # Prevents the uninstaller from invoking arbitrary PATH entries.
 get_validated_safe_chain_command_path() {
    command_path=$(get_safe_chain_command_path || true)
    if [ -z "$command_path" ]; then
        return 1
    fi
    install_dir=$(derive_install_dir_from_binary "$command_path" || true)
    if [ -z "$install_dir" ]; then
        return 1
    fi
    printf '%s\n' "$command_path"
 }
 # Asks the validated safe-chain binary for its install directory via get-install-dir.
 # Returns nothing if the command is unavailable or the lookup fails.
 get_reported_install_dir() {
    safe_chain_path=$(get_validated_safe_chain_command_path || true)
    if [ -z "$safe_chain_path" ]; then
        return 1
    fi
    install_dir=$("$safe_chain_path" get-install-dir 2>/dev/null || true)
    if [ -n "$install_dir" ]; then
        printf '%s\n' "$install_dir"
        return 0
    fi
    return 1
 }
 # Locates the installed safe-chain binary to use for teardown.
 # Checks the discovered install dir first, then falls back to a validated PATH entry.
 find_installed_safe_chain_binary() {
    dot_safe_chain="$1"
    safe_chain_location="$dot_safe_chain/bin/safe-chain"
    if [ -x "$safe_chain_location" ]; then
        printf '%s\n' "$safe_chain_location"
        return 0
    fi
    command_path=$(get_validated_safe_chain_command_path || true)
    if [ -n "$command_path" ]; then
        printf '%s\n' "$command_path"
        return 0
    fi
    return 1
 }
 # Runs safe-chain teardown before removing files.
 # Continues with uninstall even if teardown is unavailable or fails.
 run_safe_chain_teardown() {
    safe_chain_command="$1"
    if [ -z "$safe_chain_command" ]; then
        warn "safe-chain command not found. Proceeding with uninstallation."
        return
    fi
    info "Running safe-chain teardown..."
    "$safe_chain_command" teardown || warn "safe-chain teardown encountered issues, continuing with uninstallation..."
 }
 # Check and uninstall npm global package if present
 remove_npm_installation() {
    if ! command_exists npm; then
@ -291,9 +139,17 @@ remove_nvm_installation() {
 # Main uninstallation
 main() {
-    DOT_SAFE_CHAIN=$(get_install_dir)
+    SAFE_CHAIN_LOCATION="$INSTALL_DIR/safe-chain"
-    SAFE_CHAIN_COMMAND=$(find_installed_safe_chain_binary "$DOT_SAFE_CHAIN" || true)
+
-    run_safe_chain_teardown "$SAFE_CHAIN_COMMAND"
+    if [ -x "$SAFE_CHAIN_LOCATION" ]; then
        info "Running safe-chain teardown..."
        "$SAFE_CHAIN_LOCATION" teardown || warn "safe-chain teardown encountered issues, continuing with uninstallation..."
    elif command_exists safe-chain; then
        info "Running safe-chain teardown..."
        safe-chain teardown || warn "safe-chain teardown encountered issues, continuing with uninstallation..."
    else
        warn "safe-chain command not found. Proceeding with uninstallation."
    fi
    # Check for existing safe-chain installation through nvm, volta, or npm
    remove_npm_installation
@ -301,11 +157,11 @@ main() {
    remove_nvm_installation
    # Remove install dir recursively if it exists
-    if [ -d "$DOT_SAFE_CHAIN" ]; then
+    if [ -d "$INSTALL_DIR" ]; then
-        info "Removing installation directory $DOT_SAFE_CHAIN"
+        info "Removing installation directory $INSTALL_DIR"
-        rm -rf "$DOT_SAFE_CHAIN" || error "Failed to remove $DOT_SAFE_CHAIN"
+        rm -rf "$INSTALL_DIR" || error "Failed to remove $INSTALL_DIR"
    else
-        info "Installation directory $DOT_SAFE_CHAIN does not exist. Nothing to remove."
+        info "Installation directory $INSTALL_DIR does not exist. Nothing to remove."
    fi
 }
--- a/npm-shrinkwrap.json
+++ b/npm-shrinkwrap.json
@ -3129,7 +3129,6 @@
        "aikido-bunx": "bin/aikido-bunx.js",
        "aikido-npm": "bin/aikido-npm.js",
        "aikido-npx": "bin/aikido-npx.js",
        "aikido-pdm": "bin/aikido-pdm.js",
        "aikido-pip": "bin/aikido-pip.js",
        "aikido-pip3": "bin/aikido-pip3.js",
        "aikido-pipx": "bin/aikido-pipx.js",
@ -3138,10 +3137,7 @@
        "aikido-poetry": "bin/aikido-poetry.js",
        "aikido-python": "bin/aikido-python.js",
        "aikido-python3": "bin/aikido-python3.js",
        "aikido-rush": "bin/aikido-rush.js",
        "aikido-rushx": "bin/aikido-rushx.js",
        "aikido-uv": "bin/aikido-uv.js",
        "aikido-uvx": "bin/aikido-uvx.js",
        "aikido-yarn": "bin/aikido-yarn.js",
        "safe-chain": "bin/safe-chain.js"
      },
--- a/packages/safe-chain/bin/aikido-pdm.js
+++ b/packages/safe-chain/bin/aikido-pdm.js
@ -1,13 +0,0 @@
 #!/usr/bin/env node
 import { main } from "../src/main.js";
 import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
 import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
 setEcoSystem(ECOSYSTEM_PY);
 initializePackageManager("pdm");
 (async () => {
  var exitCode = await main(process.argv.slice(2));
  process.exit(exitCode);
 })();
--- a/packages/safe-chain/bin/aikido-rush.js
+++ b/packages/safe-chain/bin/aikido-rush.js
@ -1,14 +0,0 @@
 #!/usr/bin/env node
 import { main } from "../src/main.js";
 import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
 import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
 setEcoSystem(ECOSYSTEM_JS);
 const packageManagerName = "rush";
 initializePackageManager(packageManagerName);
 (async () => {
  var exitCode = await main(process.argv.slice(2));
  process.exit(exitCode);
 })();
--- a/packages/safe-chain/bin/aikido-rushx.js
+++ b/packages/safe-chain/bin/aikido-rushx.js
@ -1,14 +0,0 @@
 #!/usr/bin/env node
 import { main } from "../src/main.js";
 import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
 import { setEcoSystem, ECOSYSTEM_JS } from "../src/config/settings.js";
 setEcoSystem(ECOSYSTEM_JS);
 const packageManagerName = "rushx";
 initializePackageManager(packageManagerName);
 (async () => {
  var exitCode = await main(process.argv.slice(2));
  process.exit(exitCode);
 })();
--- a/packages/safe-chain/bin/aikido-uvx.js
+++ b/packages/safe-chain/bin/aikido-uvx.js
@ -1,16 +0,0 @@
 #!/usr/bin/env node
 import { main } from "../src/main.js";
 import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
 import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
 // Set eco system
 setEcoSystem(ECOSYSTEM_PY);
 initializePackageManager("uvx");
 (async () => {
  // Pass through only user-supplied uvx args
  var exitCode = await main(process.argv.slice(2));
  process.exit(exitCode);
 })();
--- a/packages/safe-chain/bin/safe-chain.js
+++ b/packages/safe-chain/bin/safe-chain.js
@ -1,11 +1,5 @@
 #!/usr/bin/env node
 // Strip PKG_EXECPATH from the environment so any child process safe-chain
 // spawns (npm, uv, pip, …) doesn't inherit it. If it leaks into a subsequent
 // safe-chain invocation (e.g. via a shim) the yao-pkg bootstrap would treat
 // argv[1] as a script path and fail with MODULE_NOT_FOUND.
 delete process.env.PKG_EXECPATH;
 import chalk from "chalk";
 import { ui } from "../src/environment/userInteraction.js";
 import { setup } from "../src/shell-integration/setup.js";
@ -21,8 +15,7 @@ import { main } from "../src/main.js";
 import path from "path";
 import { fileURLToPath } from "url";
 import fs from "fs";
-import { knownAikidoTools, getPackageManagerList } from "../src/shell-integration/helpers.js";
+import { knownAikidoTools } from "../src/shell-integration/helpers.js";
 import { getInstalledSafeChainDir } from "../src/installLocation.js";
 /** @type {string} */
 // This checks the current file's dirname in a way that's compatible with:
@ -70,21 +63,10 @@ if (tool) {
 } else if (command === "setup") {
  setup();
 } else if (command === "teardown") {
  teardown();
  teardownDirectories();
  teardown();
 } else if (command === "setup-ci") {
  setupCi();
 } else if (command === "get-install-dir") {
  const installDir = getInstalledSafeChainDir();
  if (!installDir) {
    ui.writeError(
      "Install directory is only available for packaged safe-chain binaries.",
    );
    process.exit(1);
  }
  ui.writeInformation(installDir);
  process.exit(0);
 } else if (command === "--version" || command === "-v" || command === "-v") {
  (async () => {
    ui.writeInformation(`Current safe-chain version: ${await getVersion()}`);
@ -100,41 +82,36 @@ if (tool) {
 function writeHelp() {
  ui.writeInformation(
-    chalk.bold("Usage: ") + chalk.cyan("safe-chain <command>"),
+    chalk.bold("Usage: ") + chalk.cyan("safe-chain <command>")
  );
  ui.emptyLine();
  ui.writeInformation(
    `Available commands: ${chalk.cyan("setup")}, ${chalk.cyan(
-      "teardown",
+      "teardown"
-    )}, ${chalk.cyan("setup-ci")}, ${chalk.cyan("get-install-dir")}, ${chalk.cyan("help")}, ${chalk.cyan(
+    )}, ${chalk.cyan("setup-ci")}, ${chalk.cyan("help")}, ${chalk.cyan(
-      "--version",
+      "--version"
-    )}`,
+    )}`
  );
  ui.emptyLine();
  ui.writeInformation(
    `- ${chalk.cyan(
-      "safe-chain setup",
+      "safe-chain setup"
-    )}: This will setup your shell to wrap safe-chain around ${getPackageManagerList()}.`,
+    )}: This will setup your shell to wrap safe-chain around npm, npx, yarn, pnpm, pnpx, bun, bunx, pip and pip3.`
  );
  ui.writeInformation(
    `- ${chalk.cyan(
-      "safe-chain teardown",
+      "safe-chain teardown"
-    )}: This will remove safe-chain aliases from your shell configuration.`,
+    )}: This will remove safe-chain aliases from your shell configuration.`
  );
  ui.writeInformation(
    `- ${chalk.cyan(
-      "safe-chain setup-ci",
+      "safe-chain setup-ci"
-    )}: This will setup safe-chain for CI environments by creating shims and modifying the PATH.`,
+    )}: This will setup safe-chain for CI environments by creating shims and modifying the PATH.`
  );
  ui.writeInformation(
    `- ${chalk.cyan(
      "safe-chain get-install-dir",
    )}: Print the install directory for packaged safe-chain binaries.`,
  );
  ui.writeInformation(
    `- ${chalk.cyan("safe-chain --version")} (or ${chalk.cyan(
-      "-v",
+      "-v"
-    )}): Display the current version of safe-chain.`,
+    )}): Display the current version of safe-chain.`
  );
  ui.emptyLine();
 }
--- a/packages/safe-chain/package.json
+++ b/packages/safe-chain/package.json
@ -13,19 +13,15 @@
    "aikido-yarn": "bin/aikido-yarn.js",
    "aikido-pnpm": "bin/aikido-pnpm.js",
    "aikido-pnpx": "bin/aikido-pnpx.js",
    "aikido-rush": "bin/aikido-rush.js",
    "aikido-rushx": "bin/aikido-rushx.js",
    "aikido-bun": "bin/aikido-bun.js",
    "aikido-bunx": "bin/aikido-bunx.js",
    "aikido-uv": "bin/aikido-uv.js",
    "aikido-uvx": "bin/aikido-uvx.js",
    "aikido-pip": "bin/aikido-pip.js",
    "aikido-pip3": "bin/aikido-pip3.js",
    "aikido-python": "bin/aikido-python.js",
    "aikido-python3": "bin/aikido-python3.js",
    "aikido-poetry": "bin/aikido-poetry.js",
    "aikido-pipx": "bin/aikido-pipx.js",
    "aikido-pdm": "bin/aikido-pdm.js",
    "safe-chain": "bin/safe-chain.js"
  },
  "type": "module",
@ -40,7 +36,7 @@
  "keywords": [],
  "author": "Aikido Security",
  "license": "AGPL-3.0-or-later",
-  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [rush](https://rushjs.io/), [rushx](https://rushjs.io/pages/commands/rushx/), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), [pip](https://pip.pypa.io/), and [pdm](https://pdm-project.org/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, uv, uvx, pip/pip3, or pdm from downloading or running the malware.",
+  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), and [pip](https://pip.pypa.io/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, bunx, uv, or pip/pip3 from downloading or running the malware.",
  "dependencies": {
    "certifi": "14.5.15",
    "chalk": "5.4.1",
--- a/packages/safe-chain/src/api/aikido.js
+++ b/packages/safe-chain/src/api/aikido.js
@ -1,24 +1,11 @@
 import fetch from "make-fetch-happen";
-import {
+import { getEcoSystem, ECOSYSTEM_JS, ECOSYSTEM_PY } from "../config/settings.js";
  getEcoSystem,
  ECOSYSTEM_JS,
  ECOSYSTEM_PY,
  getMalwareListBaseUrl,
 } from "../config/settings.js";
 import { ui } from "../environment/userInteraction.js";
-const malwareDatabasePaths = {
+const malwareDatabaseUrls = {
-  [ECOSYSTEM_JS]: "malware_predictions.json",
+  [ECOSYSTEM_JS]: "https://malware-list.aikido.dev/malware_predictions.json",
-  [ECOSYSTEM_PY]: "malware_pypi.json",
+  [ECOSYSTEM_PY]: "https://malware-list.aikido.dev/malware_pypi.json",
 };
 const newPackagesListPaths = {
  [ECOSYSTEM_JS]: "releases/npm.json",
  [ECOSYSTEM_PY]: "releases/pypi.json",
 };
 const DEFAULT_FETCH_RETRY_ATTEMPTS = 4;
 /**
 * @typedef {Object} MalwarePackage
 * @property {string} package_name
@ -26,162 +13,42 @@ const DEFAULT_FETCH_RETRY_ATTEMPTS = 4;
 * @property {string} reason
 */
 /**
 * @typedef {Object} NewPackageEntry
 * @property {string} [source]
 * @property {string} package_name
 * @property {string} version
 * @property {number} released_on  - Unix timestamp (seconds)
 * @property {number} scraped_on   - Unix timestamp (seconds)
 */
 /**
 * @returns {Promise<{malwareDatabase: MalwarePackage[], version: string | undefined}>}
 */
 export async function fetchMalwareDatabase() {
-  return retry(async () => {
+  const ecosystem = getEcoSystem();
-    const ecosystem = getEcoSystem();
+  const malwareDatabaseUrl = malwareDatabaseUrls[/** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)];
-    const baseUrl = getMalwareListBaseUrl();
+  const response = await fetch(malwareDatabaseUrl);
-    const path = malwareDatabasePaths[
+  if (!response.ok) {
-      /** @type {keyof typeof malwareDatabasePaths} */ (ecosystem)
+    throw new Error(`Error fetching ${ecosystem} malware database: ${response.statusText}`);
-    ];
+  }
    const malwareDatabaseUrl = `${baseUrl}/${path}`;
    const response = await fetch(malwareDatabaseUrl);
    if (!response.ok) {
      throw new Error(
        `Error fetching ${ecosystem} malware database: ${response.statusText}`
      );
    }
-    try {
+  try {
-      let malwareDatabase = await response.json();
+    let malwareDatabase = await response.json();
-      return {
+    return {
-        malwareDatabase: malwareDatabase,
+      malwareDatabase: malwareDatabase,
-        version: response.headers.get("etag") || undefined,
+      version: response.headers.get("etag") || undefined,
-      };
+    };
-    } catch (/** @type {any} */ error) {
+  } catch (/** @type {any} */ error) {
-      throw new Error(`Error parsing malware database: ${error.message}`);
+    throw new Error(`Error parsing malware database: ${error.message}`);
-    }
+  }
  }, DEFAULT_FETCH_RETRY_ATTEMPTS);
 }
 /**
 * @returns {Promise<string | undefined>}
 */
 export async function fetchMalwareDatabaseVersion() {
-  return retry(async () => {
+  const ecosystem = getEcoSystem();
-    const ecosystem = getEcoSystem();
+  const malwareDatabaseUrl = malwareDatabaseUrls[/** @type {keyof typeof malwareDatabaseUrls} */ (ecosystem)];
-    const baseUrl = getMalwareListBaseUrl();
+  const response = await fetch(malwareDatabaseUrl, {
-    const path = malwareDatabasePaths[
+    method: "HEAD",
-      /** @type {keyof typeof malwareDatabasePaths} */ (ecosystem)
+  });
    ];
    const malwareDatabaseUrl = `${baseUrl}/${path}`;
    const response = await fetch(malwareDatabaseUrl, {
      method: "HEAD",
    });
-    if (!response.ok) {
+  if (!response.ok) {
-      throw new Error(
+    throw new Error(
-        `Error fetching ${ecosystem} malware database version: ${response.statusText}`
+      `Error fetching ${ecosystem} malware database version: ${response.statusText}`
-      );
+    );
    }
    return response.headers.get("etag") || undefined;
  }, DEFAULT_FETCH_RETRY_ATTEMPTS);
 }
 /**
 * @returns {Promise<{newPackagesList: NewPackageEntry[], version: string | undefined}>}
 */
 export async function fetchNewPackagesList() {
  return retry(async () => {
    const ecosystem = getEcoSystem();
    const baseUrl = getMalwareListBaseUrl();
    const path = newPackagesListPaths[/** @type {keyof typeof newPackagesListPaths} */ (ecosystem)];
    if (!path) {
      return { newPackagesList: [], version: undefined };
    }
    const url = `${baseUrl}/${path}`;
    const response = await fetch(url);
    if (!response.ok) {
      throw new Error(
        `Error fetching ${ecosystem} new packages list: ${response.statusText}`
      );
    }
    try {
      const newPackagesList = await response.json();
      return {
        newPackagesList,
        version: response.headers.get("etag") || undefined,
      };
    } catch (/** @type {any} */ error) {
      throw new Error(`Error parsing new packages list: ${error.message}`);
    }
  }, DEFAULT_FETCH_RETRY_ATTEMPTS);
 }
 /**
 * @returns {Promise<string | undefined>}
 */
 export async function fetchNewPackagesListVersion() {
  return retry(async () => {
    const ecosystem = getEcoSystem();
    const baseUrl = getMalwareListBaseUrl();
    const path = newPackagesListPaths[/** @type {keyof typeof newPackagesListPaths} */ (ecosystem)];
    if (!path) {
      return undefined;
    }
    const url = `${baseUrl}/${path}`;
    const response = await fetch(url, { method: "HEAD" });
    if (!response.ok) {
      throw new Error(
        `Error fetching ${ecosystem} new packages list version: ${response.statusText}`
      );
    }
    return response.headers.get("etag") || undefined;
  }, DEFAULT_FETCH_RETRY_ATTEMPTS);
 }
 /**
 * Retries an asynchronous function multiple times until it succeeds or exhausts all attempts.
 *
 * @template T
 * @param {() => Promise<T>} func - The asynchronous function to retry
 * @param {number} attempts - The number of attempts
 * @returns {Promise<T>} The return value of the function if successful
 * @throws {Error} The last error encountered if all retry attempts fail
 */
 async function retry(func, attempts) {
  let lastError;
  for (let i = 0; i < attempts; i++) {
    try {
      return await func();
    } catch (error) {
      ui.writeVerbose(
        "An error occurred while trying to download Aikido data",
        error
      );
      lastError = error;
    }
    if (i < attempts - 1) {
      // When this is not the last try, back-off exponentially:
      //  1st attempt - 500ms delay
      //  2nd attempt - 1000ms delay
      //  3rd attempt - 2000ms delay
      //  4th attempt - 4000ms delay
      //  ...
      await new Promise((resolve) => setTimeout(resolve, Math.pow(2, i) * 500));
    }
  }
-
+  return response.headers.get("etag") || undefined;
  throw lastError;
 }
--- a/packages/safe-chain/src/api/aikido.spec.js
+++ b/packages/safe-chain/src/api/aikido.spec.js
@ -1,231 +0,0 @@
 import { describe, it, mock, beforeEach } from "node:test";
 import assert from "node:assert";
 describe("aikido API", async () => {
  const mockFetch = mock.fn();
  let ecosystem = "js";
  mock.module("make-fetch-happen", {
    defaultExport: mockFetch,
  });
  mock.module("../environment/userInteraction.js", {
    namedExports: {
      ui: {
        writeVerbose: () => {},
      },
    },
  });
  mock.module("../config/settings.js", {
    namedExports: {
      getEcoSystem: () => ecosystem,
      ECOSYSTEM_JS: "js",
      ECOSYSTEM_PY: "py",
      getMalwareListBaseUrl: () => "https://malware-list.aikido.dev",
    },
  });
  const {
    fetchMalwareDatabase,
    fetchMalwareDatabaseVersion,
    fetchNewPackagesList,
    fetchNewPackagesListVersion,
  } = await import("./aikido.js");
  beforeEach(() => {
    mockFetch.mock.resetCalls();
    ecosystem = "js";
  });
  describe("fetchMalwareDatabase", () => {
    it("should succeed immediately when fetch succeeds on first try", async () => {
      const malwareData = [
        { package_name: "malicious-pkg", version: "1.0.0", reason: "test" },
      ];
      mockFetch.mock.mockImplementationOnce(() => ({
        ok: true,
        json: async () => malwareData,
        headers: { get: () => '"etag-123"' },
      }));
      const result = await fetchMalwareDatabase();
      assert.strictEqual(mockFetch.mock.calls.length, 1);
      assert.deepStrictEqual(result.malwareDatabase, malwareData);
      assert.strictEqual(result.version, '"etag-123"');
    });
    it("should throw error after exhausting all retries", async () => {
      mockFetch.mock.mockImplementation(() => {
        throw new Error("Network error");
      });
      await assert.rejects(() => fetchMalwareDatabase(), {
        message: "Network error",
      });
      assert.strictEqual(mockFetch.mock.calls.length, 4);
    });
    it("should succeed after failing 3 times and succeeding on 4th attempt", async () => {
      const malwareData = [
        { package_name: "bad-pkg", version: "2.0.0", reason: "malware" },
      ];
      let callCount = 0;
      mockFetch.mock.mockImplementation(() => {
        callCount++;
        if (callCount < 4) {
          throw new Error("Network error");
        }
        return {
          ok: true,
          json: async () => malwareData,
          headers: { get: () => '"etag-456"' },
        };
      });
      const result = await fetchMalwareDatabase();
      assert.strictEqual(mockFetch.mock.calls.length, 4);
      assert.deepStrictEqual(result.malwareDatabase, malwareData);
      assert.strictEqual(result.version, '"etag-456"');
    });
  });
  describe("fetchMalwareDatabaseVersion", () => {
    it("should succeed immediately when fetch succeeds on first try", async () => {
      mockFetch.mock.mockImplementationOnce(() => ({
        ok: true,
        headers: { get: () => '"version-etag"' },
      }));
      const result = await fetchMalwareDatabaseVersion();
      assert.strictEqual(mockFetch.mock.calls.length, 1);
      assert.strictEqual(result, '"version-etag"');
    });
    it("should throw error after exhausting all retries", async () => {
      mockFetch.mock.mockImplementation(() => {
        throw new Error("Connection refused");
      });
      await assert.rejects(() => fetchMalwareDatabaseVersion(), {
        message: "Connection refused",
      });
      assert.strictEqual(mockFetch.mock.calls.length, 4);
    });
    it("should succeed after failing 3 times and succeeding on 4th attempt", async () => {
      let callCount = 0;
      mockFetch.mock.mockImplementation(() => {
        callCount++;
        if (callCount < 4) {
          throw new Error("Timeout");
        }
        return {
          ok: true,
          headers: { get: () => '"final-etag"' },
        };
      });
      const result = await fetchMalwareDatabaseVersion();
      assert.strictEqual(mockFetch.mock.calls.length, 4);
      assert.strictEqual(result, '"final-etag"');
    });
  });
  describe("fetchNewPackagesList", () => {
    it("should succeed immediately when fetch succeeds on first try", async () => {
      const releases = [
        {
          package_name: "fresh-pkg",
          version: "1.0.0",
          released_on: 123,
        },
      ];
      mockFetch.mock.mockImplementationOnce(() => ({
        ok: true,
        json: async () => releases,
        headers: { get: () => '"etag-new-packages"' },
      }));
      const result = await fetchNewPackagesList();
      assert.strictEqual(mockFetch.mock.calls.length, 1);
      assert.strictEqual(
        mockFetch.mock.calls[0].arguments[0],
        "https://malware-list.aikido.dev/releases/npm.json"
      );
      assert.deepStrictEqual(result.newPackagesList, releases);
      assert.strictEqual(result.version, '"etag-new-packages"');
    });
    it("should throw error after exhausting all retries", async () => {
      mockFetch.mock.mockImplementation(() => {
        throw new Error("Network error");
      });
      await assert.rejects(() => fetchNewPackagesList(), {
        message: "Network error",
      });
      assert.strictEqual(mockFetch.mock.calls.length, 4);
    });
    it("should return an empty list without fetching for unsupported ecosystems", async () => {
      ecosystem = "ruby";
      const result = await fetchNewPackagesList();
      assert.strictEqual(mockFetch.mock.calls.length, 0);
      assert.deepStrictEqual(result.newPackagesList, []);
      assert.strictEqual(result.version, undefined);
    });
    it("should return undefined version without fetching for unsupported ecosystems", async () => {
      ecosystem = "ruby";
      const result = await fetchNewPackagesListVersion();
      assert.strictEqual(mockFetch.mock.calls.length, 0);
      assert.strictEqual(result, undefined);
    });
  });
  describe("fetchNewPackagesListVersion", () => {
    it("should succeed immediately when fetch succeeds on first try", async () => {
      mockFetch.mock.mockImplementationOnce(() => ({
        ok: true,
        headers: { get: () => '"new-packages-etag"' },
      }));
      const result = await fetchNewPackagesListVersion();
      assert.strictEqual(mockFetch.mock.calls.length, 1);
      assert.strictEqual(
        mockFetch.mock.calls[0].arguments[0],
        "https://malware-list.aikido.dev/releases/npm.json"
      );
      assert.deepStrictEqual(mockFetch.mock.calls[0].arguments[1], {
        method: "HEAD",
      });
      assert.strictEqual(result, '"new-packages-etag"');
    });
    it("should throw error after exhausting all retries", async () => {
      mockFetch.mock.mockImplementation(() => {
        throw new Error("Connection refused");
      });
      await assert.rejects(() => fetchNewPackagesListVersion(), {
        message: "Connection refused",
      });
      assert.strictEqual(mockFetch.mock.calls.length, 4);
    });
  });
 });
--- a/packages/safe-chain/src/config/cliArguments.js
+++ b/packages/safe-chain/src/config/cliArguments.js
@ -1,13 +1,12 @@
 import { ui } from "../environment/userInteraction.js";
 /**
- * @type {{loggingLevel: string | undefined, skipMinimumPackageAge: boolean | undefined, minimumPackageAgeHours: string | undefined, malwareListBaseUrl: string | undefined}}
+ * @type {{loggingLevel: string | undefined, skipMinimumPackageAge: boolean | undefined, minimumPackageAgeHours: string | undefined}}
 */
 const state = {
  loggingLevel: undefined,
  skipMinimumPackageAge: undefined,
  minimumPackageAgeHours: undefined,
  malwareListBaseUrl: undefined,
 };
 const SAFE_CHAIN_ARG_PREFIX = "--safe-chain-";
@ -21,7 +20,6 @@ export function initializeCliArguments(args) {
  state.loggingLevel = undefined;
  state.skipMinimumPackageAge = undefined;
  state.minimumPackageAgeHours = undefined;
  state.malwareListBaseUrl = undefined;
  const safeChainArgs = [];
  const remainingArgs = [];
@ -37,7 +35,6 @@ export function initializeCliArguments(args) {
  setLoggingLevel(safeChainArgs);
  setSkipMinimumPackageAge(safeChainArgs);
  setMinimumPackageAgeHours(safeChainArgs);
  setMalwareListBaseUrl(safeChainArgs);
  checkDeprecatedPythonFlag(args);
  return remainingArgs;
 }
@ -112,26 +109,6 @@ export function getMinimumPackageAgeHours() {
  return state.minimumPackageAgeHours;
 }
 /**
 * @param {string[]} args
 * @returns {void}
 */
 function setMalwareListBaseUrl(args) {
  const argName = SAFE_CHAIN_ARG_PREFIX + "malware-list-base-url=";
  const value = getLastArgEqualsValue(args, argName);
  if (value) {
    state.malwareListBaseUrl = value;
  }
 }
 /**
 * @returns {string | undefined}
 */
 export function getMalwareListBaseUrl() {
  return state.malwareListBaseUrl;
 }
 /**
 * @param {string[]} args
 * @param {string} flagName
--- a/packages/safe-chain/src/config/configFile.js
+++ b/packages/safe-chain/src/config/configFile.js
@ -3,7 +3,6 @@ import path from "path";
 import os from "os";
 import { ui } from "../environment/userInteraction.js";
 import { getEcoSystem } from "./settings.js";
 import { getSafeChainBaseDir } from "./safeChainDir.js";
 /**
 * @typedef {Object} SafeChainConfig
@ -11,14 +10,12 @@ import { getSafeChainBaseDir } from "./safeChainDir.js";
 * We cannot trust the input and should add the necessary validations
 * @property {unknown | Number} scanTimeout
 * @property {unknown | Number} minimumPackageAgeHours
 * @property {unknown | string} malwareListBaseUrl
 * @property {unknown | SafeChainRegistryConfiguration} npm
 * @property {unknown | SafeChainRegistryConfiguration} pip
 *
 * @typedef {Object} SafeChainRegistryConfiguration
 * We cannot trust the input and should add the necessary validations.
 * @property {unknown | string[]} customRegistries
 * @property {unknown | string[]} minimumPackageAgeExclusions
 */
 /**
@ -86,18 +83,6 @@ export function getMinimumPackageAgeHours() {
  return undefined;
 }
 /**
 * Gets the malware list base URL from config file only
 * @returns {string | undefined}
 */
 export function getMalwareListBaseUrl() {
  const config = readConfigFile();
  if (config.malwareListBaseUrl && typeof config.malwareListBaseUrl === "string") {
    return config.malwareListBaseUrl;
  }
  return undefined;
 }
 /**
 * Gets the custom npm registries from the config file (format parsing only, no validation)
 * @returns {string[]}
@ -142,30 +127,6 @@ export function getPipCustomRegistries() {
  return customRegistries.filter((item) => typeof item === "string");
 }
 /**
 * Gets the minimum package age exclusions from the config file for the current ecosystem
 * @returns {string[]}
 */
 export function getMinimumPackageAgeExclusions() {
  const config = readConfigFile();
  const ecosystem = getEcoSystem();
  const registryConfig = ecosystem === "py" ? config.pip : config.npm;
  if (!config || !registryConfig) {
    return [];
  }
  const typedRegistryConfig =
    /** @type {SafeChainRegistryConfiguration} */ (registryConfig);
  const exclusions = typedRegistryConfig.minimumPackageAgeExclusions;
  if (!Array.isArray(exclusions)) {
    return [];
  }
  return exclusions.filter((item) => typeof item === "string");
 }
 /**
 * @param {import("../api/aikido.js").MalwarePackage[]} data
 * @param {string | number} version
@ -228,7 +189,6 @@ function readConfigFile() {
  const emptyConfig = {
    scanTimeout: undefined,
    minimumPackageAgeHours: undefined,
    malwareListBaseUrl: undefined,
    npm: {
      customRegistries: undefined,
    },
@ -266,51 +226,11 @@ function getDatabaseVersionPath() {
  return path.join(aikidoDir, `version_${ecosystem}.txt`);
 }
 /**
 * @returns {string}
 */
 export function getNewPackagesListPath() {
  const safeChainDir = getSafeChainDirectory();
  const ecosystem = getEcoSystem();
  return path.join(safeChainDir, `newPackagesList_${ecosystem}.json`);
 }
 /**
 * @returns {string}
 */
 export function getNewPackagesListVersionPath() {
  const safeChainDir = getSafeChainDirectory();
  const ecosystem = getEcoSystem();
  return path.join(safeChainDir, `newPackagesList_version_${ecosystem}.txt`);
 }
 /**
 * @returns {string}
 */
 function getConfigFilePath() {
-  const primaryPath = path.join(getSafeChainDirectory(), "config.json");
+  return path.join(getAikidoDirectory(), "config.json");
  if (fs.existsSync(primaryPath)) {
    return primaryPath;
  }
  const legacyPath = path.join(getAikidoDirectory(), "config.json");
  if (fs.existsSync(legacyPath)) {
    return legacyPath;
  }
  return primaryPath;
 }
 /**
 * @returns {string}
 */
 export function getSafeChainDirectory() {
  const safeChainDir = getSafeChainBaseDir();
  if (!fs.existsSync(safeChainDir)) {
    fs.mkdirSync(safeChainDir, { recursive: true });
  }
  return safeChainDir;
 }
 /**
--- a/packages/safe-chain/src/config/configFile.spec.js
+++ b/packages/safe-chain/src/config/configFile.spec.js
@ -1,35 +1,16 @@
 import { describe, it, beforeEach, afterEach, mock } from "node:test";
 import assert from "node:assert";
 import os from "os";
 import path from "path";
-const safeChainConfigPath = path.join(os.homedir(), ".safe-chain", "config.json");
+let configFileContent = undefined;
 const aikidoConfigPath = path.join(os.homedir(), ".aikido", "config.json");
 /** @type {Map<string, string>} */
 let mockFiles = new Map();
 mock.module("fs", {
  namedExports: {
-    existsSync: (filePath) => mockFiles.has(filePath),
+    existsSync: () => configFileContent !== undefined,
-    readFileSync: (filePath) => {
+    readFileSync: () => configFileContent,
-      if (!mockFiles.has(filePath)) {
+    writeFileSync: (content) => (configFileContent = content),
        throw new Error(`ENOENT: no such file: ${filePath}`);
      }
      return mockFiles.get(filePath);
    },
    writeFileSync: (filePath, content) => mockFiles.set(filePath, content),
    mkdirSync: () => {},
  },
 });
 /**
 * Helper to set config content at the primary (~/.safe-chain/) location.
 * @param {string} content
 */
 function setConfigContent(content) {
  mockFiles.set(safeChainConfigPath, content);
 }
 describe("getScanTimeout", async () => {
  let originalEnv;
@ -48,11 +29,12 @@ describe("getScanTimeout", async () => {
      delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
    }
-    mockFiles.clear();
+    configFileContent = undefined;
  });
  it("should return default timeout of 10000ms when no config or env var is set", () => {
    delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
    configFileContent = undefined;
    const timeout = getScanTimeout();
@ -61,7 +43,7 @@ describe("getScanTimeout", async () => {
  it("should return timeout from config file when set", () => {
    delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
-    setConfigContent(JSON.stringify({ scanTimeout: 5000 }));
+    configFileContent = JSON.stringify({ scanTimeout: 5000 });
    const timeout = getScanTimeout();
@ -70,7 +52,7 @@ describe("getScanTimeout", async () => {
  it("should prioritize environment variable over config file", () => {
    process.env.AIKIDO_SCAN_TIMEOUT_MS = "20000";
-    setConfigContent(JSON.stringify({ scanTimeout: 5000 }));
+    configFileContent = JSON.stringify({ scanTimeout: 5000 });
    const timeout = getScanTimeout();
@ -79,7 +61,7 @@ describe("getScanTimeout", async () => {
  it("should handle invalid environment variable and fall back to config", () => {
    process.env.AIKIDO_SCAN_TIMEOUT_MS = "invalid";
-    setConfigContent(JSON.stringify({ scanTimeout: 7000 }));
+    configFileContent = JSON.stringify({ scanTimeout: 7000 });
    const timeout = getScanTimeout();
@ -87,6 +69,8 @@ describe("getScanTimeout", async () => {
  });
  it("should ignore zero and negative values and fall back to default", () => {
    configFileContent = undefined;
    process.env.AIKIDO_SCAN_TIMEOUT_MS = "0";
    let timeout = getScanTimeout();
@ -100,7 +84,7 @@ describe("getScanTimeout", async () => {
  it("should ignore textual non-numeric values in environment variable and fall back to config", () => {
    process.env.AIKIDO_SCAN_TIMEOUT_MS = "fast";
-    setConfigContent(JSON.stringify({ scanTimeout: 8000 }));
+    configFileContent = JSON.stringify({ scanTimeout: 8000 });
    const timeout = getScanTimeout();
@ -109,7 +93,7 @@ describe("getScanTimeout", async () => {
  it("should ignore textual non-numeric values in config file and fall back to default", () => {
    delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
-    setConfigContent(JSON.stringify({ scanTimeout: "slow" }));
+    configFileContent = JSON.stringify({ scanTimeout: "slow" });
    const timeout = getScanTimeout();
@ -118,7 +102,7 @@ describe("getScanTimeout", async () => {
  it("should ignore textual non-numeric values in both env and config, fall back to default", () => {
    process.env.AIKIDO_SCAN_TIMEOUT_MS = "quick";
-    setConfigContent(JSON.stringify({ scanTimeout: "medium" }));
+    configFileContent = JSON.stringify({ scanTimeout: "medium" });
    const timeout = getScanTimeout();
@ -127,7 +111,7 @@ describe("getScanTimeout", async () => {
  it("should ignore mixed alphanumeric strings in environment variable", () => {
    process.env.AIKIDO_SCAN_TIMEOUT_MS = "5000ms";
-    setConfigContent(JSON.stringify({ scanTimeout: 6000 }));
+    configFileContent = JSON.stringify({ scanTimeout: 6000 });
    const timeout = getScanTimeout();
@ -136,7 +120,7 @@ describe("getScanTimeout", async () => {
  it("should ignore mixed alphanumeric strings in config file", () => {
    delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
-    setConfigContent(JSON.stringify({ scanTimeout: "3000ms" }));
+    configFileContent = JSON.stringify({ scanTimeout: "3000ms" });
    const timeout = getScanTimeout();
@ -148,17 +132,19 @@ describe("getMinimumPackageAgeHours", async () => {
  const { getMinimumPackageAgeHours } = await import("./configFile.js");
  afterEach(() => {
-    mockFiles.clear();
+    configFileContent = undefined;
  });
  it("should return null when config file doesn't exist", () => {
    configFileContent = undefined;
    const hours = getMinimumPackageAgeHours();
    assert.strictEqual(hours, undefined);
  });
  it("should return null when config file exists but minimumPackageAgeHours is not set", () => {
-    setConfigContent(JSON.stringify({ scanTimeout: 5000 }));
+    configFileContent = JSON.stringify({ scanTimeout: 5000 });
    const hours = getMinimumPackageAgeHours();
@ -166,7 +152,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should return value from config file when set to valid number", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: 48 }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: 48 });
    const hours = getMinimumPackageAgeHours();
@ -174,7 +160,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should handle string numbers in config file", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: "72" }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: "72" });
    const hours = getMinimumPackageAgeHours();
@ -182,7 +168,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should handle decimal values", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: 1.5 }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: 1.5 });
    const hours = getMinimumPackageAgeHours();
@ -190,7 +176,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should return null for non-numeric strings", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: "invalid" }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: "invalid" });
    const hours = getMinimumPackageAgeHours();
@ -198,7 +184,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should return undefined for values with units suffix", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: "48h" }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: "48h" });
    const hours = getMinimumPackageAgeHours();
@ -206,7 +192,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should handle malformed JSON and return null", () => {
-    setConfigContent("{ invalid json");
+    configFileContent = "{ invalid json";
    const hours = getMinimumPackageAgeHours();
@ -214,7 +200,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should return 0 when minimumPackageAgeHours is set to 0", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: 0 }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: 0 });
    const hours = getMinimumPackageAgeHours();
@ -222,7 +208,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should return 0 when minimumPackageAgeHours is set to string '0'", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: "0" }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: "0" });
    const hours = getMinimumPackageAgeHours();
@ -230,7 +216,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should handle negative numeric values", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: -24 }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: -24 });
    const hours = getMinimumPackageAgeHours();
@ -238,7 +224,7 @@ describe("getMinimumPackageAgeHours", async () => {
  });
  it("should handle negative string values", () => {
-    setConfigContent(JSON.stringify({ minimumPackageAgeHours: "-48" }));
+    configFileContent = JSON.stringify({ minimumPackageAgeHours: "-48" });
    const hours = getMinimumPackageAgeHours();
@ -263,17 +249,19 @@ for (const { packageManager, getCustomRegistries } of [
 {
  describe(getCustomRegistries.name, async () => {
    afterEach(() => {
-      mockFiles.clear();
+      configFileContent = undefined;
    });
    it("should return empty array when config file doesn't exist", () => {
      configFileContent = undefined;
      const registries = getCustomRegistries();
      assert.deepStrictEqual(registries, []);
    });
    it(`should return empty array when ${packageManager} config is not set`, () => {
-      setConfigContent(JSON.stringify({ scanTimeout: 5000 }));
+      configFileContent = JSON.stringify({ scanTimeout: 5000 });
      const registries = getCustomRegistries();
@ -281,9 +269,9 @@ for (const { packageManager, getCustomRegistries } of [
    });
    it("should return empty array when customRegistries is not an array", () => {
-      setConfigContent(JSON.stringify({
+      configFileContent = JSON.stringify({
        [packageManager]: { customRegistries: "not-an-array" },
-      }));
+      });
      const registries = getCustomRegistries();
@ -291,11 +279,11 @@ for (const { packageManager, getCustomRegistries } of [
    });
    it("should return array of custom registries when set", () => {
-      setConfigContent(JSON.stringify({
+      configFileContent = JSON.stringify({
        [packageManager]: {
          customRegistries: [`${packageManager}.company.com`, "registry.internal.net"],
        },
-      }));
+      });
      const registries = getCustomRegistries();
@ -306,7 +294,7 @@ for (const { packageManager, getCustomRegistries } of [
    });
    it("should filter out non-string values", () => {
-      setConfigContent(JSON.stringify({
+      configFileContent = JSON.stringify({
        [packageManager]: {
          customRegistries: [
            `${packageManager}.company.com`,
@ -317,7 +305,7 @@ for (const { packageManager, getCustomRegistries } of [
            {},
          ],
        },
-      }));
+      });
      const registries = getCustomRegistries();
@ -328,9 +316,9 @@ for (const { packageManager, getCustomRegistries } of [
    });
    it("should return empty array for empty customRegistries array", () => {
-      setConfigContent(JSON.stringify({
+      configFileContent = JSON.stringify({
        [packageManager]: { customRegistries: [] },
-      }));
+      });
      const registries = getCustomRegistries();
@ -338,7 +326,7 @@ for (const { packageManager, getCustomRegistries } of [
    });
    it("should handle malformed JSON and return empty array", () => {
-      setConfigContent("{ invalid json");
+      configFileContent = "{ invalid json";
      const registries = getCustomRegistries();
@ -346,35 +334,3 @@ for (const { packageManager, getCustomRegistries } of [
    });
  });
 }
 describe("config file location fallback", async () => {
  const { getScanTimeout } = await import("./configFile.js");
  afterEach(() => {
    mockFiles.clear();
    delete process.env.AIKIDO_SCAN_TIMEOUT_MS;
  });
  it("should read config from ~/.safe-chain/config.json when it exists", () => {
    mockFiles.set(safeChainConfigPath, JSON.stringify({ scanTimeout: 3000 }));
    assert.strictEqual(getScanTimeout(), 3000);
  });
  it("should fall back to ~/.aikido/config.json when primary does not exist", () => {
    mockFiles.set(aikidoConfigPath, JSON.stringify({ scanTimeout: 4000 }));
    assert.strictEqual(getScanTimeout(), 4000);
  });
  it("should prefer ~/.safe-chain/config.json when both exist", () => {
    mockFiles.set(safeChainConfigPath, JSON.stringify({ scanTimeout: 3000 }));
    mockFiles.set(aikidoConfigPath, JSON.stringify({ scanTimeout: 4000 }));
    assert.strictEqual(getScanTimeout(), 3000);
  });
  it("should return default when neither config file exists", () => {
    assert.strictEqual(getScanTimeout(), 10000);
  });
 });
--- a/packages/safe-chain/src/config/environmentVariables.js
+++ b/packages/safe-chain/src/config/environmentVariables.js
@ -34,24 +34,3 @@ export function getPipCustomRegistries() {
 export function getLoggingLevel() {
  return process.env.SAFE_CHAIN_LOGGING;
 }
 /**
 * Gets the minimum package age exclusions from environment variable
 * Expected format: comma-separated list of package names
 * Example: "react,@aikidosec/safe-chain,lodash"
 * @returns {string | undefined}
 */
 export function getMinimumPackageAgeExclusions() {
  return process.env.SAFE_CHAIN_MINIMUM_PACKAGE_AGE_EXCLUSIONS ||
    process.env.SAFE_CHAIN_NPM_MINIMUM_PACKAGE_AGE_EXCLUSIONS;
 }
 /**
 * Gets the malware list base URL from environment variable
 * Expected format: full URL without trailing slash
 * Example: "https://malware-list.aikido.dev"
 * @returns {string | undefined}
 */
 export function getMalwareListBaseUrl() {
  return process.env.SAFE_CHAIN_MALWARE_LIST_BASE_URL;
 }
--- a/packages/safe-chain/src/config/safeChainDir.js
+++ b/packages/safe-chain/src/config/safeChainDir.js
@ -1,71 +0,0 @@
 import os from "os";
 import path from "path";
 import { fileURLToPath } from "url";
 import { getInstalledSafeChainDir } from "../installLocation.js";
 /**
 * @returns {string}
 */
 export function getSafeChainBaseDir() {
  return getInstalledSafeChainDir() ?? path.join(os.homedir(), ".safe-chain");
 }
 /**
 * @returns {string}
 */
 export function getBinDir() {
  return path.join(getSafeChainBaseDir(), "bin");
 }
 /**
 * @returns {string}
 */
 export function getShimsDir() {
  return path.join(getSafeChainBaseDir(), "shims");
 }
 /**
 * @returns {string}
 */
 export function getScriptsDir() {
  return path.join(getSafeChainBaseDir(), "scripts");
 }
 /**
 * @returns {string}
 */
 export function getCertsDir() {
  return path.join(getSafeChainBaseDir(), "certs");
 }
 /**
 * Resolves the directory of the calling module.
 * Falls back to __dirname when import.meta.url is unavailable (pkg CJS binary).
 * @param {string | undefined} moduleUrl
 * @returns {string}
 */
 function resolveModuleDir(moduleUrl) {
  if (moduleUrl) {
    return path.dirname(fileURLToPath(moduleUrl));
  }
  // eslint-disable-next-line no-undef
  return __dirname;
 }
 /**
 * @param {string | undefined} moduleUrl
 * @param {string} fileName
 * @returns {string}
 */
 export function getStartupScriptSourcePath(moduleUrl, fileName) {
  return path.join(resolveModuleDir(moduleUrl), "startup-scripts", fileName);
 }
 /**
 * @param {string | undefined} moduleUrl
 * @param {string} fileName
 * @returns {string}
 */
 export function getPathWrapperTemplatePath(moduleUrl, fileName) {
  return path.join(resolveModuleDir(moduleUrl), "path-wrappers", "templates", fileName);
 }
--- a/packages/safe-chain/src/config/settings.js
+++ b/packages/safe-chain/src/config/settings.js
@ -1,7 +1,6 @@
 import * as cliArguments from "./cliArguments.js";
 import * as configFile from "./configFile.js";
 import * as environmentVariables from "./environmentVariables.js";
 import { ui } from "../environment/userInteraction.js";
 export const LOGGING_SILENT = "silent";
 export const LOGGING_NORMAL = "normal";
@ -46,7 +45,7 @@ export function setEcoSystem(setting) {
  ecosystemSettings.ecoSystem = setting;
 }
-const defaultMinimumPackageAge = 48;
+const defaultMinimumPackageAge = 24;
 /** @returns {number} */
 export function getMinimumPackageAgeHours() {
  // Priority 1: CLI argument
@ -168,80 +167,3 @@ export function getPipCustomRegistries() {
  // Normalize each registry (remove protocol if any)
  return uniqueRegistries.map(normalizeRegistry);
 }
 /**
 * Parses comma-separated exclusions from environment variable
 * @param {string | undefined} envValue
 * @returns {string[]}
 */
 function parseExclusionsFromEnv(envValue) {
  if (!envValue || typeof envValue !== "string") {
    return [];
  }
  return envValue
    .split(",")
    .map((exclusion) => exclusion.trim())
    .filter((exclusion) => exclusion.length > 0);
 }
 /**
 * Gets the minimum package age exclusions from both environment variable and config file (merged)
 * @returns {string[]}
 */
 export function getMinimumPackageAgeExclusions() {
  const envExclusions = parseExclusionsFromEnv(
    environmentVariables.getMinimumPackageAgeExclusions()
  );
  const configExclusions = configFile.getMinimumPackageAgeExclusions();
  // Merge both sources and remove duplicates
  const allExclusions = [...envExclusions, ...configExclusions];
  return [...new Set(allExclusions)];
 }
 /**
 * Gets the malware list base URL with priority: CLI argument > environment variable > config file > default
 * @returns {string}
 */
 export function getMalwareListBaseUrl() {
  // Priority 1: CLI argument
  const cliValue = cliArguments.getMalwareListBaseUrl();
  if (cliValue) {
    const url = removeTrailingSlashes(cliValue);
    ui.writeVerbose(`Fetching malware lists from ${url} as defined by CLI argument --safe-chain-malware-list-base-url`);
    return url;
  }
  // Priority 2: Environment variable
  const envValue = environmentVariables.getMalwareListBaseUrl();
  if (envValue) {
    const url = removeTrailingSlashes(envValue);
    ui.writeVerbose(`Fetching malware lists from ${url} as defined by environment variable SAFE_CHAIN_MALWARE_LIST_BASE_URL`);
    return url;
  }
  // Priority 3: Config file
  const configValue = configFile.getMalwareListBaseUrl();
  if (configValue) {
    const url = removeTrailingSlashes(configValue);
    ui.writeVerbose(`Fetching malware lists from ${url} as defined by config file (malwareListBaseUrl)`);
    return url;
  }
  // Default
  return removeTrailingSlashes("https://malware-list.aikido.dev");
 }
 /**
 * Removes trailing slashes from a URL-like string.
 * @param {string} value
 * @returns {string}
 */
 function removeTrailingSlashes(value) {
  if (!value || typeof value !== "string") {
    return value;
  }
  return value.replace(/\/+$/, "");
 }
--- a/packages/safe-chain/src/config/settings.spec.js
+++ b/packages/safe-chain/src/config/settings.spec.js
@ -14,11 +14,6 @@ mock.module("fs", {
 const {
  getNpmCustomRegistries,
  getPipCustomRegistries,
  getMinimumPackageAgeExclusions,
  getMalwareListBaseUrl,
  setEcoSystem,
  ECOSYSTEM_JS,
  ECOSYSTEM_PY,
  getLoggingLevel,
  LOGGING_SILENT,
  LOGGING_NORMAL,
@ -370,278 +365,3 @@ describe("getLoggingLevel", () => {
    assert.strictEqual(level, LOGGING_NORMAL);
  });
 });
 describe("getMinimumPackageAgeExclusions", () => {
  let originalEnv;
  let originalLegacyEnv;
  const envVarName = "SAFE_CHAIN_MINIMUM_PACKAGE_AGE_EXCLUSIONS";
  const legacyEnvVarName = "SAFE_CHAIN_NPM_MINIMUM_PACKAGE_AGE_EXCLUSIONS";
  beforeEach(() => {
    originalEnv = process.env[envVarName];
    originalLegacyEnv = process.env[legacyEnvVarName];
    delete process.env[envVarName];
    delete process.env[legacyEnvVarName];
    setEcoSystem(ECOSYSTEM_JS);
  });
  afterEach(() => {
    if (originalEnv !== undefined) {
      process.env[envVarName] = originalEnv;
    } else {
      delete process.env[envVarName];
    }
    if (originalLegacyEnv !== undefined) {
      process.env[legacyEnvVarName] = originalLegacyEnv;
    } else {
      delete process.env[legacyEnvVarName];
    }
    configFileContent = undefined;
  });
  it("should return empty array when no exclusions configured", () => {
    configFileContent = undefined;
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, []);
  });
  it("should return exclusions from config file", () => {
    configFileContent = JSON.stringify({
      npm: {
        minimumPackageAgeExclusions: ["react", "@aikidosec/safe-chain"],
      },
    });
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["react", "@aikidosec/safe-chain"]);
  });
  it("should parse comma-separated exclusions from environment variable", () => {
    process.env[envVarName] = "lodash,express,@types/node";
    configFileContent = undefined;
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["lodash", "express", "@types/node"]);
  });
  it("should merge environment variable and config file exclusions", () => {
    process.env[envVarName] = "lodash";
    configFileContent = JSON.stringify({
      npm: {
        minimumPackageAgeExclusions: ["react"],
      },
    });
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["lodash", "react"]);
  });
  it("should remove duplicate exclusions when merging", () => {
    process.env[envVarName] = "lodash,react";
    configFileContent = JSON.stringify({
      npm: {
        minimumPackageAgeExclusions: ["react", "express"],
      },
    });
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["lodash", "react", "express"]);
  });
  it("should trim whitespace from environment variable exclusions", () => {
    process.env[envVarName] = "  lodash  ,  react  ";
    configFileContent = undefined;
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["lodash", "react"]);
  });
  it("should handle scoped packages", () => {
    configFileContent = JSON.stringify({
      npm: {
        minimumPackageAgeExclusions: ["@babel/core", "@types/react"],
      },
    });
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["@babel/core", "@types/react"]);
  });
  it("should handle empty strings in comma-separated list", () => {
    process.env[envVarName] = "lodash,,react,";
    configFileContent = undefined;
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["lodash", "react"]);
  });
  it("should return empty array for empty environment variable", () => {
    process.env[envVarName] = "";
    configFileContent = undefined;
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, []);
  });
  it("should return empty array for whitespace-only environment variable", () => {
    process.env[envVarName] = "   ,  ,  ";
    configFileContent = undefined;
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, []);
  });
  it("should filter non-string values from config file", () => {
    configFileContent = JSON.stringify({
      npm: {
        minimumPackageAgeExclusions: ["react", 123, null, "lodash", undefined],
      },
    });
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["react", "lodash"]);
  });
  it("should fall back to the legacy npm environment variable", () => {
    process.env[legacyEnvVarName] = "lodash,react";
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["lodash", "react"]);
  });
  it("should read exclusions from the python config when the current ecosystem is py", () => {
    setEcoSystem(ECOSYSTEM_PY);
    configFileContent = JSON.stringify({
      pip: {
        minimumPackageAgeExclusions: ["requests", "urllib3"],
      },
    });
    const exclusions = getMinimumPackageAgeExclusions();
    assert.deepStrictEqual(exclusions, ["requests", "urllib3"]);
  });
 });
 describe("getMalwareListBaseUrl", () => {
  let originalEnv;
  const envVarName = "SAFE_CHAIN_MALWARE_LIST_BASE_URL";
  beforeEach(() => {
    originalEnv = process.env[envVarName];
    delete process.env[envVarName];
    // Reset CLI arguments state
    initializeCliArguments([]);
  });
  afterEach(() => {
    if (originalEnv !== undefined) {
      process.env[envVarName] = originalEnv;
    } else {
      delete process.env[envVarName];
    }
    configFileContent = undefined;
  });
  it("should return default URL when nothing is configured", () => {
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://malware-list.aikido.dev");
  });
  it("should trim trailing slash from CLI argument", () => {
    initializeCliArguments(["--safe-chain-malware-list-base-url=https://cli-mirror.com/"]);
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://cli-mirror.com");
  });
  it("should trim trailing slash from environment variable", () => {
    process.env[envVarName] = "https://env-mirror.com/";
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://env-mirror.com");
  });
  it("should trim trailing slash from config file value", () => {
    configFileContent = JSON.stringify({
      malwareListBaseUrl: "https://config-mirror.com/",
    });
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://config-mirror.com");
  });
  it("should return CLI argument value with highest priority", () => {
    initializeCliArguments(["--safe-chain-malware-list-base-url=https://cli-mirror.com"]);
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://cli-mirror.com");
  });
  it("should return environment variable value when no CLI argument", () => {
    process.env[envVarName] = "https://env-mirror.com";
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://env-mirror.com");
  });
  it("should return config file value when no CLI or env", () => {
    configFileContent = JSON.stringify({
      malwareListBaseUrl: "https://config-mirror.com",
    });
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://config-mirror.com");
  });
  it("should prioritize CLI over environment variable", () => {
    process.env[envVarName] = "https://env-mirror.com";
    initializeCliArguments(["--safe-chain-malware-list-base-url=https://cli-mirror.com"]);
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://cli-mirror.com");
  });
  it("should prioritize environment variable over config file", () => {
    process.env[envVarName] = "https://env-mirror.com";
    configFileContent = JSON.stringify({
      malwareListBaseUrl: "https://config-mirror.com",
    });
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://env-mirror.com");
  });
  it("should prioritize CLI over config file", () => {
    initializeCliArguments(["--safe-chain-malware-list-base-url=https://cli-mirror.com"]);
    configFileContent = JSON.stringify({
      malwareListBaseUrl: "https://config-mirror.com",
    });
    const url = getMalwareListBaseUrl();
    assert.strictEqual(url, "https://cli-mirror.com");
  });
 });
--- a/packages/safe-chain/src/installLocation.js
+++ b/packages/safe-chain/src/installLocation.js
@ -1,42 +0,0 @@
 import path from "path";
 /** @type {NodeJS.Process & { pkg?: unknown }} */
 const processWithPkg = process;
 /**
 * @param {string} executablePath
 * @returns {string | undefined}
 */
 export function deriveInstallDirFromExecutablePath(executablePath) {
  if (!executablePath) {
    return undefined;
  }
  const pathLibrary = executablePath.includes("\\") ? path.win32 : path.posix;
  const executableDir = pathLibrary.dirname(executablePath);
  if (pathLibrary.basename(executableDir) !== "bin") {
    return undefined;
  }
  return pathLibrary.dirname(executableDir);
 }
 /**
 * Returns the install directory for a packaged safe-chain binary.
 * Custom installation directories only apply to packaged binary installs.
 * For npm/global/dev-script executions this intentionally returns undefined,
 * which causes callers to fall back to the default ~/.safe-chain layout.
 *
 * @param {{ isPackaged?: boolean, executablePath?: string }} [options]
 * @returns {string | undefined}
 */
 export function getInstalledSafeChainDir(options = {}) {
  const isPackaged = options.isPackaged ?? Boolean(processWithPkg.pkg);
  if (!isPackaged) {
    return undefined;
  }
  return deriveInstallDirFromExecutablePath(
    options.executablePath ?? process.execPath,
  );
 }
--- a/packages/safe-chain/src/installLocation.spec.js
+++ b/packages/safe-chain/src/installLocation.spec.js
@ -1,51 +0,0 @@
 import { describe, it } from "node:test";
 import assert from "node:assert";
 import {
  deriveInstallDirFromExecutablePath,
  getInstalledSafeChainDir,
 } from "./installLocation.js";
 describe("deriveInstallDirFromExecutablePath", () => {
  it("derives the install dir from a Unix binary path", () => {
    assert.strictEqual(
      deriveInstallDirFromExecutablePath("/usr/local/.safe-chain/bin/safe-chain"),
      "/usr/local/.safe-chain",
    );
  });
  it("derives the install dir from a Windows binary path", () => {
    assert.strictEqual(
      deriveInstallDirFromExecutablePath("C:\\ProgramData\\safe-chain\\bin\\safe-chain.exe"),
      "C:\\ProgramData\\safe-chain",
    );
  });
  it("returns undefined when the executable is not inside a bin directory", () => {
    assert.strictEqual(
      deriveInstallDirFromExecutablePath("/usr/local/.safe-chain/safe-chain"),
      undefined,
    );
  });
 });
 describe("getInstalledSafeChainDir", () => {
  it("returns undefined for non-packaged executions", () => {
    assert.strictEqual(
      getInstalledSafeChainDir({
        isPackaged: false,
        executablePath: "/usr/local/.safe-chain/bin/safe-chain",
      }),
      undefined,
    );
  });
  it("returns the install dir for packaged executions", () => {
    assert.strictEqual(
      getInstalledSafeChainDir({
        isPackaged: true,
        executablePath: "/usr/local/.safe-chain/bin/safe-chain",
      }),
      "/usr/local/.safe-chain",
    );
  });
 });
--- a/packages/safe-chain/src/main.js
+++ b/packages/safe-chain/src/main.js
@ -64,11 +64,7 @@ export async function main(args) {
    // Write all buffered logs
    ui.writeBufferedLogsAndStopBuffering();
-    if (proxy.hasBlockedMaliciousPackages()) {
+    if (!proxy.verifyNoMaliciousPackages()) {
      return 1;
    }
    if (proxy.hasBlockedMinimumAgeRequests()) {
      return 1;
    }
@ -77,20 +73,20 @@ export async function main(args) {
      ui.writeVerbose(
        `${chalk.green("✔")} Safe-chain: Scanned ${
          auditStats.totalPackages
-        } packages, no malware found.`,
+        } packages, no malware found.`
      );
    }
    if (proxy.hasSuppressedVersions()) {
      ui.writeInformation(
        `${chalk.yellow(
-          "ℹ",
+          "ℹ"
-        )} Safe-chain: Some package versions were suppressed during package metadata resolution due to minimum package age.`,
+        )} Safe-chain: Some package versions were suppressed due to minimum age requirement.`
      );
      ui.writeInformation(
        `  To disable this check, use: ${chalk.cyan(
-          "--safe-chain-skip-minimum-package-age",
+          "--safe-chain-skip-minimum-package-age"
-        )}`,
+        )}`
      );
    }
--- a/packages/safe-chain/src/packagemanager/_shared/commandErrors.js
+++ b/packages/safe-chain/src/packagemanager/_shared/commandErrors.js
@ -1,17 +0,0 @@
 import { ui } from "../../environment/userInteraction.js";
 /**
 * Centralized logging for package-manager command launch failures.
 *
 * @param {any} error - Error thrown by safeSpawn while preparing/running the command.
 * @param {string} command - Command name that failed to execute.
 * @returns {{status: number}}
 */
 export function reportCommandExecutionFailure(error, command) {
  const message = typeof error?.message === "string" ? error.message : "Unknown error";
  ui.writeError(`Error executing command: ${message}`);
  ui.writeError(`Is '${command}' installed and available on your system?`);
  return { status: typeof error?.status === "number" ? error.status : 1 };
 }
--- a/packages/safe-chain/src/packagemanager/_shared/commandErrors.spec.js
+++ b/packages/safe-chain/src/packagemanager/_shared/commandErrors.spec.js
@ -1,59 +0,0 @@
 import { describe, it, beforeEach, afterEach, mock } from "node:test";
 import assert from "node:assert";
 describe("reportCommandExecutionFailure", () => {
  let errorLines;
  beforeEach(async () => {
    errorLines = [];
    mock.module("../../environment/userInteraction.js", {
      namedExports: {
        ui: {
          writeError: (...args) => {
            errorLines.push(args.join(" "));
          },
        },
      },
    });
  });
  afterEach(() => {
    mock.reset();
  });
  it("reports command errors while preserving exit status", async () => {
    const { reportCommandExecutionFailure } = await import("./commandErrors.js");
    const result = reportCommandExecutionFailure(
      {
        status: 127,
        message: "Command failed: command -v bun",
      },
      "bun",
    );
    assert.deepStrictEqual(result, { status: 127 });
    assert.deepStrictEqual(errorLines, [
      "Error executing command: Command failed: command -v bun",
      "Is 'bun' installed and available on your system?",
    ]);
  });
  it("falls back to exit code 1 when status is missing", async () => {
    const { reportCommandExecutionFailure } = await import("./commandErrors.js");
    const result = reportCommandExecutionFailure(
      {
        message: "Network error",
      },
      "npm",
    );
    assert.deepStrictEqual(result, { status: 1 });
    assert.deepStrictEqual(errorLines, [
      "Error executing command: Network error",
      "Is 'npm' installed and available on your system?",
    ]);
  });
 });
--- a/packages/safe-chain/src/packagemanager/bun/createBunPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/bun/createBunPackageManager.js
@ -1,6 +1,6 @@
 import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @returns {import("../currentPackageManager.js").PackageManager}
@ -43,6 +43,11 @@ async function runBunCommand(command, args) {
    });
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, command);
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError("Error executing command:", error.message);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/currentPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/currentPackageManager.js
@ -13,10 +13,6 @@ import { createPipPackageManager } from "./pip/createPackageManager.js";
 import { createUvPackageManager } from "./uv/createUvPackageManager.js";
 import { createPoetryPackageManager } from "./poetry/createPoetryPackageManager.js";
 import { createPipXPackageManager } from "./pipx/createPipXPackageManager.js";
 import { createPdmPackageManager } from "./pdm/createPdmPackageManager.js";
 import { createRushPackageManager } from "./rush/createRushPackageManager.js";
 import { createRushxPackageManager } from "./rushx/createRushxPackageManager.js";
 import { createUvxPackageManager } from "./uvx/createUvxPackageManager.js";
 /**
 * @type {{packageManagerName: PackageManager | null}}
@ -64,18 +60,10 @@ export function initializePackageManager(packageManagerName, context) {
    state.packageManagerName = createPipPackageManager(context);
  } else if (packageManagerName === "uv") {
    state.packageManagerName = createUvPackageManager();
  } else if (packageManagerName === "uvx") {
    state.packageManagerName = createUvxPackageManager();
  } else if (packageManagerName === "poetry") {
    state.packageManagerName = createPoetryPackageManager();
  } else if (packageManagerName === "pipx") {
    state.packageManagerName = createPipXPackageManager();
  } else if (packageManagerName === "pdm") {
    state.packageManagerName = createPdmPackageManager();
  } else if (packageManagerName === "rush") {
    state.packageManagerName = createRushPackageManager();
  } else if (packageManagerName === "rushx") {
    state.packageManagerName = createRushxPackageManager();
  } else {
    throw new Error("Unsupported package manager: " + packageManagerName);
  }
--- a/packages/safe-chain/src/packagemanager/npm/runNpmCommand.js
+++ b/packages/safe-chain/src/packagemanager/npm/runNpmCommand.js
@ -1,6 +1,6 @@
 import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @param {string[]} args
@ -15,6 +15,11 @@ export async function runNpm(args) {
    });
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, "npm");
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError("Error executing command:", error.message);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/npx/runNpxCommand.js
+++ b/packages/safe-chain/src/packagemanager/npx/runNpxCommand.js
@ -1,6 +1,6 @@
 import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @param {string[]} args
@ -15,6 +15,11 @@ export async function runNpx(args) {
    });
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, "npx");
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError("Error executing command:", error.message);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/pdm/createPdmPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/pdm/createPdmPackageManager.js
@ -1,72 +0,0 @@
 import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @returns {import("../currentPackageManager.js").PackageManager}
 */
 export function createPdmPackageManager() {
  return {
    runCommand: (args) => runPdmCommand(args),
    // MITM only approach for PDM
    isSupportedCommand: () => false,
    getDependencyUpdatesForCommand: () => [],
  };
 }
 /**
 * Sets CA bundle environment variables used by PDM and Python libraries.
 * PDM uses httpx (via unearth) which respects SSL_CERT_FILE through Python's ssl module.
 *
 * @param {NodeJS.ProcessEnv} env - Environment object to modify
 * @param {string} combinedCaPath - Path to the combined CA bundle
 */
 function setPdmCaBundleEnvironmentVariables(env, combinedCaPath) {
  // SSL_CERT_FILE: Used by Python SSL libraries and httpx (which PDM uses)
  if (env.SSL_CERT_FILE) {
    ui.writeWarning("Safe-chain: User defined SSL_CERT_FILE found in environment. It will be overwritten.");
  }
  env.SSL_CERT_FILE = combinedCaPath;
  // REQUESTS_CA_BUNDLE: Used by the requests library (PDM plugins may use it)
  if (env.REQUESTS_CA_BUNDLE) {
    ui.writeWarning("Safe-chain: User defined REQUESTS_CA_BUNDLE found in environment. It will be overwritten.");
  }
  env.REQUESTS_CA_BUNDLE = combinedCaPath;
  // PIP_CERT: PDM may use pip internally
  if (env.PIP_CERT) {
    ui.writeWarning("Safe-chain: User defined PIP_CERT found in environment. It will be overwritten.");
  }
  env.PIP_CERT = combinedCaPath;
 }
 /**
 * Runs a pdm command with safe-chain's certificate bundle and proxy configuration.
 *
 * PDM respects standard HTTP_PROXY/HTTPS_PROXY environment variables through
 * httpx which it uses for package downloads.
 *
 * @param {string[]} args - Command line arguments to pass to pdm
 * @returns {Promise<{status: number}>} Exit status of the pdm command
 */
 async function runPdmCommand(args) {
  try {
    const env = mergeSafeChainProxyEnvironmentVariables(process.env);
    const combinedCaPath = getCombinedCaBundlePath();
    setPdmCaBundleEnvironmentVariables(env, combinedCaPath);
    const result = await safeSpawn("pdm", args, {
      stdio: "inherit",
      env,
    });
    return { status: result.status };
  } catch (/** @type any */ error) {
    return reportCommandExecutionFailure(error, "pdm");
  }
 }
--- a/packages/safe-chain/src/packagemanager/pdm/createPdmPackageManager.spec.js
+++ b/packages/safe-chain/src/packagemanager/pdm/createPdmPackageManager.spec.js
@ -1,14 +0,0 @@
 import { test } from "node:test";
 import assert from "node:assert";
 import { createPdmPackageManager } from "./createPdmPackageManager.js";
 test("createPdmPackageManager", async (t) => {
  await t.test("should create package manager with required interface", () => {
    const pm = createPdmPackageManager();
    assert.ok(pm);
    assert.strictEqual(typeof pm.runCommand, "function");
    assert.strictEqual(typeof pm.isSupportedCommand, "function");
    assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
  });
 });
--- a/packages/safe-chain/src/packagemanager/pip/runPipCommand.js
+++ b/packages/safe-chain/src/packagemanager/pip/runPipCommand.js
@ -9,7 +9,6 @@ import os from "node:os";
 import path from "node:path";
 import ini from "ini";
 import { spawn } from "child_process";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * Checks if this pip invocation should bypass safe-chain and spawn directly.
@ -204,6 +203,12 @@ export async function runPip(command, args) {
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, command);
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError(`Error executing command: ${error.message}`);
      ui.writeError(`Is '${command}' installed and available on your system?`);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/pipx/runPipXCommand.js
+++ b/packages/safe-chain/src/packagemanager/pipx/runPipXCommand.js
@ -2,7 +2,6 @@ import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * Sets CA bundle environment variables used by Python libraries and pipx.
@ -55,6 +54,12 @@ export async function runPipX(command, args) {
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, command);
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError(`Error executing command: ${error.message}`);
      ui.writeError(`Is '${command}' installed and available on your system?`);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/pnpm/runPnpmCommand.js
+++ b/packages/safe-chain/src/packagemanager/pnpm/runPnpmCommand.js
@ -1,6 +1,6 @@
 import { ui } from "../../environment/userInteraction.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @param {string[]} args
@ -26,7 +26,11 @@ export async function runPnpmCommand(args, toolName = "pnpm") {
    return { status: result.status };
  } catch (/** @type any */ error) {
-    const target = toolName === "pnpm" ? "pnpm" : "pnpx";
+    if (error.status) {
-    return reportCommandExecutionFailure(error, target);
+      return { status: error.status };
    } else {
      ui.writeError("Error executing command:", error.message);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/poetry/createPoetryPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/poetry/createPoetryPackageManager.js
@ -2,7 +2,6 @@ import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @returns {import("../currentPackageManager.js").PackageManager}
@ -67,6 +66,12 @@ async function runPoetryCommand(args) {
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, "poetry");
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError("Error executing command:", error.message);
      ui.writeError("Is 'poetry' installed and available on your system?");
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/rush/createRushPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/rush/createRushPackageManager.js
@ -1,64 +0,0 @@
 import { runRushCommand } from "./runRushCommand.js";
 import { resolvePackageVersion } from "../../api/npmApi.js";
 import { parsePackagesFromRushAddArgs } from "./parsing/parsePackagesFromRushAddArgs.js";
 /**
 * @returns {import("../currentPackageManager.js").PackageManager}
 */
 export function createRushPackageManager() {
  return {
    runCommand: (args) => runRushCommand("rush", args),
    // We pre-scan rush add commands and rely on MITM for install/update flows.
    isSupportedCommand: (args) => getRushCommand(args) === "add",
    getDependencyUpdatesForCommand: scanRushAddCommand,
  };
 }
 /**
 * @param {string[]} args
 * @returns {Promise<import("../currentPackageManager.js").GetDependencyUpdatesResult[]>}
 */
 async function scanRushAddCommand(args) {
  if (getRushCommand(args) !== "add") {
    return [];
  }
  const parsedSpecs = parsePackagesFromRushAddArgs(args.slice(1));
  const resolvedVersions = await Promise.all(
    parsedSpecs.map(async (parsed) => {
      const exactVersion = await resolvePackageVersion(parsed.name, parsed.version);
      return {
        parsed,
        exactVersion,
      };
    }),
  );
  const changes = [];
  for (const resolved of resolvedVersions) {
    if (!resolved.exactVersion) {
      continue;
    }
    changes.push({
      name: resolved.parsed.name,
      version: resolved.exactVersion,
      type: "add",
    });
  }
  return changes;
 }
 /**
 * @param {string[]} args
 * @returns {string | undefined}
 */
 function getRushCommand(args) {
  if (!args || args.length === 0) {
    return undefined;
  }
  return args[0]?.toLowerCase();
 }
--- a/packages/safe-chain/src/packagemanager/rush/createRushPackageManager.spec.js
+++ b/packages/safe-chain/src/packagemanager/rush/createRushPackageManager.spec.js
@ -1,66 +0,0 @@
 import { test, mock } from "node:test";
 import assert from "node:assert";
 test("createRushPackageManager", async (t) => {
  mock.module("../../api/npmApi.js", {
    namedExports: {
      resolvePackageVersion: async (name, version) => {
        if (name === "safe-chain-test") {
          return "0.0.1-security";
        }
        if (name === "@scope/tool") {
          return version || "2.0.0";
        }
        return null;
      },
    },
  });
  try {
    const { createRushPackageManager } = await import("./createRushPackageManager.js");
    await t.test("should create package manager with required interface", () => {
      const pm = createRushPackageManager();
      assert.ok(pm);
      assert.strictEqual(typeof pm.runCommand, "function");
      assert.strictEqual(typeof pm.isSupportedCommand, "function");
      assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
    });
    await t.test("should scan rush add commands", () => {
      const pm = createRushPackageManager();
      assert.strictEqual(pm.isSupportedCommand(["add", "--package", "safe-chain-test"]), true);
      assert.strictEqual(pm.isSupportedCommand(["install"]), false);
    });
    await t.test("should parse rush add package specs and resolve versions", async () => {
      const pm = createRushPackageManager();
      const changes = await pm.getDependencyUpdatesForCommand([
        "add",
        "--package",
        "safe-chain-test",
        "--package=@scope/tool@1.2.3",
      ]);
      assert.deepStrictEqual(changes, [
        { name: "safe-chain-test", version: "0.0.1-security", type: "add" },
        { name: "@scope/tool", version: "1.2.3", type: "add" },
      ]);
    });
    await t.test("should return no changes for non-add commands", async () => {
      const pm = createRushPackageManager();
      const changes = await pm.getDependencyUpdatesForCommand(["install"]);
      assert.deepStrictEqual(changes, []);
    });
  } finally {
    mock.reset();
  }
 });
--- a/packages/safe-chain/src/packagemanager/rush/parsing/parsePackagesFromRushAddArgs.js
+++ b/packages/safe-chain/src/packagemanager/rush/parsing/parsePackagesFromRushAddArgs.js
@ -1,71 +0,0 @@
 /**
 * @param {string[]} args
 * @returns {{name: string, version: string | null}[]}
 */
 export function parsePackagesFromRushAddArgs(args) {
  const packageSpecs = [];
  for (let i = 0; i < args.length; i++) {
    const arg = args[i];
    if (!arg) {
      continue;
    }
    if (arg === "--package" || arg === "-p") {
      const next = args[i + 1];
      if (next && !next.startsWith("-")) {
        packageSpecs.push(next);
        i += 1;
      }
      continue;
    }
    if (arg.startsWith("--package=")) {
      const value = arg.slice("--package=".length);
      if (value) {
        packageSpecs.push(value);
      }
    }
  }
  return packageSpecs
    .map((spec) => parsePackageSpec(spec))
    .filter((spec) => spec !== null);
 }
 /**
 * @param {string} spec
 * @returns {{name: string, version: string | null} | null}
 */
 function parsePackageSpec(spec) {
  const value = removeAlias(spec.trim());
  if (!value) {
    return null;
  }
  const lastAtIndex = value.lastIndexOf("@");
  if (lastAtIndex > 0) {
    return {
      name: value.slice(0, lastAtIndex),
      version: value.slice(lastAtIndex + 1),
    };
  }
  return {
    name: value,
    version: null,
  };
 }
 /**
 * @param {string} spec
 * @returns {string}
 */
 function removeAlias(spec) {
  const aliasIndex = spec.indexOf("@npm:");
  if (aliasIndex !== -1) {
    return spec.slice(aliasIndex + 5);
  }
  return spec;
 }
--- a/packages/safe-chain/src/packagemanager/rush/parsing/parsePackagesFromRushAddArgs.spec.js
+++ b/packages/safe-chain/src/packagemanager/rush/parsing/parsePackagesFromRushAddArgs.spec.js
@ -1,49 +0,0 @@
 import { describe, it } from "node:test";
 import assert from "node:assert";
 import { parsePackagesFromRushAddArgs } from "./parsePackagesFromRushAddArgs.js";
 describe("parsePackagesFromRushAddArgs", () => {
  it("returns an empty array when no packages are provided", () => {
    const result = parsePackagesFromRushAddArgs([]);
    assert.deepEqual(result, []);
  });
  it("parses packages from --package arguments", () => {
    const result = parsePackagesFromRushAddArgs([
      "--package",
      "axios@1.9.0",
      "--package",
      "@scope/tool@2.0.0",
    ]);
    assert.deepEqual(result, [
      { name: "axios", version: "1.9.0" },
      { name: "@scope/tool", version: "2.0.0" },
    ]);
  });
  it("parses packages from -p arguments", () => {
    const result = parsePackagesFromRushAddArgs(["-p", "axios"]);
    assert.deepEqual(result, [{ name: "axios", version: null }]);
  });
  it("parses packages from --package=value arguments", () => {
    const result = parsePackagesFromRushAddArgs(["--package=axios@^1.9.0"]);
    assert.deepEqual(result, [{ name: "axios", version: "^1.9.0" }]);
  });
  it("ignores positional packages because rush add requires --package", () => {
    const result = parsePackagesFromRushAddArgs(["axios", "--dev"]);
    assert.deepEqual(result, []);
  });
  it("parses aliases", () => {
    const result = parsePackagesFromRushAddArgs(["--package", "server@npm:axios@1.9.0"]);
    assert.deepEqual(result, [{ name: "axios", version: "1.9.0" }]);
  });
 });
--- a/packages/safe-chain/src/packagemanager/rush/runRushCommand.js
+++ b/packages/safe-chain/src/packagemanager/rush/runRushCommand.js
@ -1,21 +0,0 @@
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @param {"rush" | "rushx"} executableName
 * @param {string[]} args
 * @returns {Promise<{status: number}>}
 */
 export async function runRushCommand(executableName, args) {
  try {
    const result = await safeSpawn(executableName, args, {
      stdio: "inherit",
      env: mergeSafeChainProxyEnvironmentVariables(process.env),
    });
    return { status: result.status };
  } catch (/** @type any */ error) {
    return reportCommandExecutionFailure(error, executableName);
  }
 }
--- a/packages/safe-chain/src/packagemanager/rush/runRushCommand.spec.js
+++ b/packages/safe-chain/src/packagemanager/rush/runRushCommand.spec.js
@ -1,109 +0,0 @@
 import { describe, it, beforeEach, afterEach, mock } from "node:test";
 import assert from "node:assert";
 describe("runRushCommand", () => {
  let runRushCommand;
  let safeSpawnMock;
  let mergeCalls;
  let mergeResultEnv;
  let nextSpawnStatus;
  let nextSpawnError;
  beforeEach(async () => {
    mergeCalls = [];
    mergeResultEnv = null;
    nextSpawnStatus = 0;
    nextSpawnError = null;
    safeSpawnMock = mock.fn(async () => {
      if (nextSpawnError) {
        const error = nextSpawnError;
        nextSpawnError = null;
        throw error;
      }
      return { status: nextSpawnStatus };
    });
    mock.module("../../utils/safeSpawn.js", {
      namedExports: {
        safeSpawn: safeSpawnMock,
      },
    });
    mock.module("../../registryProxy/registryProxy.js", {
      namedExports: {
        mergeSafeChainProxyEnvironmentVariables: (env) => {
          mergeCalls.push(env);
          if (mergeResultEnv) {
            return mergeResultEnv;
          }
          return {
            ...env,
            HTTPS_PROXY: "http://localhost:8080",
          };
        },
      },
    });
    // commandErrors reports through ui on failures, so provide a no-op mock
    mock.module("../../environment/userInteraction.js", {
      namedExports: {
        ui: {
          writeError: () => {},
        },
      },
    });
    const mod = await import("./runRushCommand.js");
    runRushCommand = mod.runRushCommand;
  });
  afterEach(() => {
    mock.reset();
  });
  it("spawns rush with merged proxy env", async () => {
    const res = await runRushCommand("rush", ["install"]);
    assert.strictEqual(res.status, 0);
    assert.strictEqual(safeSpawnMock.mock.calls.length, 1);
    const [command, args, options] = safeSpawnMock.mock.calls[0].arguments;
    assert.strictEqual(command, "rush");
    assert.deepStrictEqual(args, ["install"]);
    assert.strictEqual(options.stdio, "inherit");
    assert.strictEqual(options.env.HTTPS_PROXY, "http://localhost:8080");
    assert.ok(mergeCalls.length >= 1, "proxy env merge should be called");
  });
  it("returns spawn result status", async () => {
    nextSpawnStatus = 7;
    const res = await runRushCommand("rush", ["update"]);
    assert.strictEqual(res.status, 7);
  });
  it("reports failures with rush target", async () => {
    nextSpawnError = Object.assign(new Error("spawn failed"), {
      code: "ENOENT",
    });
    const res = await runRushCommand("rush", ["install"]);
    assert.strictEqual(res.status, 1);
  });
  it("does not mutate merged env object", async () => {
    mergeResultEnv = {
      HTTPS_PROXY: "http://localhost:8080",
    };
    await runRushCommand("rush", ["install"]);
    assert.deepStrictEqual(mergeResultEnv, {
      HTTPS_PROXY: "http://localhost:8080",
    });
  });
 });
--- a/packages/safe-chain/src/packagemanager/rushx/createRushxPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/rushx/createRushxPackageManager.js
@ -1,18 +0,0 @@
 import { runRushCommand } from "../rush/runRushCommand.js";
 /**
 * @returns {import("../currentPackageManager.js").PackageManager}
 */
 export function createRushxPackageManager() {
  return {
    /**
     * @param {string[]} args
     */
    runCommand: (args) => {
      return runRushCommand("rushx", args);
    },
    // For rushx, rely solely on MITM.
    isSupportedCommand: () => false,
    getDependencyUpdatesForCommand: () => [],
  };
 }
--- a/packages/safe-chain/src/packagemanager/rushx/createRushxPackageManager.spec.js
+++ b/packages/safe-chain/src/packagemanager/rushx/createRushxPackageManager.spec.js
@ -1,14 +0,0 @@
 import { test } from "node:test";
 import assert from "node:assert";
 import { createRushxPackageManager } from "./createRushxPackageManager.js";
 test("createRushxPackageManager returns valid package manager interface", () => {
  const pm = createRushxPackageManager();
  assert.ok(pm);
  assert.strictEqual(typeof pm.runCommand, "function");
  assert.strictEqual(typeof pm.isSupportedCommand, "function");
  assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
  assert.strictEqual(pm.isSupportedCommand(), false);
  assert.deepStrictEqual(pm.getDependencyUpdatesForCommand(), []);
 });
--- a/packages/safe-chain/src/packagemanager/uv/runUvCommand.js
+++ b/packages/safe-chain/src/packagemanager/uv/runUvCommand.js
@ -2,7 +2,6 @@ import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * Sets CA bundle environment variables used by Python libraries and uv.
@ -61,6 +60,12 @@ export async function runUv(command, args) {
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, command);
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError(`Error executing command: ${error.message}`);
      ui.writeError(`Is '${command}' installed and available on your system?`);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.js
+++ b/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.js
@ -1,18 +0,0 @@
 import { runUv } from "../uv/runUvCommand.js";
 /**
 * @returns {import("../currentPackageManager.js").PackageManager}
 */
 export function createUvxPackageManager() {
  return {
    /**
     * @param {string[]} args
     */
    runCommand: (args) => {
      return runUv("uvx", args);
    },
    // For uvx, rely solely on MITM
    isSupportedCommand: () => false,
    getDependencyUpdatesForCommand: () => [],
  };
 }
--- a/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.spec.js
+++ b/packages/safe-chain/src/packagemanager/uvx/createUvxPackageManager.spec.js
@ -1,14 +0,0 @@
 import { test } from "node:test";
 import assert from "node:assert";
 import { createUvxPackageManager } from "./createUvxPackageManager.js";
 test("createUvxPackageManager returns valid package manager interface", () => {
  const pm = createUvxPackageManager();
  assert.ok(pm);
  assert.strictEqual(typeof pm.runCommand, "function");
  assert.strictEqual(typeof pm.isSupportedCommand, "function");
  assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
  assert.strictEqual(pm.isSupportedCommand(), false);
  assert.deepStrictEqual(pm.getDependencyUpdatesForCommand(), []);
 });
--- a/packages/safe-chain/src/packagemanager/yarn/runYarnCommand.js
+++ b/packages/safe-chain/src/packagemanager/yarn/runYarnCommand.js
@ -1,6 +1,6 @@
 import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
 /**
 * @param {string[]} args
@ -18,7 +18,12 @@ export async function runYarnCommand(args) {
    });
    return { status: result.status };
  } catch (/** @type any */ error) {
-    return reportCommandExecutionFailure(error, "yarn");
+    if (error.status) {
      return { status: error.status };
    } else {
      ui.writeError("Error executing command:", error.message);
      return { status: 1 };
    }
  }
 }
--- a/packages/safe-chain/src/registryProxy/certBundle.js
+++ b/packages/safe-chain/src/registryProxy/certBundle.js
@ -8,9 +8,6 @@ import { X509Certificate } from "node:crypto";
 import { getCaCertPath } from "./certUtils.js";
 import { ui } from "../environment/userInteraction.js";
 /** @type {string | null} */
 let bundlePath = null;
 /**
 * Check if a PEM string contains only parsable cert blocks.
 * @param {string} pem - PEM-encoded certificate string
@ -57,11 +54,6 @@ function isParsable(pem) {
 * @returns {string} Path to the combined CA bundle PEM file
 */
 export function getCombinedCaBundlePath() {
  if (bundlePath)
  {
    return bundlePath;
  }
  const parts = [];
  // 1) Safe Chain CA (for MITM'd registries)
@ -107,23 +99,9 @@ export function getCombinedCaBundlePath() {
  }
  const combined = parts.filter(Boolean).join("\n");
-  bundlePath = path.join(os.tmpdir(), `safe-chain-ca-bundle-${Date.now()}.pem`);
+  const target = path.join(os.tmpdir(), `safe-chain-ca-bundle-${Date.now()}.pem`);
-  fs.writeFileSync(bundlePath, combined, { encoding: "utf8" });
+  fs.writeFileSync(target, combined, { encoding: "utf8" });
-  return bundlePath;
+  return target;
 }
 /**
 * Remove the generated CA bundle file from disk.
 */
 export function cleanupCertBundle() {
  if (bundlePath) {
    try {
      fs.unlinkSync(bundlePath);
    } catch (err) {
      ui.writeVerbose(`Failed to cleanup the create bundle at ${bundlePath}`, err)
    }
    bundlePath = null;
  }
 }
 /**
--- a/packages/safe-chain/src/registryProxy/certUtils.js
+++ b/packages/safe-chain/src/registryProxy/certUtils.js
@ -1,8 +1,9 @@
 import forge from "node-forge";
 import path from "path";
 import fs from "fs";
-import { getCertsDir } from "../config/safeChainDir.js";
+import os from "os";
 const certFolder = path.join(os.homedir(), ".safe-chain", "certs");
 const ca = loadCa();
 const certCache = new Map();
@ -19,7 +20,7 @@ function createKeyIdentifier(publicKey) {
 }
 export function getCaCertPath() {
-  return path.join(getCertsDir(), "ca-cert.pem");
+  return path.join(certFolder, "ca-cert.pem");
 }
 /**
@ -111,7 +112,6 @@ export function generateCertForHost(hostname) {
 }
 function loadCa() {
  const certFolder = getCertsDir();
  const keyPath = path.join(certFolder, "ca-key.pem");
  const certPath = path.join(certFolder, "ca-cert.pem");
--- a/packages/safe-chain/src/registryProxy/certUtils.spec.js
+++ b/packages/safe-chain/src/registryProxy/certUtils.spec.js
@ -1,71 +0,0 @@
 import { describe, it, beforeEach, afterEach, mock } from "node:test";
 import assert from "node:assert";
 describe("certUtils", () => {
  let installedSafeChainDir;
  beforeEach(() => {
    installedSafeChainDir = undefined;
    mock.module("../config/safeChainDir.js", {
      namedExports: {
        getSafeChainBaseDir: () => installedSafeChainDir ?? "/home/test/.safe-chain",
        getCertsDir: () => `${installedSafeChainDir ?? "/home/test/.safe-chain"}/certs`,
      },
    });
  });
  afterEach(() => {
    mock.reset();
  });
  it("stores CA certificates in the packaged install dir when available", async () => {
    installedSafeChainDir = "/custom/safe-chain";
    mock.module("fs", {
      defaultExport: {
        existsSync: () => false,
        mkdirSync: () => {},
        writeFileSync: () => {},
      },
    });
    mock.module("node-forge", {
      defaultExport: {
        pki: {
          getPublicKeyFingerprint: () => "fingerprint",
          rsa: {
            generateKeyPair: () => ({
              publicKey: "public-key",
              privateKey: "private-key",
            }),
          },
          createCertificate: () => ({
            publicKey: null,
            serialNumber: "",
            validity: {
              notBefore: new Date(),
              notAfter: new Date(),
            },
            setSubject: () => {},
            setIssuer: () => {},
            setExtensions: () => {},
            sign: () => {},
          }),
          privateKeyToPem: () => "private-key-pem",
          certificateToPem: () => "certificate-pem",
        },
        md: {
          sha1: { create: () => "sha1" },
          sha256: { create: () => "sha256" },
        },
      },
    });
    const { getCaCertPath } = await import("./certUtils.js");
    assert.strictEqual(
      getCaCertPath(),
      "/custom/safe-chain/certs/ca-cert.pem",
    );
  });
 });
--- a/packages/safe-chain/src/registryProxy/createRamaProxy.js
+++ b/packages/safe-chain/src/registryProxy/createRamaProxy.js
@ -0,0 +1,102 @@
 import { ChildProcess, spawn } from "node:child_process";
 import { existsSync } from "node:fs";
 import { mkdtempSync, readFile, writeFile } from "node:fs";
 import { tmpdir } from "node:os";
 import { dirname, join } from "node:path";
 import { promisify } from "node:util";
 import { ui } from "../environment/userInteraction.js";
 const readFilePromise = promisify(readFile);
 const writeFilePromise = promisify(writeFile);
 /**
 * @typedef {Object} RamaProxyInstance
 * @property {ChildProcess} process
 * @property {string} proxyAddress
 * @property {string} metaAddress
 * @property {string} certPath
 */
 /**
 * @returns {String | null}
 */
 export function getRamaPath() {
  const executableDir = dirname(process.execPath);
  const ramaPath = join(executableDir, "safechain-proxy");
  ui.writeWarning(ramaPath);
  if (existsSync(ramaPath)) {
    return ramaPath;
  }
  return null;
 }
 /**
 * @param {string} ramaPath
 *
 * @returns {import("./registryProxy.js").SafeChainProxy} */
 export function createRamaProxy(ramaPath) {
  const tempDir = mkdtempSync(join(tmpdir(), "safe-chain-proxy-"));
  /** @type {RamaProxyInstance | null} */
  let ramaInstance = null;
  return {
    startServer: async () => {
      ramaInstance = await startRama(ramaPath, tempDir);
      ui.writeInformation(
        `Proxy started at address "${ramaInstance.proxyAddress}"`
      );
    },
    stopServer: async () => {
      if (ramaInstance) {
        ramaInstance.process.kill();
      }
      return Promise.resolve();
    },
    verifyNoMaliciousPackages: () => true,
    hasSuppressedVersions: () => false,
    getServerPort: () => {
      if (!ramaInstance) return null;
      const url = new URL(`http://${ramaInstance.proxyAddress}`);
      return url.port ? parseInt(url.port, 10) : null;
    },
    getCombinedCaBundlePath: () => ramaInstance?.certPath ?? "",
  };
 }
 /**
 * @param {string} ramaPath
 * @param {string} dataFolder
 * @returns {Promise<RamaProxyInstance>}
 */
 async function startRama(ramaPath, dataFolder) {
  let process = spawn(ramaPath, ["--secrets", "memory", "--data", dataFolder], {
    stdio: "inherit",
  });
  // wait some time to allow the proxy process to start
  await new Promise((resolve) => setTimeout(resolve, 5000));
  const proxyAddress = await readFilePromise(
    join(dataFolder, "proxy.addr.txt"),
    "utf-8"
  );
  const metaAddress = await readFilePromise(
    join(dataFolder, "meta.addr.txt"),
    "utf-8"
  );
  const certResponse = await fetch(`http://${metaAddress}/ca`);
  const cert = await certResponse.text();
  const certPath = join(dataFolder, "cert.ca");
  await writeFilePromise(certPath, cert);
  return {
    process,
    proxyAddress,
    metaAddress,
    certPath,
  };
 }
--- a/packages/safe-chain/src/registryProxy/http-utils.js
+++ b/packages/safe-chain/src/registryProxy/http-utils.js
@ -15,66 +15,3 @@ export function getHeaderValueAsString(headers, headerName) {
  return header;
 }
 /**
 * Returns a copy of headers without the provided header names, matched
 * either exactly or case-insensitively.
 *
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @param {string[]} headerNames
 * @param {{ caseInsensitive?: boolean }} [options]
 * @returns {NodeJS.Dict<string | string[]> | undefined}
 */
 export function omitHeaders(headers, headerNames, options = {}) {
  if (!headers) {
    return headers;
  }
  const omittedHeaderNames = new Set(
    options.caseInsensitive
      ? headerNames.map((name) => name.toLowerCase())
      : headerNames
  );
  /** @type {NodeJS.Dict<string | string[]>} */
  const filteredHeaders = {};
  for (const [headerName, value] of Object.entries(headers)) {
    const comparableHeaderName = options.caseInsensitive
      ? headerName.toLowerCase()
      : headerName;
    if (!omittedHeaderNames.has(comparableHeaderName)) {
      filteredHeaders[headerName] = value;
    }
  }
  return filteredHeaders;
 }
 /**
 * Remove headers that become stale when the response body is modified.
 *
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @returns {void}
 */
 export function clearCachingHeaders(headers) {
  if (!headers) {
    return;
  }
  const filteredHeaders = omitHeaders(headers, [
    "etag",
    "last-modified",
    "cache-control",
    "content-length",
  ]);
  if (!filteredHeaders) {
    return;
  }
  for (const key of Object.keys(headers)) {
    delete headers[key];
  }
  Object.assign(headers, filteredHeaders);
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/createInterceptorForEcoSystem.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/createInterceptorForEcoSystem.js
@ -4,7 +4,7 @@ import {
  getEcoSystem,
 } from "../../config/settings.js";
 import { npmInterceptorForUrl } from "./npm/npmInterceptor.js";
-import { pipInterceptorForUrl } from "./pip/pipInterceptor.js";
+import { pipInterceptorForUrl } from "./pipInterceptor.js";
 /**
 * @param {string} url
--- a/packages/safe-chain/src/registryProxy/interceptors/interceptorBuilder.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/interceptorBuilder.js
@ -10,7 +10,6 @@ import { EventEmitter } from "events";
 * @typedef {Object} RequestInterceptionContext
 * @property {string} targetUrl
 * @property {(packageName: string | undefined, version: string | undefined) => void} blockMalware
 * @property {(packageName: string, version: string, message: string) => void} blockMinimumAgeRequest
 * @property {(modificationFunc: (headers: NodeJS.Dict<string | string[]>) => NodeJS.Dict<string | string[]>) => void} modifyRequestHeaders
 * @property {(modificationFunc: (body: Buffer, headers: NodeJS.Dict<string | string[]> | undefined) => Buffer) => void} modifyBody
 * @property {() => RequestInterceptionHandler} build
@ -27,12 +26,6 @@ import { EventEmitter } from "events";
 * @property {string} version
 * @property {string} targetUrl
 * @property {number} timestamp
 *
 * @typedef {Object} MinimumAgeRequestBlockedEvent
 * @property {string} packageName
 * @property {string} version
 * @property {string} targetUrl
 * @property {number} timestamp
 */
 /**
@ -88,7 +81,10 @@ function createRequestContext(targetUrl, eventEmitter) {
   * @param {string | undefined} version
   */
  function blockMalwareSetup(packageName, version) {
-    blockResponse = createBlockResponse("Forbidden - blocked by safe-chain");
+    blockResponse = {
      statusCode: 403,
      message: "Forbidden - blocked by safe-chain",
    };
    // Emit the malwareBlocked event
    eventEmitter.emit("malwareBlocked", {
@ -99,34 +95,6 @@ function createRequestContext(targetUrl, eventEmitter) {
    });
  }
  /**
   * @param {string} message
   */
  function blockMinimumAgeRequestSetup(
    /** @type {string} */ packageName,
    /** @type {string} */ version,
    /** @type {string} */ message
  ) {
    blockResponse = createBlockResponse(message);
    eventEmitter.emit("minimumAgeRequestBlocked", {
      packageName,
      version,
      targetUrl,
      timestamp: Date.now(),
    });
  }
  /**
   * @param {string} message
   * @returns {{statusCode: number, message: string}}
   */
  function createBlockResponse(message) {
    return {
      statusCode: 403,
      message,
    };
  }
  /** @returns {RequestInterceptionHandler} */
  function build() {
    /**
@ -171,7 +139,6 @@ function createRequestContext(targetUrl, eventEmitter) {
  return {
    targetUrl,
    blockMalware: blockMalwareSetup,
    blockMinimumAgeRequest: blockMinimumAgeRequestSetup,
    modifyRequestHeaders: (func) => reqheaderModificationFuncs.push(func),
    modifyBody: (func) => modifyBodyFuncs.push(func),
    build,
--- a/packages/safe-chain/src/registryProxy/interceptors/minimumPackageAgeExclusions.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/minimumPackageAgeExclusions.js
@ -1,33 +0,0 @@
 import { getMinimumPackageAgeExclusions, getEcoSystem } from "../../config/settings.js";
 import { getEquivalentPackageNames } from "../../scanning/packageNameVariants.js";
 /**
 * Checks if a package name matches an exclusion pattern.
 * Supports trailing wildcard (*) for prefix matching.
 * @param {string} packageName
 * @param {string} pattern
 * @returns {boolean}
 */
 export function matchesExclusionPattern(packageName, pattern) {
  if (pattern.endsWith("/*")) {
    return packageName.startsWith(pattern.slice(0, -1));
  }
  return packageName === pattern;
 }
 /**
 * @param {string | undefined} packageName
 * @returns {boolean}
 */
 export function isExcludedFromMinimumPackageAge(packageName) {
  if (!packageName) {
    return false;
  }
  const exclusions = getMinimumPackageAgeExclusions();
  const candidateNames = getEquivalentPackageNames(packageName, getEcoSystem());
  return exclusions.some((pattern) =>
    candidateNames.some((name) => matchesExclusionPattern(name, pattern))
  );
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/npm/modifyNpmInfo.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/npm/modifyNpmInfo.js
@ -1,7 +1,10 @@
 import { getMinimumPackageAgeHours } from "../../../config/settings.js";
 import { ui } from "../../../environment/userInteraction.js";
-import { clearCachingHeaders, getHeaderValueAsString } from "../../http-utils.js";
+import { getHeaderValueAsString } from "../../http-utils.js";
-import { recordSuppressedVersion } from "../suppressedVersionsState.js";
+
 const state = {
  hasSuppressedVersions: false,
 };
 /**
 * @param {NodeJS.Dict<string | string[]>} headers
@ -79,7 +82,15 @@ export function modifyNpmInfoResponse(body, headers) {
      const timestampValue = new Date(timestamp);
      if (timestampValue > cutOff) {
        deleteVersionFromJson(bodyJson, version);
-        clearCachingHeaders(headers);
+        if (headers) {
          // When modifying the response, the etag and last-modified headers
          // no longer match the content so they needs to be removed before sending the response.
          delete headers["etag"];
          delete headers["last-modified"];
          // Removing the cache-control header will prevent the package manager from caching
          // the modified response.
          delete headers["cache-control"];
        }
      }
    }
@ -103,12 +114,10 @@ export function modifyNpmInfoResponse(body, headers) {
 * @param {string} version
 */
 function deleteVersionFromJson(json, version) {
-  recordSuppressedVersion();
+  state.hasSuppressedVersions = true;
  const packageName = typeof json?.name === "string" ? json.name : "(unknown)";
  ui.writeVerbose(
-    `Safe-chain: ${packageName}@${version} is newer than ${getMinimumPackageAgeHours()} hours and was removed (minimumPackageAgeInHours setting).`
+    `Safe-chain: ${version} is newer than ${getMinimumPackageAgeHours()} hours and was removed (minimumPackageAgeInHours setting).`
  );
  delete json.time[version];
@ -161,20 +170,8 @@ function getMostRecentTag(tagList) {
 }
 /**
- * @param {Buffer} body
+ * @returns {boolean}
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @returns {string | undefined}
 */
-export function getPackageNameFromMetadataResponse(body, headers) {
+export function getHasSuppressedVersions() {
-  try {
+  return state.hasSuppressedVersions;
    const contentType = getHeaderValueAsString(headers, "content-type");
    if (!contentType?.toLowerCase().includes("application/json")) {
      return undefined;
    }
    const bodyJson = JSON.parse(body.toString("utf8"));
    return typeof bodyJson.name === "string" ? bodyJson.name : undefined;
  } catch {
    return undefined;
  }
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.js
@ -5,16 +5,11 @@ import {
 import { isMalwarePackage } from "../../../scanning/audit/index.js";
 import { interceptRequests } from "../interceptorBuilder.js";
 import {
  getPackageNameFromMetadataResponse,
  isPackageInfoUrl,
  modifyNpmInfoRequestHeaders,
  modifyNpmInfoResponse,
 } from "./modifyNpmInfo.js";
 import { parseNpmPackageUrl } from "./parseNpmPackageUrl.js";
 import { openNewPackagesDatabase } from "../../../scanning/newPackagesListCache.js";
 import {
  isExcludedFromMinimumPackageAge,
 } from "../minimumPackageAgeExclusions.js";
 const knownJsRegistries = [
  "registry.npmjs.org",
@ -48,54 +43,14 @@ function buildNpmInterceptor(registry) {
      reqContext.targetUrl,
      registry
    );
    const minimumAgeChecksEnabled = !skipMinimumPackageAge();
    if (await isMalwarePackage(packageName, version)) {
      reqContext.blockMalware(packageName, version);
      return;
    }
-    if (minimumAgeChecksEnabled && isPackageInfoUrl(reqContext.targetUrl)) {
+    if (!skipMinimumPackageAge() && isPackageInfoUrl(reqContext.targetUrl)) {
      reqContext.modifyRequestHeaders(modifyNpmInfoRequestHeaders);
-      reqContext.modifyBody(modifyNpmInfoResponseUnlessExcluded);
+      reqContext.modifyBody(modifyNpmInfoResponse);
      return;
    }
    // For tarball requests the metadata check above is skipped, so we check the
    // new packages list as a fallback (covers e.g. frozen-lockfile installs).
    if (
      minimumAgeChecksEnabled &&
      packageName &&
      version &&
      !isExcludedFromMinimumPackageAge(packageName)
    ) {
      const newPackagesDatabase = await openNewPackagesDatabase();
      if (newPackagesDatabase.isNewlyReleasedPackage(packageName, version)) {
        reqContext.blockMinimumAgeRequest(
          packageName,
          version,
          `Forbidden - blocked by safe-chain direct download minimum package age (${packageName}@${version})`
        );
      }
    }
  });
 }
 /**
 * @param {Buffer} body
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @returns {Buffer}
 */
 function modifyNpmInfoResponseUnlessExcluded(body, headers) {
  const metadataPackageName = getPackageNameFromMetadataResponse(body, headers);
  if (
    metadataPackageName &&
    isExcludedFromMinimumPackageAge(metadataPackageName)
  ) {
    return body;
  }
  return modifyNpmInfoResponse(body, headers);
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.minPackageAge.spec.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.minPackageAge.spec.js
@ -4,26 +4,12 @@ import assert from "node:assert";
 describe("npmInterceptor minimum package age", async () => {
  let minimumPackageAgeSettings = 48;
  let skipMinimumPackageAgeSetting = false;
  let minimumPackageAgeExclusionsSetting = [];
  let newlyReleasedPackages = new Set();
  mock.module("../../../config/settings.js", {
    namedExports: {
      ECOSYSTEM_JS: "js",
      ECOSYSTEM_PY: "py",
      getMinimumPackageAgeHours: () => minimumPackageAgeSettings,
      skipMinimumPackageAge: () => skipMinimumPackageAgeSetting,
      getNpmCustomRegistries: () => [],
      getMinimumPackageAgeExclusions: () => minimumPackageAgeExclusionsSetting,
      getEcoSystem: () => "js",
    },
  });
  mock.module("../../../scanning/newPackagesListCache.js", {
    namedExports: {
      openNewPackagesDatabase: async () => ({
        isNewlyReleasedPackage: (name, version) =>
          newlyReleasedPackages.has(`${name}@${version}`),
      }),
    },
  });
@ -371,274 +357,6 @@ describe("npmInterceptor minimum package age", async () => {
    assert.equal(modifiedJson["dist-tags"]["latest"], "2.0.0");
  });
  it("Should suppress too-young versions on metadata requests without directly blocking the request", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    const packageUrl = "https://registry.npmjs.org/lodash";
    const interceptor = npmInterceptorForUrl(packageUrl);
    const requestHandler = await interceptor.handleRequest(packageUrl);
    assert.equal(requestHandler.blockResponse, undefined);
    assert.equal(requestHandler.modifiesResponse(), true);
  });
  it("Should directly block tarball requests when the new packages list marks them as too young", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    newlyReleasedPackages = new Set(["lodash@4.17.21"]);
    const packageUrl =
      "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz?integrity=sha512-abc123";
    const interceptor = npmInterceptorForUrl(packageUrl);
    const requestHandler = await interceptor.handleRequest(packageUrl);
    assert.ok(requestHandler.blockResponse);
    assert.equal(requestHandler.modifiesResponse(), false);
    assert.equal(requestHandler.blockResponse.statusCode, 403);
    assert.equal(
      requestHandler.blockResponse.message,
      "Forbidden - blocked by safe-chain direct download minimum package age (lodash@4.17.21)"
    );
  });
  it("Should not block tarball requests when skipMinimumPackageAge is enabled", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = true;
    minimumPackageAgeExclusionsSetting = [];
    newlyReleasedPackages = new Set(["lodash@4.17.21"]);
    const packageUrl =
      "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz";
    const interceptor = npmInterceptorForUrl(packageUrl);
    const requestHandler = await interceptor.handleRequest(packageUrl);
    assert.equal(requestHandler.blockResponse, undefined);
    assert.equal(requestHandler.modifiesResponse(), false);
  });
  it("Should not block tarball requests when the package is excluded from minimum age", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = ["lodash"];
    newlyReleasedPackages = new Set(["lodash@4.17.21"]);
    const packageUrl =
      "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz";
    const interceptor = npmInterceptorForUrl(packageUrl);
    const requestHandler = await interceptor.handleRequest(packageUrl);
    assert.equal(requestHandler.blockResponse, undefined);
    assert.equal(requestHandler.modifiesResponse(), false);
  });
  it("Should not filter packages when package is in exclusion list", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = ["lodash"];
    const packageUrl = "https://registry.npmjs.org/lodash";
    const originalBody = JSON.stringify({
      name: "lodash",
      ["dist-tags"]: {
        latest: "3.0.0",
      },
      versions: {
        ["1.0.0"]: {},
        ["2.0.0"]: {},
        ["3.0.0"]: {},
      },
      time: {
        created: getDate(-365 * 24),
        modified: getDate(-3),
        ["1.0.0"]: getDate(-7),
        // cutoff-date here
        ["2.0.0"]: getDate(-4),
        ["3.0.0"]: getDate(-3), // Would normally be filtered
      },
    });
    const modifiedBody = await runModifyNpmInfoRequest(packageUrl, originalBody);
    const modifiedJson = JSON.parse(modifiedBody);
    // All versions should remain unchanged since lodash is excluded
    assert.equal(Object.keys(modifiedJson.versions).length, 3);
    assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
    assert.ok(Object.keys(modifiedJson.versions).includes("2.0.0"));
    assert.ok(Object.keys(modifiedJson.versions).includes("3.0.0"));
    assert.equal(modifiedJson["dist-tags"]["latest"], "3.0.0");
  });
  it("Should filter packages when package is NOT in exclusion list", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = ["react"]; // Different package
    const packageUrl = "https://registry.npmjs.org/lodash";
    const modifiedBody = await runModifyNpmInfoRequest(
      packageUrl,
      JSON.stringify({
        name: "lodash",
        ["dist-tags"]: { latest: "3.0.0" },
        versions: { ["1.0.0"]: {}, ["3.0.0"]: {} },
        time: {
          created: getDate(-365 * 24),
          modified: getDate(-3),
          ["1.0.0"]: getDate(-7),
          ["3.0.0"]: getDate(-3),
        },
      })
    );
    const modifiedJson = JSON.parse(modifiedBody);
    // lodash should still be filtered since it's not in exclusions
    assert.equal(Object.keys(modifiedJson.versions).length, 1);
    assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
    assert.ok(!Object.keys(modifiedJson.versions).includes("3.0.0"));
  });
  it("Should handle scoped packages in exclusion list", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = ["@babel/core"];
    const packageUrl = "https://registry.npmjs.org/@babel/core";
    const originalBody = JSON.stringify({
      name: "@babel/core",
      ["dist-tags"]: { latest: "7.0.0" },
      versions: { ["6.0.0"]: {}, ["7.0.0"]: {} },
      time: {
        created: getDate(-365 * 24),
        modified: getDate(-1),
        ["6.0.0"]: getDate(-100),
        ["7.0.0"]: getDate(-1), // Would normally be filtered
      },
    });
    const modifiedBody = await runModifyNpmInfoRequest(packageUrl, originalBody);
    const modifiedJson = JSON.parse(modifiedBody);
    // All versions should remain for excluded scoped package
    assert.equal(Object.keys(modifiedJson.versions).length, 2);
    assert.ok(Object.keys(modifiedJson.versions).includes("6.0.0"));
    assert.ok(Object.keys(modifiedJson.versions).includes("7.0.0"));
  });
  it("Should handle multiple packages in exclusion list", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = ["react", "lodash", "@types/node"];
    const packageUrl = "https://registry.npmjs.org/lodash";
    const originalBody = JSON.stringify({
      name: "lodash",
      ["dist-tags"]: { latest: "2.0.0" },
      versions: { ["1.0.0"]: {}, ["2.0.0"]: {} },
      time: {
        created: getDate(-365 * 24),
        modified: getDate(-1),
        ["1.0.0"]: getDate(-100),
        ["2.0.0"]: getDate(-1),
      },
    });
    const modifiedBody = await runModifyNpmInfoRequest(packageUrl, originalBody);
    const modifiedJson = JSON.parse(modifiedBody);
    // All versions should remain since lodash is in the exclusion list
    assert.equal(Object.keys(modifiedJson.versions).length, 2);
  });
  it("Should exclude packages matching wildcard pattern @scope/*", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = ["@aikidosec/*"];
    const packageUrl = "https://registry.npmjs.org/@aikidosec/safe-chain";
    const originalBody = JSON.stringify({
      name: "@aikidosec/safe-chain",
      ["dist-tags"]: { latest: "2.0.0" },
      versions: { ["1.0.0"]: {}, ["2.0.0"]: {} },
      time: {
        created: getDate(-365 * 24),
        modified: getDate(-1),
        ["1.0.0"]: getDate(-100),
        ["2.0.0"]: getDate(-1), // Would normally be filtered
      },
    });
    const modifiedBody = await runModifyNpmInfoRequest(packageUrl, originalBody);
    const modifiedJson = JSON.parse(modifiedBody);
    // All versions should remain since @aikidosec/* matches @aikidosec/safe-chain
    assert.equal(Object.keys(modifiedJson.versions).length, 2);
    assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
    assert.ok(Object.keys(modifiedJson.versions).includes("2.0.0"));
  });
  it("Should NOT exclude packages that don't match wildcard pattern", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = ["@aikidosec/*"];
    const packageUrl = "https://registry.npmjs.org/@other/package";
    const originalBody = JSON.stringify({
      name: "@other/package",
      ["dist-tags"]: { latest: "2.0.0" },
      versions: { ["1.0.0"]: {}, ["2.0.0"]: {} },
      time: {
        created: getDate(-365 * 24),
        modified: getDate(-1),
        ["1.0.0"]: getDate(-100),
        ["2.0.0"]: getDate(-1),
      },
    });
    const modifiedBody = await runModifyNpmInfoRequest(packageUrl, originalBody);
    const modifiedJson = JSON.parse(modifiedBody);
    // Version 2.0.0 should be filtered since @other/package doesn't match @aikidosec/*
    assert.equal(Object.keys(modifiedJson.versions).length, 1);
    assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
  });
  it("Should reset exclusions between tests", async () => {
    minimumPackageAgeSettings = 5;
    skipMinimumPackageAgeSetting = false;
    minimumPackageAgeExclusionsSetting = []; // Reset to empty
    newlyReleasedPackages = new Set();
    const packageUrl = "https://registry.npmjs.org/lodash";
    const modifiedBody = await runModifyNpmInfoRequest(
      packageUrl,
      JSON.stringify({
        name: "lodash",
        ["dist-tags"]: { latest: "2.0.0" },
        versions: { ["1.0.0"]: {}, ["2.0.0"]: {} },
        time: {
          created: getDate(-365 * 24),
          modified: getDate(-1),
          ["1.0.0"]: getDate(-100),
          ["2.0.0"]: getDate(-1),
        },
      })
    );
    const modifiedJson = JSON.parse(modifiedBody);
    // Version 2.0.0 should be filtered since exclusions are empty
    assert.equal(Object.keys(modifiedJson.versions).length, 1);
    assert.ok(Object.keys(modifiedJson.versions).includes("1.0.0"));
  });
  function getDate(plusHours) {
    const date = new Date();
    date.setHours(date.getHours() + plusHours);
--- a/packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.packageDownload.spec.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/npm/npmInterceptor.packageDownload.spec.js
@ -1,11 +1,9 @@
-import { describe, it, mock, beforeEach } from "node:test";
+import { describe, it, mock } from "node:test";
 import assert from "node:assert";
 let lastPackage;
 let malwareResponse = false;
 let customRegistries = [];
 let newlyReleasedPackages = new Set();
 let skipMinimumPackageAgeSetting = false;
 mock.module("../../../scanning/audit/index.js", {
  namedExports: {
@ -28,30 +26,13 @@ mock.module("../../../config/settings.js", {
    setEcoSystem: () => {},
    getMinimumPackageAgeHours: () => 24,
    getNpmCustomRegistries: () => customRegistries,
-    getMinimumPackageAgeExclusions: () => [],
+    skipMinimumPackageAge: () => false,
    skipMinimumPackageAge: () => skipMinimumPackageAgeSetting,
  },
 });
 mock.module("../../../scanning/newPackagesListCache.js", {
  namedExports: {
    openNewPackagesDatabase: async () => ({
      isNewlyReleasedPackage: (name, version) =>
        newlyReleasedPackages.has(`${name}@${version}`),
    }),
  },
 });
 describe("npmInterceptor", async () => {
  const { npmInterceptorForUrl } = await import("./npmInterceptor.js");
  beforeEach(() => {
    lastPackage = undefined;
    malwareResponse = false;
    customRegistries = [];
    newlyReleasedPackages = new Set();
    skipMinimumPackageAgeSetting = false;
  });
  const parserCases = [
    // Regular packages
    {
@ -127,10 +108,6 @@ describe("npmInterceptor", async () => {
      url: "https://registry.yarnpkg.com/@babel/core/-/core-7.21.4.tgz",
      expected: { packageName: "@babel/core", version: "7.21.4" },
    },
    {
      url: "https://registry.yarnpkg.com/@music-i18n%2fverovio/-/verovio-1.4.1.tgz",
      expected: { packageName: "@music-i18n/verovio", version: "1.4.1" },
    },
    // URL to get package info, not tarball
    {
      url: "https://registry.npmjs.org/lodash",
@ -200,36 +177,6 @@ describe("npmInterceptor", async () => {
      "Block response should have correct status message"
    );
  });
  it("should block direct tarball downloads for newly released packages", async () => {
    const url =
      "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz?integrity=sha512-abc123";
    malwareResponse = false;
    skipMinimumPackageAgeSetting = false;
    newlyReleasedPackages = new Set(["lodash@4.17.21"]);
    const interceptor = npmInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.ok(result.blockResponse);
    assert.equal(result.blockResponse.statusCode, 403);
    assert.equal(
      result.blockResponse.message,
      "Forbidden - blocked by safe-chain direct download minimum package age (lodash@4.17.21)"
    );
  });
  it("should not block direct tarball downloads when minimum age checks are skipped", async () => {
    const url = "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz";
    malwareResponse = false;
    skipMinimumPackageAgeSetting = true;
    newlyReleasedPackages = new Set(["lodash@4.17.21"]);
    const interceptor = npmInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.equal(result.blockResponse, undefined);
  });
 });
 describe("npmInterceptor with custom registries", async () => {
--- a/packages/safe-chain/src/registryProxy/interceptors/npm/parseNpmPackageUrl.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/npm/parseNpmPackageUrl.js
@ -5,29 +5,12 @@
 */
 export function parseNpmPackageUrl(url, registry) {
  let packageName, version;
-  let parsedUrl;
+  if (!registry || !url.endsWith(".tgz")) {
  try {
    parsedUrl = new URL(url);
  } catch {
    return { packageName, version };
  }
-  const pathname = parsedUrl.pathname;
+  const registryIndex = url.indexOf(registry);
-
+  const afterRegistry = url.substring(registryIndex + registry.length + 1); // +1 to skip the slash
  if (!registry || !pathname.endsWith(".tgz")) {
    return { packageName, version };
  }
  const registryPrefix = `${registry}/`;
  const urlAfterProtocol = `${parsedUrl.host}${pathname}`;
  if (!urlAfterProtocol.startsWith(registryPrefix)) {
    return { packageName, version };
  }
  const afterRegistry = decodeURIComponent(
    urlAfterProtocol.substring(registryPrefix.length)
  );
  const separatorIndex = afterRegistry.indexOf("/-/");
  if (separatorIndex === -1) {
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/modifyPipInfo.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/modifyPipInfo.js
@ -1,184 +0,0 @@
 import { ui } from "../../../environment/userInteraction.js";
 import { clearCachingHeaders } from "../../http-utils.js";
 import { normalizePipPackageName } from "../../../scanning/packageNameVariants.js";
 import { parsePipPackageFromUrl } from "./parsePipPackageUrl.js";
 export { parsePipMetadataUrl, isPipPackageInfoUrl } from "./parsePipPackageUrl.js";
 import { getPipMetadataContentType, logSuppressedVersion } from "./pipMetadataResponseUtils.js";
 import { modifyPipJsonResponse } from "./modifyPipJsonResponse.js";
 /**
 * Strip conditional GET headers so PyPI always returns a full 200 response
 * with a body we can rewrite. Without this, pip sends If-None-Match /
 * If-Modified-Since, PyPI responds 304 Not Modified (empty body), and
 * safe-chain cannot rewrite it — leaving pip with a cached index that still
 * lists too-young versions. Those versions are then blocked at direct-download
 * time with a hard 403, preventing dependency resolution from completing.
 *
 * @param {NodeJS.Dict<string | string[]>} headers
 * @returns {NodeJS.Dict<string | string[]>}
 */
 export function modifyPipInfoRequestHeaders(headers) {
  delete headers["if-none-match"];
  delete headers["if-modified-since"];
  return headers;
 }
 // Match simple-index anchor tags and capture their href so we can suppress
 // individual distribution links from PyPI HTML metadata responses.
 const HTML_ANCHOR_HREF_RE =
  /<a\b[^>]*href\s*=\s*(["'])([^"']+)\1[^>]*>[\s\S]*?<\/a>/gi;
 /**
 * @param {Buffer} body
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @param {string} metadataUrl
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @returns {Buffer}
 */
 export function modifyPipInfoResponse(
  body,
  headers,
  metadataUrl,
  isNewlyReleasedPackage,
  packageName
 ) {
  try {
    const contentType = getPipMetadataContentType(headers);
    if (!contentType || body.byteLength === 0) {
      return body;
    }
    if (
      contentType.includes("html") ||
      contentType.includes("application/vnd.pypi.simple.v1+html")
    ) {
      return modifyHtmlSimpleResponse(
        body,
        headers,
        metadataUrl,
        isNewlyReleasedPackage,
        packageName
      );
    }
    if (
      contentType.includes("json") ||
      contentType.includes("application/vnd.pypi.simple.v1+json")
    ) {
      return modifyJsonResponse(
        body,
        headers,
        metadataUrl,
        isNewlyReleasedPackage,
        packageName
      );
    }
    return body;
  } catch (/** @type {any} */ err) {
    ui.writeVerbose(
      `Safe-chain: PyPI package metadata not in expected format - bypassing modification. Error: ${err.message}`
    );
    return body;
  }
 }
 /**
 * @param {Buffer} body
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @param {string} metadataUrl
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @returns {Buffer}
 */
 function modifyHtmlSimpleResponse(
  body,
  headers,
  metadataUrl,
  isNewlyReleasedPackage,
  packageName
 ) {
  const html = body.toString("utf8");
  let modified = false;
  const rewriteHtmlAnchor = createHtmlAnchorRewriter(
    metadataUrl,
    isNewlyReleasedPackage,
    packageName,
    () => {
      modified = true;
    }
  );
  const updatedHtml = html.replace(HTML_ANCHOR_HREF_RE, rewriteHtmlAnchor);
  if (!modified) return body;
  const modifiedBuffer = Buffer.from(updatedHtml);
  clearCachingHeaders(headers);
  return modifiedBuffer;
 }
 /**
 * @param {string} metadataUrl
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @param {() => void} onModified
 * @returns {(anchor: string, quote: string, href: string) => string}
 */
 function createHtmlAnchorRewriter(
  metadataUrl,
  isNewlyReleasedPackage,
  packageName,
  onModified
 ) {
  return (anchor, _quote, href) => {
    const resolvedHref = new URL(href, metadataUrl).toString();
    const { packageName: hrefPackageName, version } = parsePipPackageFromUrl(
      resolvedHref,
      new URL(resolvedHref).host
    );
    if (
      hrefPackageName &&
      normalizePipPackageName(hrefPackageName) ===
        normalizePipPackageName(packageName) &&
      version &&
      isNewlyReleasedPackage(packageName, version)
    ) {
      onModified();
      logSuppressedVersion(packageName, version);
      return "";
    }
    return anchor;
  };
 }
 /**
 * @param {Buffer} body
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @param {string} metadataUrl
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @returns {Buffer}
 */
 function modifyJsonResponse(
  body,
  headers,
  metadataUrl,
  isNewlyReleasedPackage,
  packageName
 ) {
  const json = JSON.parse(body.toString("utf8"));
  const modified = modifyPipJsonResponse(
    json,
    metadataUrl,
    isNewlyReleasedPackage,
    packageName
  );
  if (!modified) return body;
  const modifiedBuffer = Buffer.from(JSON.stringify(json));
  clearCachingHeaders(headers);
  return modifiedBuffer;
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/modifyPipInfo.spec.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/modifyPipInfo.spec.js
@ -1,302 +0,0 @@
 import { describe, it, mock } from "node:test";
 import assert from "node:assert";
 describe("modifyPipInfo", async () => {
  mock.module("../../../config/settings.js", {
    namedExports: {
      getMinimumPackageAgeHours: () => 48,
      ECOSYSTEM_PY: "py",
    },
  });
  mock.module("../../../environment/userInteraction.js", {
    namedExports: {
      ui: {
        writeVerbose: () => {},
      },
    },
  });
  const {
    modifyPipInfoResponse,
  } = await import("./modifyPipInfo.js");
  it("removes too-young files from simple HTML metadata", () => {
    const headers = {
      "content-type": "application/vnd.pypi.simple.v1+html",
      etag: "abc",
      "cache-control": "public",
      "content-length": "999",
      "transfer-encoding": "chunked",
    };
    const body = Buffer.from(`
      <!doctype html>
      <html>
        <body>
          <a href="https://files.pythonhosted.org/packages/source/r/requests/requests-1.0.0.tar.gz">requests-1.0.0.tar.gz</a>
          <a href="https://files.pythonhosted.org/packages/source/r/requests/requests-2.0.0.tar.gz">requests-2.0.0.tar.gz</a>
        </body>
      </html>
    `);
    const modified = modifyPipInfoResponse(
      body,
      headers,
      "https://pypi.org/simple/requests/",
      (_packageName, version) => version === "2.0.0",
      "requests"
    ).toString("utf8");
    assert.ok(modified.includes("requests-1.0.0.tar.gz"));
    assert.ok(!modified.includes("requests-2.0.0.tar.gz"));
    assert.equal(headers.etag, undefined);
    assert.equal(headers["cache-control"], undefined);
    assert.equal(headers["content-length"], undefined);
    assert.equal(headers["transfer-encoding"], "chunked");
  });
  it("leaves mixed-case transport headers untouched for MITM layer to normalize", () => {
    const headers = {
      "content-type": "application/json",
      ETag: "abc",
      "Content-Length": "999",
      "Last-Modified": "yesterday",
      "Cache-Control": "public, max-age=60",
      "Transfer-Encoding": "chunked",
    };
    const body = Buffer.from(
      JSON.stringify({
        info: { version: "2.0.0" },
        releases: {
          "1.0.0": [{ filename: "requests-1.0.0.tar.gz" }],
          "2.0.0": [{ filename: "requests-2.0.0.tar.gz" }],
        },
      })
    );
    modifyPipInfoResponse(
      body,
      headers,
      "https://pypi.org/pypi/requests/json",
      (_packageName, version) => version === "2.0.0",
      "requests"
    );
    assert.equal(headers.ETag, "abc");
    assert.equal(headers["Last-Modified"], "yesterday");
    assert.equal(headers["Cache-Control"], "public, max-age=60");
    assert.equal(headers["Transfer-Encoding"], "chunked");
    assert.equal(headers["Content-Length"], "999");
    assert.equal(headers["content-length"], undefined);
  });
  it("returns body unchanged when no HTML versions are suppressed", () => {
    const headers = {
      "content-type": "application/vnd.pypi.simple.v1+html",
      etag: "abc",
    };
    const body = Buffer.from(
      `<a href="https://files.pythonhosted.org/packages/source/r/requests/requests-1.0.0.tar.gz">requests-1.0.0.tar.gz</a>`
    );
    const result = modifyPipInfoResponse(
      body,
      headers,
      "https://pypi.org/simple/requests/",
      () => false,
      "requests"
    );
    assert.equal(result, body); // same Buffer reference — no copy made
    assert.equal(headers.etag, "abc"); // headers untouched
  });
  it("matches HTML anchor hrefs using normalised package name (underscore vs hyphen)", () => {
    const headers = { "content-type": "application/vnd.pypi.simple.v1+html" };
    const body = Buffer.from(
      `<a href="https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0.tar.gz">foo_bar-2.0.0.tar.gz</a>` +
      `<a href="https://files.pythonhosted.org/packages/xx/yy/foo_bar-1.0.0.tar.gz">foo_bar-1.0.0.tar.gz</a>`
    );
    const modified = modifyPipInfoResponse(
      body,
      headers,
      "https://pypi.org/simple/foo-bar/",
      (_packageName, version) => version === "2.0.0",
      "foo-bar" // hyphenated name, hrefs use underscore
    ).toString("utf8");
    assert.ok(!modified.includes("foo_bar-2.0.0.tar.gz"));
    assert.ok(modified.includes("foo_bar-1.0.0.tar.gz"));
  });
  it("matches anchor href regex with single quotes and extra attributes", () => {
    const headers = { "content-type": "application/vnd.pypi.simple.v1+html" };
    const body = Buffer.from(`
      <a
        data-requires-python="&gt;=3.9"
        class="pkg"
        href='https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0.tar.gz'
      >
        foo_bar-2.0.0.tar.gz
      </a>
      <a href="https://files.pythonhosted.org/packages/xx/yy/foo_bar-1.0.0.tar.gz">foo_bar-1.0.0.tar.gz</a>
    `);
    const modified = modifyPipInfoResponse(
      body,
      headers,
      "https://pypi.org/simple/foo-bar/",
      (_packageName, version) => version === "2.0.0",
      "foo-bar"
    ).toString("utf8");
    assert.ok(!modified.includes("foo_bar-2.0.0.tar.gz"));
    assert.ok(modified.includes("foo_bar-1.0.0.tar.gz"));
  });
  it("removes too-young files from simple JSON metadata", () => {
    const headers = {
      "content-type": "application/vnd.pypi.simple.v1+json",
    };
    const body = Buffer.from(
      JSON.stringify({
        name: "requests",
        files: [
          {
            filename: "requests-1.0.0.tar.gz",
            url: "https://files.pythonhosted.org/packages/source/r/requests/requests-1.0.0.tar.gz",
          },
          {
            filename: "requests-2.0.0.tar.gz",
            url: "https://files.pythonhosted.org/packages/source/r/requests/requests-2.0.0.tar.gz",
          },
        ],
      })
    );
    const modified = JSON.parse(
      modifyPipInfoResponse(
        body,
        headers,
        "https://pypi.org/simple/requests/",
        (_packageName, version) => version === "2.0.0",
        "requests"
      ).toString("utf8")
    );
    assert.equal(modified.files.length, 1);
    assert.equal(modified.files[0].filename, "requests-1.0.0.tar.gz");
  });
  it("filters simple JSON metadata entries that have only filename (no url)", () => {
    const headers = { "content-type": "application/vnd.pypi.simple.v1+json" };
    const body = Buffer.from(
      JSON.stringify({
        name: "requests",
        files: [
          { filename: "requests-1.0.0.tar.gz" },
          { filename: "requests-2.0.0.tar.gz" },
        ],
      })
    );
    const modified = JSON.parse(
      modifyPipInfoResponse(
        body,
        headers,
        "https://pypi.org/simple/requests/",
        (_packageName, version) => version === "2.0.0",
        "requests"
      ).toString("utf8")
    );
    assert.equal(modified.files.length, 1);
    assert.equal(modified.files[0].filename, "requests-1.0.0.tar.gz");
  });
  it("recalculates JSON API info.version after removing too-young releases", () => {
    const headers = {
      "content-type": "application/json",
    };
    const body = Buffer.from(
      JSON.stringify({
        info: { version: "2.0.0" },
        releases: {
          "1.0.0": [
            {
              filename: "requests-1.0.0.tar.gz",
              upload_time_iso_8601: "2024-01-01T00:00:00.000Z",
            },
          ],
          "2.0.0": [
            {
              filename: "requests-2.0.0.tar.gz",
              upload_time_iso_8601: "2024-01-02T00:00:00.000Z",
            },
          ],
          "3.0.0rc1": [
            {
              filename: "requests-3.0.0rc1.tar.gz",
              upload_time_iso_8601: "2024-01-03T00:00:00.000Z",
            },
          ],
        },
        urls: [
          { filename: "requests-2.0.0.tar.gz" },
        ],
      })
    );
    const modified = JSON.parse(
      modifyPipInfoResponse(
        body,
        headers,
        "https://pypi.org/pypi/requests/json",
        (_packageName, version) =>
          version === "2.0.0" || version === "3.0.0rc1",
        "requests"
      ).toString("utf8")
    );
    assert.deepEqual(Object.keys(modified.releases), ["1.0.0"]);
    assert.equal(modified.info.version, "1.0.0");
    assert.equal(modified.urls.length, 0);
  });
  it("falls back to latest pre-release when all stable versions are removed", () => {
    const headers = { "content-type": "application/json" };
    const body = Buffer.from(
      JSON.stringify({
        info: { version: "2.0.0rc2" },
        releases: {
          "1.0.0rc1": [{ filename: "requests-1.0.0rc1.tar.gz" }],
          "2.0.0rc2": [{ filename: "requests-2.0.0rc2.tar.gz" }],
        },
        urls: [],
      })
    );
    const modified = JSON.parse(
      modifyPipInfoResponse(
        body,
        headers,
        "https://pypi.org/pypi/requests/json",
        (_packageName, version) => version === "2.0.0rc2",
        "requests"
      ).toString("utf8")
    );
    assert.deepEqual(Object.keys(modified.releases), ["1.0.0rc1"]);
    assert.equal(modified.info.version, "1.0.0rc1");
  });
 });
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/modifyPipJsonResponse.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/modifyPipJsonResponse.js
@ -1,176 +0,0 @@
 import {
  calculateLatestVersion,
  getAvailableVersionsFromJson,
  getPackageVersionFromMetadataFile,
 } from "./pipMetadataVersionUtils.js";
 import { logSuppressedVersion } from "./pipMetadataResponseUtils.js";
 /**
 * @param {any} json
 * @param {string} metadataUrl
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @returns {boolean}
 */
 export function modifyPipJsonResponse(
  json,
  metadataUrl,
  isNewlyReleasedPackage,
  packageName
 ) {
  const filesModified = filterJsonMetadataFiles(
    json,
    metadataUrl,
    isNewlyReleasedPackage,
    packageName
  );
  const releasesModified = removeJsonMetadataReleases(
    json,
    isNewlyReleasedPackage,
    packageName
  );
  const urlsModified = filterJsonMetadataUrls(
    json,
    metadataUrl,
    isNewlyReleasedPackage,
    packageName
  );
  const versionModified = updateJsonInfoVersion(json, metadataUrl);
  return filesModified || releasesModified || urlsModified || versionModified;
 }
 /**
 * @param {any} json
 * @param {string} metadataUrl
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @returns {boolean}
 */
 function filterJsonMetadataFiles(
  json,
  metadataUrl,
  isNewlyReleasedPackage,
  packageName
 ) {
  if (!Array.isArray(json.files)) {
    return false;
  }
  let modified = false;
  const loggedVersions = new Set();
  json.files = json.files.filter((/** @type {any} */ file) => {
    const version = getPackageVersionFromMetadataFile(file, metadataUrl);
    if (version && isNewlyReleasedPackage(packageName, version)) {
      modified = true;
      if (!loggedVersions.has(version)) {
        logSuppressedVersion(packageName, version);
        loggedVersions.add(version);
      }
      return false;
    }
    return true;
  });
  return modified;
 }
 /**
 * @param {any} json
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @returns {boolean}
 */
 function removeJsonMetadataReleases(json, isNewlyReleasedPackage, packageName) {
  if (!json.releases || typeof json.releases !== "object") {
    return false;
  }
  let modified = false;
  for (const [version, files] of Object.entries(json.releases)) {
    if (
      Array.isArray(/** @type {unknown[]} */ (files)) &&
      isNewlyReleasedPackage(packageName, version)
    ) {
      delete json.releases[version];
      modified = true;
      logSuppressedVersion(packageName, version);
    }
  }
  return modified;
 }
 /**
 * @param {any} json
 * @param {string} metadataUrl
 * @param {(packageName: string | undefined, version: string | undefined) => boolean} isNewlyReleasedPackage
 * @param {string} packageName
 * @returns {boolean}
 */
 function filterJsonMetadataUrls(
  json,
  metadataUrl,
  isNewlyReleasedPackage,
  packageName
 ) {
  if (!Array.isArray(json.urls)) {
    return false;
  }
  let modified = false;
  const loggedVersions = new Set();
  json.urls = json.urls.filter((/** @type {any} */ file) => {
    const version = getPackageVersionFromMetadataFile(file, metadataUrl);
    if (version && isNewlyReleasedPackage(packageName, version)) {
      modified = true;
      if (!loggedVersions.has(version)) {
        logSuppressedVersion(packageName, version);
        loggedVersions.add(version);
      }
      return false;
    }
    return true;
  });
  return modified;
 }
 /**
 * @param {any} json
 * @param {string} metadataUrl
 * @returns {boolean}
 */
 function updateJsonInfoVersion(json, metadataUrl) {
  if (!json.info || typeof json.info !== "object") {
    return false;
  }
  const replacementVersion = computeReplacementVersion(json, metadataUrl);
  if (
    typeof json.info.version !== "string" ||
    !replacementVersion ||
    json.info.version === replacementVersion
  ) {
    return false;
  }
  json.info.version = replacementVersion;
  return true;
 }
 /**
 * @param {any} json
 * @param {string} metadataUrl
 * @returns {string | undefined}
 */
 function computeReplacementVersion(json, metadataUrl) {
  const candidateVersions = getAvailableVersionsFromJson(json, metadataUrl);
  return calculateLatestVersion(candidateVersions);
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/parsePipPackageUrl.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/parsePipPackageUrl.js
@ -1,162 +0,0 @@
 /**
 * Parses a PyPI metadata URL and returns the package name and API type.
 *
 * @example
 * parsePipMetadataUrl("https://pypi.org/simple/requests/")
 * // => { packageName: "requests", type: "simple" }
 *
 * parsePipMetadataUrl("https://pypi.org/pypi/requests/json")
 * // => { packageName: "requests", type: "json" }
 *
 * parsePipMetadataUrl("https://pypi.org/pypi/requests/2.28.1/json")
 * // => { packageName: "requests", type: "json" }
 *
 * parsePipMetadataUrl("https://files.pythonhosted.org/packages/requests-2.28.1.tar.gz")
 * // => { packageName: undefined, type: undefined }
 *
 * @param {string} url
 * @returns {{ packageName: string | undefined, type: "simple" | "json" | undefined }}
 */
 export function parsePipMetadataUrl(url) {
  if (typeof url !== "string") {
    return { packageName: undefined, type: undefined };
  }
  let urlObj;
  try {
    urlObj = new URL(url);
  } catch {
    return { packageName: undefined, type: undefined };
  }
  const pathSegments = urlObj.pathname.split("/").filter(Boolean);
  if (pathSegments[0] === "simple" && pathSegments[1]) {
    return {
      packageName: decodeURIComponent(pathSegments[1]),
      type: "simple",
    };
  }
  if (
    pathSegments[0] === "pypi" &&
    pathSegments[pathSegments.length - 1] === "json" &&
    pathSegments[1]
  ) {
    return {
      packageName: decodeURIComponent(pathSegments[1]),
      type: "json",
    };
  }
  return { packageName: undefined, type: undefined };
 }
 /**
 * @param {string} url
 * @returns {boolean}
 */
 export function isPipPackageInfoUrl(url) {
  return !!parsePipMetadataUrl(url).packageName;
 }
 /**
 * Parse Python package artifact URLs from PyPI-style registries.
 * Examples:
 * - Wheel: https://files.pythonhosted.org/packages/.../requests-2.28.1-py3-none-any.whl
 * - Wheel metadata: https://files.pythonhosted.org/packages/.../requests-2.28.1-py3-none-any.whl.metadata
 * - Sdist: https://files.pythonhosted.org/packages/.../requests-2.28.1.tar.gz
 *
 * @param {string} url
 * @param {string} registry
 * @returns {{packageName: string | undefined, version: string | undefined}}
 */
 export function parsePipPackageFromUrl(url, registry) {
  if (!registry || typeof url !== "string") {
    return { packageName: undefined, version: undefined };
  }
  let urlObj;
  try {
    urlObj = new URL(url);
  } catch {
    return { packageName: undefined, version: undefined };
  }
  const lastSegment = urlObj.pathname.split("/").filter(Boolean).pop();
  if (!lastSegment) {
    return { packageName: undefined, version: undefined };
  }
  const filename = decodeURIComponent(lastSegment);
  const wheelExtRe = /\.whl(?:\.metadata)?$/;
  if (wheelExtRe.test(filename)) {
    return parseWheelFilename(filename, wheelExtRe);
  }
  const sdistExtWithMetadataRe = /\.(tar\.gz|zip|tar\.bz2|tar\.xz)(\.metadata)?$/i;
  if (!sdistExtWithMetadataRe.test(filename)) {
    return { packageName: undefined, version: undefined };
  }
  return parseSdistFilename(filename, sdistExtWithMetadataRe);
 }
 /**
 * Parse wheel filenames and Poetry preflight metadata.
 * Examples:
 * - foo_bar-2.0.0-py3-none-any.whl
 * - foo_bar-2.0.0-py3-none-any.whl.metadata
 *
 * @param {string} filename
 * @param {RegExp} wheelExtRe
 * @returns {{packageName: string | undefined, version: string | undefined}}
 */
 function parseWheelFilename(filename, wheelExtRe) {
  const base = filename.replace(wheelExtRe, "");
  const firstDash = base.indexOf("-");
  if (firstDash <= 0) {
    return { packageName: undefined, version: undefined };
  }
  const packageName = base.slice(0, firstDash);
  const rest = base.slice(firstDash + 1);
  const secondDash = rest.indexOf("-");
  const version = secondDash >= 0 ? rest.slice(0, secondDash) : rest;
  // "latest" is a resolver-style token, not an actual published artifact version.
  if (version === "latest" || !packageName || !version) {
    return { packageName: undefined, version: undefined };
  }
  return { packageName, version };
 }
 /**
 * Parse source distribution filenames, with optional metadata suffix.
 * Examples:
 * - requests-2.28.1.tar.gz
 * - requests-2.28.1.zip
 * - requests-2.28.1.tar.gz.metadata
 *
 * @param {string} filename
 * @param {RegExp} sdistExtWithMetadataRe
 * @returns {{packageName: string | undefined, version: string | undefined}}
 */
 function parseSdistFilename(filename, sdistExtWithMetadataRe) {
  const base = filename.replace(sdistExtWithMetadataRe, "");
  const lastDash = base.lastIndexOf("-");
  if (lastDash <= 0 || lastDash >= base.length - 1) {
    return { packageName: undefined, version: undefined };
  }
  const packageName = base.slice(0, lastDash);
  const version = base.slice(lastDash + 1);
  // "latest" is a resolver-style token, not an actual published artifact version.
  if (version === "latest" || !packageName || !version) {
    return { packageName: undefined, version: undefined };
  }
  return { packageName, version };
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/parsePipPackageUrl.spec.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/parsePipPackageUrl.spec.js
@ -1,100 +0,0 @@
 import { describe, it } from "node:test";
 import assert from "node:assert";
 import {
  isPipPackageInfoUrl,
  parsePipMetadataUrl,
  parsePipPackageFromUrl,
 } from "./parsePipPackageUrl.js";
 describe("parsePipPackageUrl", () => {
  it("parses simple metadata URLs", () => {
    assert.deepEqual(parsePipMetadataUrl("https://pypi.org/simple/requests/"), {
      packageName: "requests",
      type: "simple",
    });
  });
  it("parses json metadata URLs", () => {
    assert.deepEqual(parsePipMetadataUrl("https://pypi.org/pypi/requests/json"), {
      packageName: "requests",
      type: "json",
    });
  });
  it("parses per-version json metadata URLs", () => {
    assert.deepEqual(
      parsePipMetadataUrl("https://pypi.org/pypi/requests/2.28.1/json"),
      { packageName: "requests", type: "json" }
    );
  });
  it("decodes encoded metadata package names", () => {
    assert.deepEqual(
      parsePipMetadataUrl("https://pypi.org/simple/foo-bar%5Fbaz/"),
      {
        packageName: "foo-bar_baz",
        type: "simple",
      }
    );
  });
  it("returns undefined for unrecognized metadata paths", () => {
    assert.deepEqual(
      parsePipMetadataUrl("https://pypi.org/unknown/requests/"),
      {
        packageName: undefined,
        type: undefined,
      }
    );
  });
  it("returns undefined for invalid metadata URLs", () => {
    assert.deepEqual(parsePipMetadataUrl("not a url"), {
      packageName: undefined,
      type: undefined,
    });
  });
  it("recognizes package info URLs", () => {
    assert.equal(
      isPipPackageInfoUrl("https://pypi.org/simple/requests/"),
      true
    );
  });
  it("does not treat artifact URLs as package info URLs", () => {
    assert.equal(
      isPipPackageInfoUrl(
        "https://files.pythonhosted.org/packages/source/r/requests/requests-2.28.1.tar.gz"
      ),
      false
    );
  });
  it("parses wheel artifact URLs", () => {
    assert.deepEqual(
      parsePipPackageFromUrl(
        "https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl",
        "files.pythonhosted.org"
      ),
      { packageName: "foo_bar", version: "2.0.0" }
    );
  });
  it("parses sdist artifact URLs", () => {
    assert.deepEqual(
      parsePipPackageFromUrl(
        "https://files.pythonhosted.org/packages/source/r/requests/requests-2.28.1.tar.gz",
        "files.pythonhosted.org"
      ),
      { packageName: "requests", version: "2.28.1" }
    );
  });
  it("returns undefined for non-artifact URLs", () => {
    assert.deepEqual(
      parsePipPackageFromUrl("https://pypi.org/simple/requests/", "pypi.org"),
      { packageName: undefined, version: undefined }
    );
  });
 });
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.js
@ -1,124 +0,0 @@
 import {
  ECOSYSTEM_PY,
  getPipCustomRegistries,
  skipMinimumPackageAge,
 } from "../../../config/settings.js";
 import { isMalwarePackage } from "../../../scanning/audit/index.js";
 import { getEquivalentPackageNames } from "../../../scanning/packageNameVariants.js";
 import { openNewPackagesDatabase } from "../../../scanning/newPackagesListCache.js";
 import { interceptRequests } from "../interceptorBuilder.js";
 import { isExcludedFromMinimumPackageAge } from "../minimumPackageAgeExclusions.js";
 import {
  modifyPipInfoRequestHeaders,
  modifyPipInfoResponse,
  parsePipMetadataUrl,
 } from "./modifyPipInfo.js";
 import { parsePipPackageFromUrl } from "./parsePipPackageUrl.js";
 const knownPipRegistries = [
  "files.pythonhosted.org",
  "pypi.org",
  "pypi.python.org",
  "pythonhosted.org",
 ];
 /**
 * @param {string} url
 * @returns {import("../interceptorBuilder.js").Interceptor | undefined}
 */
 export function pipInterceptorForUrl(url) {
  const customRegistries = getPipCustomRegistries();
  const registries = [...knownPipRegistries, ...customRegistries];
  const registry = registries.find((reg) => url.includes(reg));
  if (registry) {
    return buildPipInterceptor(registry);
  }
  return undefined;
 }
 /**
 * @param {string} registry
 * @returns {import("../interceptorBuilder.js").Interceptor | undefined}
 */
 function buildPipInterceptor(registry) {
  return interceptRequests(createPipRequestHandler(registry));
 }
 /**
 * @param {string} registry
 * @returns {(reqContext: import("../interceptorBuilder.js").RequestInterceptionContext) => Promise<void>}
 */
 function createPipRequestHandler(registry) {
  return async (reqContext) => {
    const minimumAgeChecksEnabled = !skipMinimumPackageAge();
    const metadataInfo = parsePipMetadataUrl(reqContext.targetUrl);
    const metadataPackageName = metadataInfo.packageName;
    if (
      minimumAgeChecksEnabled &&
      metadataPackageName &&
      !isExcludedFromMinimumPackageAge(metadataPackageName)
    ) {
      const newPackagesDatabase = await openNewPackagesDatabase();
      reqContext.modifyRequestHeaders(modifyPipInfoRequestHeaders);
      reqContext.modifyBody((body, headers) =>
        modifyPipInfoResponse(
          body,
          headers,
          reqContext.targetUrl,
          newPackagesDatabase.isNewlyReleasedPackage,
          metadataPackageName
        )
      );
      return;
    }
    const { packageName, version } = parsePipPackageFromUrl(
      reqContext.targetUrl,
      registry
    );
    if (!packageName) {
      return;
    }
    const equivalentPackageNames = getEquivalentPackageNames(
      packageName,
      ECOSYSTEM_PY
    );
    let isMalicious = false;
    for (const equivalentPackageName of equivalentPackageNames) {
      if (await isMalwarePackage(equivalentPackageName, version)) {
        isMalicious = true;
        break;
      }
    }
    if (isMalicious) {
      reqContext.blockMalware(packageName, version);
      return;
    }
    if (
      version &&
      minimumAgeChecksEnabled &&
      !isExcludedFromMinimumPackageAge(packageName)
    ) {
      const newPackagesDatabase = await openNewPackagesDatabase();
      const isNewlyReleased = newPackagesDatabase.isNewlyReleasedPackage(
        packageName,
        version
      );
      if (isNewlyReleased) {
        reqContext.blockMinimumAgeRequest(
          packageName,
          version,
          `Forbidden - blocked by safe-chain direct download minimum package age (${packageName}@${version})`
        );
      }
    }
  };
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.minPackageAge.spec.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.minPackageAge.spec.js
@ -1,168 +0,0 @@
 import { describe, it, mock } from "node:test";
 import assert from "node:assert";
 describe("pipInterceptor minimum package age", async () => {
  let skipMinimumPackageAgeSetting = false;
  let newlyReleasedPackageResponse = false;
  let minimumPackageAgeExclusionsSetting = [];
  mock.module("../../../scanning/audit/index.js", {
    namedExports: {
      isMalwarePackage: async () => false,
    },
  });
  mock.module("../../../scanning/newPackagesListCache.js", {
    namedExports: {
      openNewPackagesDatabase: async () => ({
        isNewlyReleasedPackage: (packageName, version) => {
          return newlyReleasedPackageResponse &&
            (packageName === "foo-bar" ||
              packageName === "foo_bar" ||
              packageName === "foo.bar") &&
            version === "2.0.0";
        },
      }),
    },
  });
  mock.module("../../../config/settings.js", {
    namedExports: {
      ECOSYSTEM_PY: "py",
      getEcoSystem: () => "py",
      getLoggingLevel: () => "silent",
      getMinimumPackageAgeHours: () => 48,
      getMinimumPackageAgeExclusions: () => minimumPackageAgeExclusionsSetting,
      getPipCustomRegistries: () => [],
      LOGGING_SILENT: "silent",
      LOGGING_VERBOSE: "verbose",
      skipMinimumPackageAge: () => skipMinimumPackageAgeSetting,
    },
  });
  const { pipInterceptorForUrl } = await import("./pipInterceptor.js");
  it("should block newly released package downloads", async () => {
    const url =
      "https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl";
    newlyReleasedPackageResponse = true;
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.ok(result.blockResponse);
    assert.equal(result.blockResponse.statusCode, 403);
    assert.equal(
      result.blockResponse.message,
      "Forbidden - blocked by safe-chain direct download minimum package age (foo_bar@2.0.0)"
    );
    newlyReleasedPackageResponse = false;
  });
  it("should modify simple metadata responses to suppress too-young versions", async () => {
    const url = "https://pypi.org/simple/foo-bar/";
    newlyReleasedPackageResponse = true;
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.equal(result.modifiesResponse(), true);
    const modifiedBody = result.modifyBody(
      Buffer.from(`
        <a href="https://files.pythonhosted.org/packages/xx/yy/foo_bar-1.0.0.tar.gz">foo_bar-1.0.0.tar.gz</a>
        <a href="https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0.tar.gz">foo_bar-2.0.0.tar.gz</a>
      `),
      {
        "content-type": "application/vnd.pypi.simple.v1+html",
      }
    ).toString("utf8");
    assert.ok(modifiedBody.includes("foo_bar-1.0.0.tar.gz"));
    assert.ok(!modifiedBody.includes("foo_bar-2.0.0.tar.gz"));
    newlyReleasedPackageResponse = false;
  });
  it("should not block newly released package downloads when skipMinimumPackageAge is enabled", async () => {
    const url =
      "https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl";
    newlyReleasedPackageResponse = true;
    skipMinimumPackageAgeSetting = true;
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.equal(result.blockResponse, undefined);
    skipMinimumPackageAgeSetting = false;
    newlyReleasedPackageResponse = false;
  });
  it("should not block newly released package downloads when the package is excluded", async () => {
    const url =
      "https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl";
    newlyReleasedPackageResponse = true;
    minimumPackageAgeExclusionsSetting = ["foo-bar"];
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.equal(result.blockResponse, undefined);
    minimumPackageAgeExclusionsSetting = [];
    newlyReleasedPackageResponse = false;
  });
  it("should not modify metadata responses when the package is excluded", async () => {
    const url = "https://pypi.org/simple/foo-bar/";
    newlyReleasedPackageResponse = true;
    minimumPackageAgeExclusionsSetting = ["foo-bar"];
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.equal(result.modifiesResponse(), false);
    minimumPackageAgeExclusionsSetting = [];
    newlyReleasedPackageResponse = false;
  });
  it("strips If-None-Match and If-Modified-Since from metadata requests to prevent 304 cache bypass", async () => {
    const url = "https://pypi.org/simple/foo-bar/";
    newlyReleasedPackageResponse = true;
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    const headers = {
      "if-none-match": '"some-etag"',
      "if-modified-since": "Thu, 01 Jan 2026 00:00:00 GMT",
      accept: "*/*",
    };
    result.modifyRequestHeaders(headers);
    assert.equal(headers["if-none-match"], undefined, "If-None-Match must be stripped");
    assert.equal(headers["if-modified-since"], undefined, "If-Modified-Since must be stripped");
    assert.equal(headers.accept, "*/*", "unrelated headers must be preserved");
    newlyReleasedPackageResponse = false;
  });
  it("should not block newly released package downloads when a dot-name package matches a hyphen exclusion", async () => {
    const url =
      "https://files.pythonhosted.org/packages/xx/yy/foo.bar-2.0.0.tar.gz";
    newlyReleasedPackageResponse = true;
    minimumPackageAgeExclusionsSetting = ["foo-bar"];
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
    assert.equal(result.blockResponse, undefined);
    minimumPackageAgeExclusionsSetting = [];
    newlyReleasedPackageResponse = false;
  });
 });
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/pipMetadataResponseUtils.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/pipMetadataResponseUtils.js
@ -1,27 +0,0 @@
 import { getMinimumPackageAgeHours } from "../../../config/settings.js";
 import { ui } from "../../../environment/userInteraction.js";
 import { getHeaderValueAsString } from "../../http-utils.js";
 import { recordSuppressedVersion } from "../suppressedVersionsState.js";
 /**
 * @param {NodeJS.Dict<string | string[]> | undefined} headers
 * @returns {string | undefined}
 */
 export function getPipMetadataContentType(headers) {
  return getHeaderValueAsString(headers, "content-type")
    ?.toLowerCase()
    .split(";")[0]
    .trim();
 }
 /**
 * @param {string} packageName
 * @param {string} version
 * @returns {void}
 */
 export function logSuppressedVersion(packageName, version) {
  recordSuppressedVersion();
  ui.writeVerbose(
    `Safe-chain: ${packageName}@${version} is newer than ${getMinimumPackageAgeHours()} hours and was removed (minimumPackageAgeInHours setting).`
  );
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/pipMetadataVersionUtils.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/pipMetadataVersionUtils.js
@ -1,131 +0,0 @@
 import { parsePipPackageFromUrl } from "./parsePipPackageUrl.js";
 /**
 * @param {any} file
 * @param {string} metadataUrl
 * @returns {string | undefined}
 */
 export function getPackageVersionFromMetadataFile(file, metadataUrl) {
  const href = typeof file?.url === "string" ? file.url : undefined;
  const filename = typeof file?.filename === "string" ? file.filename : undefined;
  if (href) {
    const resolvedHref = new URL(href, metadataUrl).toString();
    return parsePipPackageFromUrl(
      resolvedHref,
      new URL(resolvedHref).host
    ).version;
  }
  if (filename) {
    return parsePipPackageFromUrl(
      new URL(filename, metadataUrl).toString(),
      new URL(metadataUrl).host
    ).version;
  }
  return undefined;
 }
 /**
 * @param {any} json
 * @param {string} metadataUrl
 * @returns {string[]}
 */
 export function getAvailableVersionsFromJson(json, metadataUrl) {
  if (json.releases && typeof json.releases === "object") {
    return Object.keys(json.releases);
  }
  if (!Array.isArray(json.files)) {
    return [];
  }
  return [
    ...new Set(
      json.files
        .map((/** @type {any} */ file) =>
          getPackageVersionFromMetadataFile(file, metadataUrl)
        )
        .filter(isDefinedString)
    ),
  ];
 }
 /**
 * @param {string | undefined} value
 * @returns {value is string}
 */
 function isDefinedString(value) {
  return typeof value === "string";
 }
 /**
 * @param {string[]} versions
 * @returns {string | undefined}
 */
 export function calculateLatestVersion(versions) {
  const stableVersions = versions.filter((version) => !isPrerelease(version));
  if (stableVersions.length > 0) {
    return stableVersions.sort(comparePep440ishVersions).at(-1);
  }
  return versions.sort(comparePep440ishVersions).at(-1);
 }
 /**
 * @param {string} left
 * @param {string} right
 * @returns {number}
 */
 function comparePep440ishVersions(left, right) {
  const leftParts = tokenizeVersion(left);
  const rightParts = tokenizeVersion(right);
  const maxLength = Math.max(leftParts.length, rightParts.length);
  for (let index = 0; index < maxLength; index += 1) {
    const leftPart = leftParts[index];
    const rightPart = rightParts[index];
    if (leftPart === undefined) return -1;
    if (rightPart === undefined) return 1;
    if (leftPart === rightPart) {
      continue;
    }
    const leftNumeric = typeof leftPart === "number";
    const rightNumeric = typeof rightPart === "number";
    if (leftNumeric && rightNumeric) {
      return leftPart - rightPart;
    }
    if (leftNumeric) return 1;
    if (rightNumeric) return -1;
    return String(leftPart).localeCompare(String(rightPart));
  }
  return 0;
 }
 /**
 * @param {string} version
 * @returns {(string | number)[]}
 */
 function tokenizeVersion(version) {
  return version
    .toLowerCase()
    .split(/[^a-z0-9]+/)
    .flatMap((part) => part.match(/[a-z]+|\d+/g) || [])
    .map((part) => (/^\d+$/.test(part) ? Number(part) : part));
 }
 /**
 * @param {string} version
 * @returns {boolean}
 */
 function isPrerelease(version) {
  return /(a|b|rc|dev)\d+/i.test(version);
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/pipInterceptor.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pipInterceptor.js
@ -0,0 +1,132 @@
 import { getPipCustomRegistries } from "../../config/settings.js";
 import { isMalwarePackage } from "../../scanning/audit/index.js";
 import { interceptRequests } from "./interceptorBuilder.js";
 const knownPipRegistries = [
  "files.pythonhosted.org",
  "pypi.org",
  "pypi.python.org",
  "pythonhosted.org",
 ];
 /**
 * @param {string} url
 * @returns {import("./interceptorBuilder.js").Interceptor | undefined}
 */
 export function pipInterceptorForUrl(url) {
  const customRegistries = getPipCustomRegistries();
  const registries = [...knownPipRegistries, ...customRegistries];
  const registry = registries.find((reg) => url.includes(reg));
  if (registry) {
    return buildPipInterceptor(registry);
  }
  return undefined;
 }
 /**
 * @param {string} registry
 * @returns {import("./interceptorBuilder.js").Interceptor | undefined}
 */
 function buildPipInterceptor(registry) {
  return interceptRequests(async (reqContext) => {
    const { packageName, version } = parsePipPackageFromUrl(
      reqContext.targetUrl,
      registry
    );
    // Normalize underscores to hyphens for DB matching, as PyPI allows underscores in distribution names.
    // Per python, packages that differ only by hyphen vs underscore are considered the same.
    const hyphenName = packageName?.includes("_") ? packageName.replace(/_/g, "-") : packageName;
    const isMalicious =
       await isMalwarePackage(packageName, version)
    || await isMalwarePackage(hyphenName, version);
    if (isMalicious) {
      reqContext.blockMalware(packageName, version);
    }
  });
 }
 /**
 * @param {string} url
 * @param {string} registry
 * @returns {{packageName: string | undefined, version: string | undefined}}
 */
 function parsePipPackageFromUrl(url, registry) {
  let packageName, version;
  // Basic validation
  if (!registry || typeof url !== "string") {
    return { packageName, version };
  }
  // Quick sanity check on the URL + parse
  let urlObj;
  try {
    urlObj = new URL(url);
  } catch {
    return { packageName, version };
  }
  // Get the last path segment (filename) and decode it (strip query & fragment automatically)
  const lastSegment = urlObj.pathname.split("/").filter(Boolean).pop();
  if (!lastSegment) {
    return { packageName, version };
  }
  const filename = decodeURIComponent(lastSegment);
  // Parse Python package downloads from PyPI/pythonhosted.org
  // Example wheel: https://files.pythonhosted.org/packages/xx/yy/requests-2.28.1-py3-none-any.whl
  // Example sdist: https://files.pythonhosted.org/packages/xx/yy/requests-2.28.1.tar.gz
  // Wheel (.whl) and Poetry's preflight metadata (.whl.metadata)
  // Examples:
  //   foo_bar-2.0.0-py3-none-any.whl
  //   foo_bar-2.0.0-py3-none-any.whl.metadata
  const wheelExtRe = /\.whl(?:\.metadata)?$/;
  const wheelExtMatch = filename.match(wheelExtRe);
  if (wheelExtMatch) {
    const base = filename.replace(wheelExtRe, "");
    const firstDash = base.indexOf("-");
    if (firstDash > 0) {
      const dist = base.slice(0, firstDash); // may contain underscores
      const rest = base.slice(firstDash + 1); // version + the rest of tags
      const secondDash = rest.indexOf("-");
      const rawVersion = secondDash >= 0 ? rest.slice(0, secondDash) : rest;
      packageName = dist;
      version = rawVersion;
      // Reject "latest" as it's a placeholder, not a real version
      // When version is "latest", this signals the URL doesn't contain actual version info
      // Returning undefined allows the request (see registryProxy.js isAllowedUrl)
      if (version === "latest" || !packageName || !version) {
        return { packageName: undefined, version: undefined };
      }
      return { packageName, version };
    }
  }
  // Source dist (sdist) and potential metadata sidecars (e.g., .tar.gz.metadata)
  const sdistExtWithMetadataRe = /\.(tar\.gz|zip|tar\.bz2|tar\.xz)(\.metadata)?$/i;
  const sdistExtMatch = filename.match(sdistExtWithMetadataRe);
  if (sdistExtMatch) {
    const base = filename.replace(sdistExtWithMetadataRe, "");
    const lastDash = base.lastIndexOf("-");
    if (lastDash > 0 && lastDash < base.length - 1) {
      packageName = base.slice(0, lastDash);
      version = base.slice(lastDash + 1);
      // Reject "latest" as it's a placeholder, not a real version
      // When version is "latest", this signals the URL doesn't contain actual version info
      // Returning undefined allows the request (see registryProxy.js isAllowedUrl)
      if (version === "latest" || !packageName || !version) {
        return { packageName: undefined, version: undefined };
      }
      return { packageName, version };
    }
  }
  // Unknown file type or invalid
  return { packageName: undefined, version: undefined };
 }
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.customRegistries.spec.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.customRegistries.spec.js
@ -2,36 +2,20 @@ import { describe, it, mock } from "node:test";
 import assert from "node:assert";
 describe("pipInterceptor custom registries", async () => {
-  let scannedPackages;
+  let lastPackage;
  let malwareResponse = false;
  let customRegistries = [];
-  mock.module("../../../config/settings.js", {
+  mock.module("../../config/settings.js", {
    namedExports: {
      ECOSYSTEM_PY: "py",
      getEcoSystem: () => "py",
      getLoggingLevel: () => "silent",
      getMinimumPackageAgeHours: () => 48,
      getMinimumPackageAgeExclusions: () => [],
      getPipCustomRegistries: () => customRegistries,
      LOGGING_SILENT: "silent",
      LOGGING_VERBOSE: "verbose",
      skipMinimumPackageAge: () => false,
    },
  });
-  mock.module("../../../scanning/newPackagesListCache.js", {
+  mock.module("../../scanning/audit/index.js", {
    namedExports: {
      openNewPackagesDatabase: async () => ({
        isNewlyReleasedPackage: () => false,
      }),
    },
  });
  mock.module("../../../scanning/audit/index.js", {
    namedExports: {
      isMalwarePackage: async (packageName, version) => {
-        scannedPackages.push({ packageName, version });
+        lastPackage = { packageName, version };
        return malwareResponse;
      },
    },
@ -46,45 +30,42 @@ describe("pipInterceptor custom registries", async () => {
    const interceptor = pipInterceptorForUrl(url);
-    assert.ok(interceptor);
+    assert.ok(
      interceptor,
      "Interceptor should be created for custom registry"
    );
  });
  it("should parse package from custom registry URL", async () => {
    scannedPackages = [];
    customRegistries = ["my-custom-registry.example.com"];
    const url =
      "https://my-custom-registry.example.com/packages/xx/yy/foobar-1.2.3.tar.gz";
    const interceptor = pipInterceptorForUrl(url);
-    assert.ok(interceptor);
+    assert.ok(interceptor, "Interceptor should be created");
    await interceptor.handleRequest(url);
-    assert.ok(
+    assert.deepEqual(lastPackage, {
-      scannedPackages.some(
+      packageName: "foobar",
-        ({ packageName, version }) =>
+      version: "1.2.3",
-          packageName === "foobar" && version === "1.2.3"
+    });
      )
    );
  });
  it("should parse wheel package from custom registry URL", async () => {
    scannedPackages = [];
    customRegistries = ["private-pypi.internal.com"];
    const url =
      "https://private-pypi.internal.com/packages/foo_bar-2.0.0-py3-none-any.whl";
    const interceptor = pipInterceptorForUrl(url);
-    assert.ok(interceptor);
+    assert.ok(interceptor, "Interceptor should be created");
    await interceptor.handleRequest(url);
-    assert.ok(
+    assert.deepEqual(lastPackage, {
-      scannedPackages.some(
+      packageName: "foo-bar",
-        ({ packageName, version }) =>
+      version: "2.0.0",
-          packageName === "foo-bar" && version === "2.0.0"
+    });
      )
    );
  });
  it("should handle multiple custom registries", async () => {
@ -101,12 +82,14 @@ describe("pipInterceptor custom registries", async () => {
    const interceptor1 = pipInterceptorForUrl(url1);
    const interceptor2 = pipInterceptorForUrl(url2);
-    assert.ok(interceptor1);
+    assert.ok(interceptor1, "Interceptor should be created for first registry");
-    assert.ok(interceptor2);
+    assert.ok(
      interceptor2,
      "Interceptor should be created for second registry"
    );
  });
  it("should block malicious package from custom registry", async () => {
    scannedPackages = [];
    customRegistries = ["my-custom-registry.example.com"];
    malwareResponse = true;
@ -114,19 +97,26 @@ describe("pipInterceptor custom registries", async () => {
      "https://my-custom-registry.example.com/packages/malicious_package-1.0.0.tar.gz";
    const interceptor = pipInterceptorForUrl(url);
-    assert.ok(interceptor);
+    assert.ok(interceptor, "Interceptor should be created");
    const result = await interceptor.handleRequest(url);
-    assert.ok(result.blockResponse);
+    assert.ok(result.blockResponse, "Should contain a blockResponse");
-    assert.equal(result.blockResponse.statusCode, 403);
+    assert.equal(
-    assert.equal(result.blockResponse.message, "Forbidden - blocked by safe-chain");
+      result.blockResponse.statusCode,
      403,
      "Block response should have status code 403"
    );
    assert.equal(
      result.blockResponse.message,
      "Forbidden - blocked by safe-chain",
      "Block response should have correct status message"
    );
    malwareResponse = false;
  });
  it("should still work with known registries when custom registries are set", async () => {
    scannedPackages = [];
    customRegistries = ["my-custom-registry.example.com"];
    const url =
@ -134,16 +124,17 @@ describe("pipInterceptor custom registries", async () => {
    const interceptor = pipInterceptorForUrl(url);
-    assert.ok(interceptor);
+    assert.ok(
      interceptor,
      "Interceptor should be created for known registry even with custom registries set"
    );
    await interceptor.handleRequest(url);
-    assert.ok(
+    assert.deepEqual(lastPackage, {
-      scannedPackages.some(
+      packageName: "foobar",
-        ({ packageName, version }) =>
+      version: "1.2.3",
-          packageName === "foobar" && version === "1.2.3"
+    });
      )
    );
  });
  it("should not create interceptor for unknown registry when custom registries are set", () => {
@ -152,7 +143,11 @@ describe("pipInterceptor custom registries", async () => {
    const interceptor = pipInterceptorForUrl(url);
-    assert.equal(interceptor, undefined);
+    assert.equal(
      interceptor,
      undefined,
      "Interceptor should be undefined for unknown registry"
    );
  });
  it("should handle empty custom registries array", () => {
@ -162,44 +157,43 @@ describe("pipInterceptor custom registries", async () => {
    const interceptor = pipInterceptorForUrl(url);
-    assert.equal(interceptor, undefined);
+    assert.equal(
      interceptor,
      undefined,
      "Interceptor should be undefined when no custom registries are configured"
    );
  });
  it("should parse .whl.metadata from custom registry", async () => {
    scannedPackages = [];
    customRegistries = ["private-pypi.internal.com"];
    const url =
      "https://private-pypi.internal.com/packages/foo_bar-2.0.0-py3-none-any.whl.metadata";
    const interceptor = pipInterceptorForUrl(url);
-    assert.ok(interceptor);
+    assert.ok(interceptor, "Interceptor should be created");
    await interceptor.handleRequest(url);
-    assert.ok(
+    assert.deepEqual(lastPackage, {
-      scannedPackages.some(
+      packageName: "foo-bar",
-        ({ packageName, version }) =>
+      version: "2.0.0",
-          packageName === "foo-bar" && version === "2.0.0"
+    });
      )
    );
  });
  it("should parse .tar.gz.metadata from custom registry", async () => {
    scannedPackages = [];
    customRegistries = ["private-pypi.internal.com"];
    const url =
      "https://private-pypi.internal.com/packages/foo_bar-2.0.0.tar.gz.metadata";
    const interceptor = pipInterceptorForUrl(url);
-    assert.ok(interceptor);
+    assert.ok(interceptor, "Interceptor should be created");
    await interceptor.handleRequest(url);
-    assert.ok(
+    assert.deepEqual(lastPackage, {
-      scannedPackages.some(
+      packageName: "foo-bar",
-        ({ packageName, version }) =>
+      version: "2.0.0",
-          packageName === "foo-bar" && version === "2.0.0"
+    });
      )
    );
  });
 });
--- a/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.packageDownload.spec.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/pip/pipInterceptor.packageDownload.spec.js
@ -2,43 +2,22 @@ import { describe, it, mock } from "node:test";
 import assert from "node:assert";
 describe("pipInterceptor", async () => {
-  let scannedPackages;
+  let lastPackage;
  let malwareResponse = false;
-  mock.module("../../../scanning/audit/index.js", {
+  mock.module("../../scanning/audit/index.js", {
    namedExports: {
      isMalwarePackage: async (packageName, version) => {
-        scannedPackages.push({ packageName, version });
+        lastPackage = { packageName, version };
        return malwareResponse;
      },
    },
  });
  mock.module("../../../scanning/newPackagesListCache.js", {
    namedExports: {
      openNewPackagesDatabase: async () => ({
        isNewlyReleasedPackage: () => false,
      }),
    },
  });
  mock.module("../../../config/settings.js", {
    namedExports: {
      ECOSYSTEM_PY: "py",
      getEcoSystem: () => "py",
      getLoggingLevel: () => "silent",
      getMinimumPackageAgeHours: () => 48,
      getMinimumPackageAgeExclusions: () => [],
      getPipCustomRegistries: () => [],
      LOGGING_SILENT: "silent",
      LOGGING_VERBOSE: "verbose",
      skipMinimumPackageAge: () => false,
    },
  });
  const { pipInterceptorForUrl } = await import("./pipInterceptor.js");
  const parserCases = [
    // Valid pip URLs
    {
      url: "https://files.pythonhosted.org/packages/xx/yy/foobar-1.2.3.tar.gz",
      expected: { packageName: "foobar", version: "1.2.3" },
@ -56,6 +35,7 @@ describe("pipInterceptor", async () => {
      expected: { packageName: "foo-bar", version: "2.0.0" },
    },
    {
      // Poetry preflight metadata alongside wheel (.whl.metadata)
      url: "https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl.metadata",
      expected: { packageName: "foo-bar", version: "2.0.0" },
    },
@ -72,6 +52,7 @@ describe("pipInterceptor", async () => {
      expected: { packageName: "foo-bar", version: "2.0.0b1" },
    },
    {
      // sdist with metadata sidecar (.tar.gz.metadata)
      url: "https://files.pythonhosted.org/packages/xx/yy/foo_bar-2.0.0.tar.gz.metadata",
      expected: { packageName: "foo-bar", version: "2.0.0" },
    },
@ -95,6 +76,7 @@ describe("pipInterceptor", async () => {
      url: "https://pypi.org/packages/source/f/foo_bar/foo_bar-2.0.0-cp38-cp38-manylinux1_x86_64.whl",
      expected: { packageName: "foo-bar", version: "2.0.0" },
    },
    // Invalid pip URLs
    {
      url: "https://pypi.org/simple/",
      expected: { packageName: undefined, version: undefined },
@ -115,49 +97,49 @@ describe("pipInterceptor", async () => {
  parserCases.forEach(({ url, expected }, index) => {
    it(`should parse URL ${index + 1}: ${url}`, async () => {
      scannedPackages = [];
      const interceptor = pipInterceptorForUrl(url);
-      assert.ok(interceptor, "Interceptor should be created for known pip registry");
+      assert.ok(
        interceptor,
        "Interceptor should be created for known npm registry"
      );
      await interceptor.handleRequest(url);
-      if (expected.packageName === undefined) {
+      assert.deepEqual(lastPackage, expected);
        assert.deepEqual(scannedPackages, []);
        return;
      }
      assert.ok(
        scannedPackages.some(
          ({ packageName, version }) =>
            packageName === expected.packageName &&
            version === expected.version
        )
      );
    });
  });
  it("should not create interceptor for unknown registry", () => {
    const url = "https://example.com/packages/xx/yy/foobar-1.2.3.tar.gz";
    const interceptor = pipInterceptorForUrl(url);
-    assert.equal(interceptor, undefined);
+
    assert.equal(
      interceptor,
      undefined,
      "Interceptor should be undefined for unknown registry"
    );
  });
  it("should block malicious package", async () => {
    scannedPackages = [];
    const url =
      "https://files.pythonhosted.org/packages/xx/yy/malicious_package-1.0.0.tar.gz";
    malwareResponse = true;
    const interceptor = pipInterceptorForUrl(url);
    const result = await interceptor.handleRequest(url);
-    assert.ok(result.blockResponse);
+    assert.ok(result.blockResponse, "Should contain a blockResponse");
-    assert.equal(result.blockResponse.statusCode, 403);
+    assert.equal(
      result.blockResponse.statusCode,
      403,
      "Block response should have status code 403"
    );
    assert.equal(
      result.blockResponse.message,
-      "Forbidden - blocked by safe-chain"
+      "Forbidden - blocked by safe-chain",
      "Block response should have correct status message"
    );
    malwareResponse = false;
  });
 });
--- a/packages/safe-chain/src/registryProxy/interceptors/suppressedVersionsState.js
+++ b/packages/safe-chain/src/registryProxy/interceptors/suppressedVersionsState.js
@ -1,21 +0,0 @@
 const state = {
  hasSuppressedVersions: false,
 };
 /**
 * Tracks whether any rewritten metadata response suppressed versions during the
 * current process lifetime. This is intentional shared state used only for the
 * end-of-run summary message exposed through the proxy API.
 *
 * @returns {void}
 */
 export function recordSuppressedVersion() {
  state.hasSuppressedVersions = true;
 }
 /**
 * @returns {boolean}
 */
 export function getHasSuppressedVersions() {
  return state.hasSuppressedVersions;
 }
--- a/packages/safe-chain/src/registryProxy/mitmRequestHandler.js
+++ b/packages/safe-chain/src/registryProxy/mitmRequestHandler.js
@ -2,8 +2,7 @@ import https from "https";
 import { generateCertForHost } from "./certUtils.js";
 import { HttpsProxyAgent } from "https-proxy-agent";
 import { ui } from "../environment/userInteraction.js";
-import { gunzipSync } from "zlib";
+import { gunzipSync, gzipSync } from "zlib";
 import { omitHeaders } from "./http-utils.js";
 /**
 * @typedef {import("./interceptors/interceptorBuilder.js").Interceptor} Interceptor
@ -216,16 +215,11 @@ function createProxyRequest(hostname, port, req, res, requestHandler) {
        buffer = requestHandler.modifyBody(buffer, headers);
-        // For rewritten responses, send the final body uncompressed.
+        if (proxyRes.headers["content-encoding"] === "gzip") {
-        // This avoids mismatches between upstream compression metadata and the
+          buffer = gzipSync(buffer);
-        // rewritten payload on the wire.
+        }
-        const rewrittenHeaders = omitHeaders(
+
-          headers,
+        res.writeHead(statusCode, headers);
          ["content-length", "transfer-encoding", "content-encoding"],
          { caseInsensitive: true }
        ) || {};
        rewrittenHeaders["content-length"] = String(buffer.byteLength);
        res.writeHead(statusCode, rewrittenHeaders);
        res.end(buffer);
      });
    } else {
--- a/packages/safe-chain/src/registryProxy/mitmRequestHandler.spec.js
+++ b/packages/safe-chain/src/registryProxy/mitmRequestHandler.spec.js
@ -1,138 +0,0 @@
 import { describe, it, mock } from "node:test";
 import assert from "node:assert";
 import zlib from "node:zlib";
 describe("mitmRequestHandler", async () => {
  let capturedHandler;
  let capturedOptions;
  mock.module("https", {
    defaultExport: {
      createServer: (_options, handler) => {
        capturedHandler = handler;
        return {
          on: () => {},
          emit: () => {},
        };
      },
      request: (options, callback) => {
        capturedOptions = options;
        const listeners = {};
        const proxyRes = {
          statusCode: 200,
          headers: {
            "content-encoding": "gzip",
            "content-length": "999",
            "transfer-encoding": "chunked",
          },
          on: (event, handler) => {
            listeners[event] = handler;
          },
        };
        callback(proxyRes);
        return {
          on: () => {},
          write: () => {},
          end: () => {
            const payload = Buffer.from("rewritten body");
            listeners["data"]?.(zlib.gzipSync(payload));
            listeners["end"]?.();
          },
          destroy: () => {},
        };
      },
    },
  });
  mock.module("./certUtils.js", {
    namedExports: {
      generateCertForHost: () => ({
        privateKey: "key",
        certificate: "cert",
      }),
    },
  });
  mock.module("https-proxy-agent", {
    namedExports: {
      HttpsProxyAgent: class {},
    },
  });
  mock.module("../environment/userInteraction.js", {
    namedExports: {
      ui: {
        writeVerbose: () => {},
        writeError: () => {},
      },
    },
  });
  const { mitmConnect } = await import("./mitmRequestHandler.js");
  it("sets content-length from the final compressed payload after body rewrite", async () => {
    const interceptor = {
      handleRequest: async () => ({
        blockResponse: undefined,
        modifyRequestHeaders: (headers) => headers,
        modifiesResponse: () => true,
        modifyBody: () => Buffer.from("rewritten body"),
      }),
    };
    const req = {
      url: "pypi.org:443",
    };
    const clientSocket = {
      on: () => {},
      write: () => {},
      headersSent: false,
      writable: true,
      end: () => {},
    };
    mitmConnect(req, clientSocket, interceptor);
    const resState = {
      statusCode: undefined,
      headers: undefined,
      body: undefined,
    };
    const res = {
      headersSent: false,
      writeHead: (statusCode, headers) => {
        resState.statusCode = statusCode;
        resState.headers = headers;
      },
      end: (body) => {
        resState.body = body;
      },
    };
    const request = {
      url: "/simple/example/",
      headers: {},
      method: "GET",
      on: (event, handler) => {
        if (event === "end") {
          handler();
        }
      },
    };
    await capturedHandler(request, res);
    assert.equal(capturedOptions.hostname, "pypi.org");
    assert.equal(resState.statusCode, 200);
    assert.equal(resState.headers["transfer-encoding"], undefined);
    assert.equal(
      resState.headers["content-length"],
      String(resState.body.byteLength)
    );
  });
 });
--- a/packages/safe-chain/src/registryProxy/registryProxy.js
+++ b/packages/safe-chain/src/registryProxy/registryProxy.js
@ -2,48 +2,52 @@ import * as http from "http";
 import { tunnelRequest } from "./tunnelRequestHandler.js";
 import { mitmConnect } from "./mitmRequestHandler.js";
 import { handleHttpProxyRequest } from "./plainHttpProxy.js";
-import { getCombinedCaBundlePath, cleanupCertBundle } from "./certBundle.js";
+import { getCombinedCaBundlePath } from "./certBundle.js";
 import { ui } from "../environment/userInteraction.js";
 import chalk from "chalk";
 import { createInterceptorForUrl } from "./interceptors/createInterceptorForEcoSystem.js";
-import { getHasSuppressedVersions } from "./interceptors/suppressedVersionsState.js";
+import { getHasSuppressedVersions } from "./interceptors/npm/modifyNpmInfo.js";
 import { createRamaProxy, getRamaPath } from "./createRamaProxy.js";
 const SERVER_STOP_TIMEOUT_MS = 1000;
 /**
- * @type {{
+ * @typedef {Object} SafeChainProxy
- *   port: number | null,
+ * @prop {() => Promise<void>} startServer
- *   blockedRequests: {packageName: string, version: string, url: string}[],
+ * @prop {() => Promise<void>} stopServer
- *   blockedMinimumAgeRequests: {packageName: string, version: string, url: string}[]
+ * @prop {() => boolean} verifyNoMaliciousPackages
- * }}
+ * @prop {() => boolean} hasSuppressedVersions
 * @prop {() => Number | null} getServerPort
 * @prop {() => string} getCombinedCaBundlePath
 */
-const state = {
+
-  port: null,
+/** @type {SafeChainProxy} */
-  blockedRequests: [],
+let server;
  blockedMinimumAgeRequests: [],
 };
 export function createSafeChainProxy() {
-  const server = createProxyServer();
+  if (server) {
    return server;
  }
-  return {
+  let ramaPath = getRamaPath();
-    startServer: () => startServer(server),
+  if (ramaPath) {
-    stopServer: () => stopServer(server),
+    ui.writeInformation("Starting safe-chain rama proxy");
-    hasBlockedMaliciousPackages,
+    server = createRamaProxy(ramaPath);
-    hasBlockedMinimumAgeRequests,
+  } else {
-    hasSuppressedVersions: getHasSuppressedVersions,
+    server = createBuiltInProxyServer();
-  };
+  }
  return server;
 }
 /**
 * @returns {Record<string, string>}
 */
 function getSafeChainProxyEnvironmentVariables() {
-  if (!state.port) {
+  if (!server || !server.getServerPort()) {
    return {};
  }
-  const proxyUrl = `http://127.0.0.1:${state.port}`;
+  const proxyUrl = `http://localhost:${server.getServerPort()}`;
-  const caCertPath = getCombinedCaBundlePath();
+  const caCertPath = server.getCombinedCaBundlePath();
  return {
    HTTPS_PROXY: proxyUrl,
@ -74,7 +78,17 @@ export function mergeSafeChainProxyEnvironmentVariables(env) {
  return proxyEnv;
 }
-function createProxyServer() {
+/** @returns {SafeChainProxy} */
 function createBuiltInProxyServer() {
  const SERVER_STOP_TIMEOUT_MS = 1000;
  /**
   * @type {{port: number | null, blockedRequests: {packageName: string, version: string, url: string}[]}}
   */
  const state = {
    port: null,
    blockedRequests: [],
  };
  const server = http.createServer(
    // This handles direct HTTP requests (non-CONNECT requests)
    // This is normally http-only traffic, but we also handle
@ -85,174 +99,121 @@ function createProxyServer() {
  // This handles HTTPS requests via the CONNECT method
  server.on("connect", handleConnect);
-  return server;
+  return {
-}
+    startServer: () => startServer(server),
    stopServer: () => stopServer(server),
    verifyNoMaliciousPackages,
    hasSuppressedVersions: getHasSuppressedVersions,
    getServerPort: () => state.port,
    getCombinedCaBundlePath,
  };
-/**
+  /**
- * @param {import("http").Server} server
+   * @param {import("http").Server} server
- *
+   *
- * @returns {Promise<void>}
+   * @returns {Promise<void>}
- */
+   */
-function startServer(server) {
+  function startServer(server) {
-  return new Promise((resolve, reject) => {
+    return new Promise((resolve, reject) => {
-    // Bind to loopback only. Without an explicit host, Node listens on every
+      // Passing port 0 makes the OS assign an available port
-    // interface, turning the proxy into an unauthenticated forward proxy that
+      server.listen(0, () => {
-    // anyone reachable on the network can use to hit the victim's localhost,
+        const address = server.address();
-    // intranet, or cloud metadata endpoints. Port 0 lets the OS pick a port.
+        if (address && typeof address === "object") {
-    server.listen(0, "127.0.0.1", () => {
+          state.port = address.port;
-      const address = server.address();
+          resolve();
-      if (address && typeof address === "object") {
+        } else {
-        state.port = address.port;
+          reject(new Error("Failed to start proxy server"));
-        resolve();
+        }
      } else {
        reject(new Error("Failed to start proxy server"));
      }
    });
    server.on("error", (err) => {
      reject(err);
    });
  });
 }
 /**
 * @param {import("http").Server} server
 *
 * @returns {Promise<void>}
 */
 function stopServer(server) {
  return new Promise((resolve) => {
    try {
      server.close(() => {
        cleanupCertBundle();
        resolve();
      });
-    } catch {
+
-      resolve();
+      server.on("error", (err) => {
        reject(err);
      });
    });
  }
  /**
   * @param {import("http").Server} server
   *
   * @returns {Promise<void>}
   */
  function stopServer(server) {
    return new Promise((resolve) => {
      try {
        server.close(() => {
          resolve();
        });
      } catch {
        resolve();
      }
      setTimeout(() => resolve(), SERVER_STOP_TIMEOUT_MS);
    });
  }
  /**
   * @param {import("http").IncomingMessage} req
   * @param {import("http").ServerResponse} clientSocket
   * @param {Buffer} head
   *
   * @returns {void}
   */
  function handleConnect(req, clientSocket, head) {
    // CONNECT method is used for HTTPS requests
    // It establishes a tunnel to the server identified by the request URL
    const interceptor = createInterceptorForUrl(req.url || "");
    if (interceptor) {
      // Subscribe to malware blocked events
      interceptor.on(
        "malwareBlocked",
        (
          /** @type {import("./interceptors/interceptorBuilder.js").MalwareBlockedEvent} */ event
        ) => {
          onMalwareBlocked(event.packageName, event.version, event.targetUrl);
        }
      );
      mitmConnect(req, clientSocket, interceptor);
    } else {
      // For other hosts, just tunnel the request to the destination tcp socket
      ui.writeVerbose(`Safe-chain: Tunneling request to ${req.url}`);
      tunnelRequest(req, clientSocket, head);
    }
-    setTimeout(() => {
+  }
      cleanupCertBundle();
      resolve();
    }, SERVER_STOP_TIMEOUT_MS);
  });
 }
-/**
+  /**
- * @param {import("http").IncomingMessage} req
+   *
- * @param {import("http").ServerResponse} clientSocket
+   * @param {string} packageName
- * @param {Buffer} head
+   * @param {string} version
- *
+   * @param {string} url
- * @returns {void}
+   */
- */
+  function onMalwareBlocked(packageName, version, url) {
-function handleConnect(req, clientSocket, head) {
+    state.blockedRequests.push({ packageName, version, url });
-  // CONNECT method is used for HTTPS requests
+  }
  // It establishes a tunnel to the server identified by the request URL
-  const interceptor = createInterceptorForUrl(req.url || "");
+  function verifyNoMaliciousPackages() {
    if (state.blockedRequests.length === 0) {
      // No malicious packages were blocked, so nothing to block
      return true;
    }
-  if (interceptor) {
+    ui.emptyLine();
-    // Subscribe to malware blocked events
+
-    interceptor.on(
+    ui.writeInformation(
-      "malwareBlocked",
+      `Safe-chain: ${chalk.bold(
-      (
+        `blocked ${state.blockedRequests.length} malicious package downloads`
-        /** @type {import("./interceptors/interceptorBuilder.js").MalwareBlockedEvent} */ event
+      )}:`
      ) => {
        onMalwareBlocked(event.packageName, event.version, event.targetUrl);
      }
    );
    interceptor.on(
      "minimumAgeRequestBlocked",
      (
        /** @type {import("./interceptors/interceptorBuilder.js").MinimumAgeRequestBlockedEvent} */ event
      ) => {
        onMinimumAgeRequestBlocked(
          event.packageName,
          event.version,
          event.targetUrl
        );
      }
    );
-    mitmConnect(req, clientSocket, interceptor);
+    for (const req of state.blockedRequests) {
-  } else {
+      ui.writeInformation(` - ${req.packageName}@${req.version} (${req.url})`);
-    // For other hosts, just tunnel the request to the destination tcp socket
+    }
    ui.writeVerbose(`Safe-chain: Tunneling request to ${req.url}`);
    tunnelRequest(req, clientSocket, head);
  }
 }
-/**
+    ui.emptyLine();
- *
+    ui.writeExitWithoutInstallingMaliciousPackages();
- * @param {string} packageName
+    ui.emptyLine();
 * @param {string} version
 * @param {string} url
 */
 function onMalwareBlocked(packageName, version, url) {
  state.blockedRequests.push({ packageName, version, url });
 }
 /**
 *
 * @param {string} packageName
 * @param {string} version
 * @param {string} url
 */
 function onMinimumAgeRequestBlocked(packageName, version, url) {
  state.blockedMinimumAgeRequests.push({ packageName, version, url });
 }
 function hasBlockedMaliciousPackages() {
  if (state.blockedRequests.length === 0) {
    return false;
  }
  ui.emptyLine();
  ui.writeInformation(
    `Safe-chain: ${chalk.bold(
      `blocked ${state.blockedRequests.length} malicious package downloads`
    )}:`
  );
  for (const req of state.blockedRequests) {
    ui.writeInformation(` - ${req.packageName}@${req.version} (${req.url})`);
  }
  ui.emptyLine();
  ui.writeExitWithoutInstallingMaliciousPackages();
  ui.emptyLine();
  return true;
 }
 function hasBlockedMinimumAgeRequests() {
  if (state.blockedMinimumAgeRequests.length === 0) {
    return false;
  }
  ui.emptyLine();
  ui.writeInformation(
    `Safe-chain: ${chalk.bold(
      `blocked ${state.blockedMinimumAgeRequests.length} direct package download request(s) due to minimum package age`
    )}:`
  );
  for (const req of state.blockedMinimumAgeRequests) {
    ui.writeInformation(` - ${req.packageName}@${req.version} (${req.url})`);
  }
  ui.writeInformation(
    `  To disable this check, use: ${chalk.cyan(
      "--safe-chain-skip-minimum-package-age"
    )}`
  );
  ui.emptyLine();
  ui.writeError(
    "Safe-chain: Exiting without installing packages blocked by the direct download minimum package age check."
  );
  ui.emptyLine();
  return true;
 }
--- a/packages/safe-chain/src/registryProxy/registryProxy.loopback.spec.js
+++ b/packages/safe-chain/src/registryProxy/registryProxy.loopback.spec.js
@ -1,67 +0,0 @@
 import { before, after, describe, it } from "node:test";
 import assert from "node:assert";
 import net from "node:net";
 import os from "node:os";
 import {
  createSafeChainProxy,
  mergeSafeChainProxyEnvironmentVariables,
 } from "./registryProxy.js";
 describe("registryProxy loopback binding", () => {
  let proxy, proxyPort;
  before(async () => {
    proxy = createSafeChainProxy();
    await proxy.startServer();
    const envVars = mergeSafeChainProxyEnvironmentVariables([]);
    proxyPort = parseInt(new URL(envVars.HTTPS_PROXY).port, 10);
  });
  after(async () => {
    await proxy.stopServer();
  });
  it("advertises a loopback HTTPS_PROXY URL", () => {
    const envVars = mergeSafeChainProxyEnvironmentVariables([]);
    const hostname = new URL(envVars.HTTPS_PROXY).hostname;
    assert.ok(
      hostname === "127.0.0.1" || hostname === "::1" || hostname === "localhost",
      `expected loopback hostname, got ${hostname}`
    );
  });
  it("refuses connections on non-loopback interfaces", async () => {
    const externalAddrs = Object.values(os.networkInterfaces())
      .flat()
      .filter((iface) => iface && iface.family === "IPv4" && !iface.internal)
      .map((iface) => iface.address);
    if (externalAddrs.length === 0) {
      // No non-loopback interface available (e.g. locked-down CI) - skip.
      return;
    }
    for (const addr of externalAddrs) {
      await new Promise((resolve, reject) => {
        const sock = net.createConnection({ host: addr, port: proxyPort });
        const timer = setTimeout(() => {
          sock.destroy();
          resolve(); // Filtered / dropped is also fine - we just don't want success.
        }, 500);
        sock.once("connect", () => {
          clearTimeout(timer);
          sock.destroy();
          reject(
            new Error(
              `proxy accepted a connection on non-loopback ${addr}:${proxyPort}`
            )
          );
        });
        sock.once("error", () => {
          clearTimeout(timer);
          resolve();
        });
      });
    }
  });
 });
--- a/packages/safe-chain/src/registryProxy/registryProxy.mitm.spec.js
+++ b/packages/safe-chain/src/registryProxy/registryProxy.mitm.spec.js
@ -2,17 +2,12 @@ import { before, after, describe, it } from "node:test";
 import assert from "node:assert";
 import net from "net";
 import tls from "tls";
 import { gunzipSync } from "zlib";
 import {
  createSafeChainProxy,
  mergeSafeChainProxyEnvironmentVariables,
 } from "./registryProxy.js";
 import { getCaCertPath } from "./certUtils.js";
-import {
+import { setEcoSystem, ECOSYSTEM_JS, ECOSYSTEM_PY } from "../config/settings.js";
  setEcoSystem,
  ECOSYSTEM_JS,
  ECOSYSTEM_PY,
 } from "../config/settings.js";
 import fs from "fs";
 describe("registryProxy.mitm", () => {
@ -38,7 +33,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/lodash",
+      "/lodash"
    );
    assert.strictEqual(response.statusCode, 200);
@ -50,7 +45,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/lodash/-/lodash-4.17.21.tgz",
+      "/lodash/-/lodash-4.17.21.tgz"
    );
    // Should get a response (200 or redirect, but not 403 blocked)
@ -62,7 +57,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/this-package-definitely-does-not-exist-12345",
+      "/this-package-definitely-does-not-exist-12345"
    );
    assert.strictEqual(response.statusCode, 404);
@ -73,7 +68,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/lodash?write=true",
+      "/lodash?write=true"
    );
    assert.strictEqual(response.statusCode, 200);
@ -84,7 +79,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.yarnpkg.com",
-      "/lodash",
+      "/lodash"
    );
    assert.strictEqual(response.statusCode, 200);
@ -95,7 +90,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/lodash",
+      "/lodash"
    );
    // Check certificate common name matches the target hostname
@ -114,14 +109,14 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/lodash",
+      "/lodash"
    );
    const { cert: cert2 } = await makeRegistryRequestAndGetCert(
      proxyHost,
      proxyPort,
      "registry.yarnpkg.com",
-      "/lodash",
+      "/lodash"
    );
    // Different hostnames should have different certificates
@ -135,14 +130,14 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/lodash",
+      "/lodash"
    );
    const { cert: cert2 } = await makeRegistryRequestAndGetCert(
      proxyHost,
      proxyPort,
      "registry.npmjs.org",
-      "/package/lodash",
+      "/package/lodash"
    );
    // Same hostname should get the same certificate (fingerprint)
@ -164,7 +159,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "pypi.org",
-      "/packages/source/f/foo_bar/foo_bar-2.0.0.tar.gz",
+      "/packages/source/f/foo_bar/foo_bar-2.0.0.tar.gz"
    );
    assert.notStrictEqual(response.statusCode, 403);
    assert.ok(typeof response.body === "string");
@ -177,7 +172,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "files.pythonhosted.org",
-      "/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl",
+      "/packages/xx/yy/foo_bar-2.0.0-py3-none-any.whl"
    );
    assert.notStrictEqual(response.statusCode, 403);
    assert.ok(typeof response.body === "string");
@ -190,7 +185,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "pypi.org",
-      "/packages/source/f/foo_bar/foo_bar-2.0.0a1.tar.gz",
+      "/packages/source/f/foo_bar/foo_bar-2.0.0a1.tar.gz"
    );
    assert.notStrictEqual(response.statusCode, 403);
    assert.ok(typeof response.body === "string");
@ -203,7 +198,7 @@ describe("registryProxy.mitm", () => {
      proxyHost,
      proxyPort,
      "pypi.org",
-      "/packages/source/f/foo_bar/foo_bar-latest.tar.gz",
+      "/packages/source/f/foo_bar/foo_bar-latest.tar.gz"
    );
    assert.notStrictEqual(response.statusCode, 403);
    assert.ok(typeof response.body === "string");
@ -239,73 +234,34 @@ async function makeRegistryRequest(proxyHost, proxyPort, targetHost, path) {
  });
  // Step 4: Send HTTP request over TLS
-  const httpRequest = `GET ${path} HTTP/1.1\r\nHost: ${targetHost}\r\nConnection: close\r\nAccept-encoding: gzip\r\n\r\n`;
+  const httpRequest = `GET ${path} HTTP/1.1\r\nHost: ${targetHost}\r\nConnection: close\r\n\r\n`;
  tlsSocket.write(httpRequest);
-  // Step 5: Read response as binary chunks
+  // Step 5: Read response
  return new Promise((resolve, reject) => {
-    const chunks = [];
+    let data = "";
    tlsSocket.on("data", (chunk) => {
-      chunks.push(chunk);
+      data += chunk.toString();
    });
    tlsSocket.on("end", () => {
-      const buffer = Buffer.concat(chunks);
+      const lines = data.split("\r\n");
-
+      const statusLine = lines[0];
      // Find the header/body separator (\r\n\r\n) in binary
      const separator = Buffer.from("\r\n\r\n");
      let separatorIndex = buffer.indexOf(separator);
      if (separatorIndex === -1) {
        return reject(
          new Error("Invalid HTTP response: no header/body separator"),
        );
      }
      // Extract headers as text
      const headersText = buffer.subarray(0, separatorIndex).toString("utf8");
      const headerLines = headersText.split("\r\n");
      const statusLine = headerLines[0];
      const statusCode = parseInt(statusLine.split(" ")[1]);
-      // Parse headers into object
+      // Find body after empty line
-      const headers = {};
+      const emptyLineIndex = lines.findIndex(line => line === "");
-      for (let i = 1; i < headerLines.length; i++) {
+      const body = lines.slice(emptyLineIndex + 1).join("\r\n");
        const colonIndex = headerLines[i].indexOf(":");
        if (colonIndex > 0) {
          const key = headerLines[i].substring(0, colonIndex).toLowerCase();
          const value = headerLines[i].substring(colonIndex + 1).trim();
          headers[key] = value;
        }
      }
-      // Extract body as binary
+      resolve({ statusCode, body });
      let bodyBuffer = buffer.subarray(separatorIndex + separator.length);
      // Decode chunked transfer encoding if present
      if (headers["transfer-encoding"] === "chunked") {
        bodyBuffer = decodeChunked(bodyBuffer);
      }
      // Decompress if gzip encoded
      if (headers["content-encoding"] === "gzip" && bodyBuffer.length > 0) {
        bodyBuffer = gunzipSync(bodyBuffer);
      }
      const body = bodyBuffer.toString("utf8");
      resolve({ statusCode, body, headers });
    });
    tlsSocket.on("error", reject);
  });
 }
-async function makeRegistryRequestAndGetCert(
+async function makeRegistryRequestAndGetCert(proxyHost, proxyPort, targetHost, path) {
  proxyHost,
  proxyPort,
  targetHost,
  path,
 ) {
  // Step 1: Connect to proxy
  const socket = await new Promise((resolve, reject) => {
    const sock = net.connect({ host: proxyHost, port: proxyPort }, () => {
@ -355,7 +311,7 @@ async function makeRegistryRequestAndGetCert(
      const statusCode = parseInt(statusLine.split(" ")[1]);
      // Find body after empty line
-      const emptyLineIndex = lines.findIndex((line) => line === "");
+      const emptyLineIndex = lines.findIndex(line => line === "");
      const body = lines.slice(emptyLineIndex + 1).join("\r\n");
      resolve({ statusCode, body });
@ -366,37 +322,3 @@ async function makeRegistryRequestAndGetCert(
  return { cert: peerCert, response };
 }
 /**
 * Decode HTTP chunked transfer encoding
 * Format: <chunk-size-hex>\r\n<chunk-data>\r\n ... 0\r\n\r\n
 * @param {Buffer} buffer
 * @returns {Buffer}
 */
 function decodeChunked(buffer) {
  const chunks = [];
  let offset = 0;
  while (offset < buffer.length) {
    // Find the end of the chunk size line
    const lineEnd = buffer.indexOf(Buffer.from("\r\n"), offset);
    if (lineEnd === -1) break;
    // Parse chunk size (hex)
    const sizeHex = buffer.subarray(offset, lineEnd).toString("utf8");
    const chunkSize = parseInt(sizeHex, 16);
    // End of chunks
    if (chunkSize === 0) break;
    // Extract chunk data
    const dataStart = lineEnd + 2;
    const dataEnd = dataStart + chunkSize;
    chunks.push(buffer.subarray(dataStart, dataEnd));
    // Move past chunk data and trailing \r\n
    offset = dataEnd + 2;
  }
  return Buffer.concat(chunks);
 }
--- a/packages/safe-chain/src/scanning/malwareDatabase.js
+++ b/packages/safe-chain/src/scanning/malwareDatabase.js
@ -15,12 +15,8 @@ import { getEcoSystem, ECOSYSTEM_PY } from "../config/settings.js";
 * @property {function(string, string): boolean} isMalware
 */
-// Caching the Promise (rather than the resolved database) prevents duplicate fetches. If we cached the resolved
+/** @type {MalwareDatabase | null} */
-// value, multiple callers could pass the null-check before the first fetch completes (because each `await` yields
+let cachedMalwareDatabase = null;
 // control back to the event loop, allowing other callers to run). Since the Promise assignment is synchronous, all
 // concurrent callers see it immediately and share a single fetch.
 /** @type {Promise<MalwareDatabase> | null} */
 let cachedMalwareDatabasePromise = null;
 /**
 * Normalize package name for comparison.
@ -38,44 +34,45 @@ function normalizePackageName(name) {
  return name;
 }
-export function openMalwareDatabase() {
+export async function openMalwareDatabase() {
-  if (!cachedMalwareDatabasePromise) {
+  if (cachedMalwareDatabase) {
-    cachedMalwareDatabasePromise = getMalwareDatabase().then((malwareDatabase) => {
+    return cachedMalwareDatabase;
      /**
       * @param {string} name
       * @param {string} version
       * @returns {string}
       */
      function getPackageStatus(name, version) {
        const normalizedName = normalizePackageName(name);
        const packageData = malwareDatabase.find(
          (pkg) => {
            const normalizedPkgName = normalizePackageName(pkg.package_name);
            return normalizedPkgName === normalizedName &&
              (pkg.version === version || pkg.version === "*");
          }
        );
        if (!packageData) {
          return MALWARE_STATUS_OK;
        }
        return packageData.reason;
      }
      return {
        getPackageStatus,
        isMalware: (/** @type {string} */ name, /** @type {string} */ version) => {
          const status = getPackageStatus(name, version);
          return isMalwareStatus(status);
        },
      };
    }).catch((error) => {
      cachedMalwareDatabasePromise = null;
      throw error;
    });
  }
-  return cachedMalwareDatabasePromise;
+
  const malwareDatabase = await getMalwareDatabase();
  /**
   * @param {string} name
   * @param {string} version
   * @returns {string}
   */
  function getPackageStatus(name, version) {
    const normalizedName = normalizePackageName(name);
    const packageData = malwareDatabase.find(
      (pkg) => {
        const normalizedPkgName = normalizePackageName(pkg.package_name);
        return normalizedPkgName === normalizedName &&
          (pkg.version === version || pkg.version === "*");
      }
    );
    if (!packageData) {
      return MALWARE_STATUS_OK;
    }
    return packageData.reason;
  }
  // This implicitly caches the malware database
  //  that's closed over by the getPackageStatus function
  cachedMalwareDatabase = {
    getPackageStatus,
    isMalware: (name, version) => {
      const status = getPackageStatus(name, version);
      return isMalwareStatus(status);
    },
  };
  return cachedMalwareDatabase;
 }
 /**
--- a/packages/safe-chain/src/scanning/newPackagesDatabase.spec.js
+++ b/packages/safe-chain/src/scanning/newPackagesDatabase.spec.js
@ -1,267 +0,0 @@
 import { describe, it, mock, beforeEach } from "node:test";
 import assert from "node:assert";
 import fs from "fs";
 import path from "path";
 import os from "os";
 // --- shared mutable state for mocks ---
 let fetchedList = [];
 let fetchedVersion = "etag-1";
 let fetchVersionResult = "etag-1";
 let minimumPackageAgeHours = 24;
 let ecosystem = "js";
 let writeWarningCalls = [];
 let fetchListError = null;
 let fetchVersionError = null;
 let importCounter = 0;
 let testHomeDir = "";
 mock.module("../api/aikido.js", {
  namedExports: {
    fetchNewPackagesList: async () => {
      if (fetchListError) {
        throw fetchListError;
      }
      return {
        newPackagesList: fetchedList,
        version: fetchedVersion,
      };
    },
    fetchNewPackagesListVersion: async () => {
      if (fetchVersionError) {
        throw fetchVersionError;
      }
      return fetchVersionResult;
    },
  },
 });
 mock.module("../environment/userInteraction.js", {
  namedExports: {
    ui: {
      writeWarning: (msg) => writeWarningCalls.push(msg),
      writeVerbose: () => {},
    },
  },
 });
 mock.module("../config/settings.js", {
  namedExports: {
    getMinimumPackageAgeHours: () => minimumPackageAgeHours,
    getEcoSystem: () => ecosystem,
    getMalwareListBaseUrl: () => "https://malware-list.aikido.dev",
    ECOSYSTEM_JS: "js",
    ECOSYSTEM_PY: "py",
  },
 });
 // Import the warnings module so we can reset its state between tests.
 const { resetWarningState } = await import("./newPackagesDatabaseWarnings.js");
 describe("newPackagesDatabase", async () => {
  beforeEach(() => {
    fetchedList = [];
    fetchedVersion = "etag-1";
    fetchVersionResult = "etag-1";
    minimumPackageAgeHours = 24;
    ecosystem = "js";
    writeWarningCalls = [];
    fetchListError = null;
    fetchVersionError = null;
    resetWarningState();
    testHomeDir = path.join(
      os.tmpdir(),
      `safe-chain-new-packages-db-${process.pid}-${importCounter}`
    );
    fs.rmSync(testHomeDir, { recursive: true, force: true });
    fs.mkdirSync(testHomeDir, { recursive: true });
    process.env.HOME = testHomeDir;
  });
  async function openNewPackagesDatabase() {
    const module = await import(
      `./newPackagesListCache.js?test_case=${importCounter++}`
    );
    return module.openNewPackagesDatabase();
  }
  async function loadNewPackagesDatabaseModule() {
    return import(`./newPackagesListCache.js?test_case=${importCounter++}`);
  }
  function hoursAgo(hours) {
    return Math.floor((Date.now() - hours * 3600 * 1000) / 1000);
  }
  function writeCachedList(list, version) {
    const safeChainDir = path.join(testHomeDir, ".safe-chain");
    fs.mkdirSync(safeChainDir, { recursive: true });
    fs.writeFileSync(
      path.join(safeChainDir, `newPackagesList_${ecosystem}.json`),
      JSON.stringify(list)
    );
    fs.writeFileSync(
      path.join(safeChainDir, `newPackagesList_version_${ecosystem}.txt`),
      version
    );
  }
  describe("isNewlyReleasedPackage", () => {
    it("returns true for a package released within the age threshold", async () => {
      fetchedList = [
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(1) },
      ];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
    });
    it("returns false for a package released outside the age threshold", async () => {
      fetchedList = [
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(48) },
      ];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), false);
    });
    it("returns false for a package not in the list", async () => {
      fetchedList = [];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("not-there", "1.0.0"), false);
    });
    it("returns false for a known package but different version", async () => {
      fetchedList = [
        { package_name: "foo", version: "2.0.0", released_on: hoursAgo(1) },
      ];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), false);
    });
    it("matches the current feed ecosystem when source metadata is present", async () => {
      fetchedList = [
        {
          source: "pypi",
          package_name: "foo",
          version: "1.0.0",
          released_on: hoursAgo(1),
        },
        {
          source: "npm",
          package_name: "bar",
          version: "1.0.0",
          released_on: hoursAgo(1),
        },
      ];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), false);
      assert.strictEqual(db.isNewlyReleasedPackage("bar", "1.0.0"), true);
    });
    it("respects a custom minimumPackageAgeHours threshold", async () => {
      minimumPackageAgeHours = 168; // 7 days
      fetchedList = [
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(100) },
      ];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
    });
    it("supports package checks for the python ecosystem", async () => {
      ecosystem = "py";
      fetchedList = [
        {
          source: "pypi",
          package_name: "foo",
          version: "1.0.0",
          released_on: hoursAgo(1),
        },
      ];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
    });
  });
  describe("caching behaviour", () => {
    it("uses local cache when etag matches", async () => {
      writeCachedList([
        { package_name: "cached-pkg", version: "1.0.0", released_on: hoursAgo(1) },
      ], "etag-1");
      fetchVersionResult = "etag-1";
      // fetchedList is empty — if we used the remote list, the lookup would return false
      fetchedList = [];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("cached-pkg", "1.0.0"), true);
    });
    it("fetches fresh list when etag does not match", async () => {
      writeCachedList([
        { package_name: "stale-pkg", version: "1.0.0", released_on: hoursAgo(1) },
      ], "etag-old");
      fetchVersionResult = "etag-new";
      fetchedList = [
        { package_name: "fresh-pkg", version: "2.0.0", released_on: hoursAgo(1) },
      ];
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("stale-pkg", "1.0.0"), false);
      assert.strictEqual(db.isNewlyReleasedPackage("fresh-pkg", "2.0.0"), true);
    });
    it("falls back to local cache when fetch fails", async () => {
      writeCachedList([
        {
          package_name: "cached-pkg",
          version: "1.0.0",
          released_on: hoursAgo(1),
        },
      ], "etag-old");
      fetchVersionResult = "etag-new";
      fetchListError = new Error("Network error");
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("cached-pkg", "1.0.0"), true);
      assert.strictEqual(writeWarningCalls.length, 1);
      assert.ok(writeWarningCalls[0].includes("Using cached version"));
    });
    it("emits a warning when list has no version (cannot be cached)", async () => {
      fetchedList = [
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(1) },
      ];
      fetchedVersion = undefined;
      const db = await openNewPackagesDatabase();
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
      assert.strictEqual(writeWarningCalls.length, 1);
      assert.ok(writeWarningCalls[0].includes("could not be cached"));
    });
    it("fails open and only warns once when the new packages list cannot be loaded", async () => {
      fetchListError = new Error("feed unavailable");
      const module = await loadNewPackagesDatabaseModule();
      const db1 = await module.openNewPackagesDatabase();
      const db2 = await module.openNewPackagesDatabase();
      assert.strictEqual(db1.isNewlyReleasedPackage("foo", "1.0.0"), false);
      assert.strictEqual(db2.isNewlyReleasedPackage("foo", "1.0.0"), false);
      assert.strictEqual(writeWarningCalls.length, 1);
      assert.ok(
        writeWarningCalls[0].includes(
          "Continuing with metadata-based minimum age checks only"
        )
      );
    });
  });
 });
--- a/packages/safe-chain/src/scanning/newPackagesDatabaseBuilder.js
+++ b/packages/safe-chain/src/scanning/newPackagesDatabaseBuilder.js
@ -1,71 +0,0 @@
 import {
  getMinimumPackageAgeHours,
  getEcoSystem,
  ECOSYSTEM_JS,
  ECOSYSTEM_PY,
 } from "../config/settings.js";
 import { getEquivalentPackageNames } from "./packageNameVariants.js";
 /**
 * @typedef {Object} NewPackagesDatabase
 * @property {function(string | undefined, string | undefined): boolean} isNewlyReleasedPackage
 */
 /**
 * Returns the ecosystem identifier expected in upstream/core release feeds.
 * @returns {string}
 */
 function getCurrentFeedSource() {
  const ecosystem = getEcoSystem();
  if (ecosystem === ECOSYSTEM_JS) {
    return "npm";
  }
  if (ecosystem === ECOSYSTEM_PY) {
    return "pypi";
  }
  return ecosystem;
 }
 /**
 * @param {import("../api/aikido.js").NewPackageEntry[]} newPackagesList
 * @returns {NewPackagesDatabase}
 */
 export function buildNewPackagesDatabase(newPackagesList) {
  const ecosystem = getEcoSystem();
  /**
   * @param {string | undefined} name
   * @param {string | undefined} version
   * @returns {boolean}
   */
  function isNewlyReleasedPackage(name, version) {
    if (!name || !version) {
      return false;
    }
    const cutOff = new Date(
      new Date().getTime() - getMinimumPackageAgeHours() * 3600 * 1000
    );
    const expectedSource = getCurrentFeedSource();
    const candidateNames = getEquivalentPackageNames(name, ecosystem);
    const entry = newPackagesList.find(
      (pkg) =>
        (!pkg.source || pkg.source.toLowerCase() === expectedSource) &&
        candidateNames.includes(pkg.package_name) &&
        pkg.version === version
    );
    if (!entry) {
      return false;
    }
    const releasedOn = new Date(entry.released_on * 1000);
    return releasedOn > cutOff;
  }
  return { isNewlyReleasedPackage };
 }
--- a/packages/safe-chain/src/scanning/newPackagesDatabaseBuilder.spec.js
+++ b/packages/safe-chain/src/scanning/newPackagesDatabaseBuilder.spec.js
@ -1,159 +0,0 @@
 import { describe, it, mock } from "node:test";
 import assert from "node:assert";
 let minimumPackageAgeHours = 24;
 let ecosystem = "js";
 mock.module("../config/settings.js", {
  namedExports: {
    getMinimumPackageAgeHours: () => minimumPackageAgeHours,
    getEcoSystem: () => ecosystem,
    getMalwareListBaseUrl: () => "https://malware-list.aikido.dev",
    ECOSYSTEM_JS: "js",
    ECOSYSTEM_PY: "py",
  },
 });
 const { buildNewPackagesDatabase } = await import(
  "./newPackagesDatabaseBuilder.js"
 );
 function hoursAgo(hours) {
  return Math.floor((Date.now() - hours * 3600 * 1000) / 1000);
 }
 describe("buildNewPackagesDatabase", () => {
  it("returns an object with isNewlyReleasedPackage", () => {
    const db = buildNewPackagesDatabase([]);
    assert.strictEqual(typeof db.isNewlyReleasedPackage, "function");
  });
  describe("isNewlyReleasedPackage", () => {
    it("returns true for a package released within the age threshold", () => {
      const db = buildNewPackagesDatabase([
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
    });
    it("returns false for a package released outside the age threshold", () => {
      const db = buildNewPackagesDatabase([
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(48) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), false);
    });
    it("returns false for a package not in the list", () => {
      const db = buildNewPackagesDatabase([]);
      assert.strictEqual(db.isNewlyReleasedPackage("not-there", "1.0.0"), false);
    });
    it("returns false when name or version is undefined", () => {
      const db = buildNewPackagesDatabase([
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage(undefined, "1.0.0"), false);
      assert.strictEqual(db.isNewlyReleasedPackage("foo", undefined), false);
    });
    it("returns false for a known package but different version", () => {
      const db = buildNewPackagesDatabase([
        { package_name: "foo", version: "2.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), false);
    });
    it("filters by source when source metadata is present", () => {
      const db = buildNewPackagesDatabase([
        { source: "pypi", package_name: "foo", version: "1.0.0", released_on: hoursAgo(1) },
        { source: "npm", package_name: "bar", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      // ecosystem is "js" → feed source is "npm"
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), false);
      assert.strictEqual(db.isNewlyReleasedPackage("bar", "1.0.0"), true);
    });
    it("matches regardless of source case", () => {
      const db = buildNewPackagesDatabase([
        { source: "NPM", package_name: "foo", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
    });
    it("matches entries with no source field", () => {
      const db = buildNewPackagesDatabase([
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
    });
    it("respects a custom minimumPackageAgeHours threshold", () => {
      minimumPackageAgeHours = 168; // 7 days
      const db = buildNewPackagesDatabase([
        { package_name: "foo", version: "1.0.0", released_on: hoursAgo(100) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo", "1.0.0"), true);
      minimumPackageAgeHours = 24; // reset
    });
    it("matches underscore request names against hyphen feed names for python", () => {
      ecosystem = "py";
      const db = buildNewPackagesDatabase([
        { source: "pypi", package_name: "foo-bar", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo_bar", "1.0.0"), true);
      ecosystem = "js";
    });
    it("matches hyphen request names against underscore feed names for python", () => {
      ecosystem = "py";
      const db = buildNewPackagesDatabase([
        { source: "pypi", package_name: "foo_bar", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo-bar", "1.0.0"), true);
      ecosystem = "js";
    });
    it("matches dot request names against hyphen feed names for python", () => {
      ecosystem = "py";
      const db = buildNewPackagesDatabase([
        { source: "pypi", package_name: "foo-bar", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo.bar", "1.0.0"), true);
      ecosystem = "js";
    });
    it("matches underscore request names against dot feed names for python", () => {
      ecosystem = "py";
      const db = buildNewPackagesDatabase([
        { source: "pypi", package_name: "foo.bar", version: "1.0.0", released_on: hoursAgo(1) },
      ]);
      assert.strictEqual(db.isNewlyReleasedPackage("foo_bar", "1.0.0"), true);
      ecosystem = "js";
    });
  });
 });
--- a/packages/safe-chain/src/scanning/newPackagesDatabaseWarnings.js
+++ b/packages/safe-chain/src/scanning/newPackagesDatabaseWarnings.js
@ -1,17 +0,0 @@
 import { ui } from "../environment/userInteraction.js";
 let hasWarnedAboutUnavailableNewPackagesDatabase = false;
 /** @param {Error} error */
 export function warnOnceAboutUnavailableDatabase(error) {
  if (!hasWarnedAboutUnavailableNewPackagesDatabase) {
    ui.writeWarning(
      `Failed to load the new packages list used for direct package download request blocking. Continuing with metadata-based minimum age checks only. ${error.message}`
    );
    hasWarnedAboutUnavailableNewPackagesDatabase = true;
  }
 }
 export function resetWarningState() {
  hasWarnedAboutUnavailableNewPackagesDatabase = false;
 }
--- a/packages/safe-chain/src/scanning/newPackagesDatabaseWarnings.spec.js
+++ b/packages/safe-chain/src/scanning/newPackagesDatabaseWarnings.spec.js
@ -1,63 +0,0 @@
 import { describe, it, mock, beforeEach } from "node:test";
 import assert from "node:assert";
 let writeWarningCalls = [];
 mock.module("../environment/userInteraction.js", {
  namedExports: {
    ui: {
      writeWarning: (msg) => writeWarningCalls.push(msg),
    },
  },
 });
 const { warnOnceAboutUnavailableDatabase, resetWarningState } = await import(
  "./newPackagesDatabaseWarnings.js"
 );
 describe("newPackagesDatabaseWarnings", () => {
  beforeEach(() => {
    writeWarningCalls = [];
    resetWarningState();
  });
  describe("warnOnceAboutUnavailableDatabase", () => {
    it("emits a warning containing the error message", () => {
      warnOnceAboutUnavailableDatabase(new Error("feed unavailable"));
      assert.strictEqual(writeWarningCalls.length, 1);
      assert.ok(writeWarningCalls[0].includes("feed unavailable"));
    });
    it("mentions fallback to metadata-based checks in the warning", () => {
      warnOnceAboutUnavailableDatabase(new Error("timeout"));
      assert.ok(
        writeWarningCalls[0].includes(
          "Continuing with metadata-based minimum age checks only"
        )
      );
    });
    it("only emits once even when called multiple times", () => {
      warnOnceAboutUnavailableDatabase(new Error("first"));
      warnOnceAboutUnavailableDatabase(new Error("second"));
      warnOnceAboutUnavailableDatabase(new Error("third"));
      assert.strictEqual(writeWarningCalls.length, 1);
    });
  });
  describe("resetWarningState", () => {
    it("allows the warning to fire again after reset", () => {
      warnOnceAboutUnavailableDatabase(new Error("first"));
      assert.strictEqual(writeWarningCalls.length, 1);
      resetWarningState();
      writeWarningCalls = [];
      warnOnceAboutUnavailableDatabase(new Error("second"));
      assert.strictEqual(writeWarningCalls.length, 1);
    });
  });
 });
--- a/packages/safe-chain/src/scanning/newPackagesListCache.js
+++ b/packages/safe-chain/src/scanning/newPackagesListCache.js
@ -1,123 +0,0 @@
 import fs from "fs";
 import {
  fetchNewPackagesList,
  fetchNewPackagesListVersion,
 } from "../api/aikido.js";
 import {
  getNewPackagesListPath,
  getNewPackagesListVersionPath,
 } from "../config/configFile.js";
 import { ui } from "../environment/userInteraction.js";
 import { buildNewPackagesDatabase } from "./newPackagesDatabaseBuilder.js";
 import { warnOnceAboutUnavailableDatabase } from "./newPackagesDatabaseWarnings.js";
 /**
 * @typedef {import("./newPackagesDatabaseBuilder.js").NewPackagesDatabase} NewPackagesDatabase
 */
 // Shared per-process cache to avoid rebuilding the same feed-backed database on each request.
 // Caching the Promise (rather than the resolved database) prevents duplicate fetches. If we cached the resolved
 // value, multiple callers could pass the null-check before the first fetch completes (because each `await` yields
 // control back to the event loop, allowing other callers to run). Since the Promise assignment is synchronous, all
 // concurrent callers see it immediately and share a single fetch.
 /** @type {Promise<NewPackagesDatabase> | null} */
 let cachedNewPackagesDatabasePromise = null;
 /**
 * @returns {Promise<NewPackagesDatabase>}
 */
 export function openNewPackagesDatabase() {
  if (!cachedNewPackagesDatabasePromise) {
    cachedNewPackagesDatabasePromise = getNewPackagesList()
      .then((newPackagesList) => buildNewPackagesDatabase(newPackagesList))
      .catch((/** @type {any} */ error) => {
        warnOnceAboutUnavailableDatabase(error);
        cachedNewPackagesDatabasePromise = null;
        return { isNewlyReleasedPackage: () => false };
      });
  }
  return cachedNewPackagesDatabasePromise;
 }
 /**
 * @returns {Promise<import("../api/aikido.js").NewPackageEntry[]>}
 */
 async function getNewPackagesList() {
  const { newPackagesList: cachedList, version: cachedVersion } =
    readNewPackagesListFromLocalCache();
  try {
    if (cachedList) {
      const currentVersion = await fetchNewPackagesListVersion();
      if (cachedVersion === currentVersion) {
        return cachedList;
      }
    }
    const { newPackagesList, version } = await fetchNewPackagesList();
    if (version) {
      writeNewPackagesListToLocalCache(newPackagesList, version);
      return newPackagesList;
    } else {
      ui.writeWarning(
        "The new packages list for direct package download request blocking was downloaded, but could not be cached due to a missing version."
      );
      return newPackagesList;
    }
  } catch (/** @type {any} */ error) {
    if (cachedList) {
      ui.writeWarning(
        "Failed to fetch the latest new packages list for direct package download request blocking. Using cached version."
      );
      return cachedList;
    }
    throw error;
  }
 }
 /**
 * @param {import("../api/aikido.js").NewPackageEntry[]} data
 * @param {string | number} version
 *
 * @returns {void}
 */
 export function writeNewPackagesListToLocalCache(data, version) {
  try {
    const listPath = getNewPackagesListPath();
    const versionPath = getNewPackagesListVersionPath();
    fs.writeFileSync(listPath, JSON.stringify(data));
    fs.writeFileSync(versionPath, version.toString());
  } catch {
    ui.writeWarning(
      "Failed to write new packages list to local cache, next time the list will be fetched from the server again."
    );
  }
 }
 /**
 * @returns {{newPackagesList: import("../api/aikido.js").NewPackageEntry[] | null, version: string | null}}
 */
 export function readNewPackagesListFromLocalCache() {
  try {
    const listPath = getNewPackagesListPath();
    if (!fs.existsSync(listPath)) {
      return { newPackagesList: null, version: null };
    }
    const data = fs.readFileSync(listPath, "utf8");
    const newPackagesList = JSON.parse(data);
    const versionPath = getNewPackagesListVersionPath();
    let version = null;
    if (fs.existsSync(versionPath)) {
      version = fs.readFileSync(versionPath, "utf8").trim();
    }
    return { newPackagesList, version };
  } catch {
    ui.writeWarning(
      "Failed to read new packages list from local cache. Continuing without local cache."
    );
    return { newPackagesList: null, version: null };
  }
 }
--- a/packages/safe-chain/src/scanning/newPackagesListCache.spec.js
+++ b/packages/safe-chain/src/scanning/newPackagesListCache.spec.js
@ -1,178 +0,0 @@
 import { describe, it, mock, beforeEach } from "node:test";
 import assert from "node:assert";
 import fs from "fs";
 import path from "path";
 import os from "os";
 let writeWarningCalls = [];
 let ecosystem = "js";
 let testHomeDir = "";
 mock.module("../environment/userInteraction.js", {
  namedExports: {
    ui: {
      writeWarning: (msg) => writeWarningCalls.push(msg),
    },
  },
 });
 mock.module("../config/settings.js", {
  namedExports: {
    getEcoSystem: () => ecosystem,
    getMinimumPackageAgeHours: () => 24,
    getMalwareListBaseUrl: () => "https://malware-list.aikido.dev",
    ECOSYSTEM_JS: "js",
    ECOSYSTEM_PY: "py",
  },
 });
 const { readNewPackagesListFromLocalCache, writeNewPackagesListToLocalCache } =
  await import("./newPackagesListCache.js");
 describe("newPackagesListCache", () => {
  beforeEach(() => {
    writeWarningCalls = [];
    ecosystem = "js";
    testHomeDir = path.join(
      os.tmpdir(),
      `safe-chain-list-cache-${process.pid}-${Date.now()}`
    );
    fs.rmSync(testHomeDir, { recursive: true, force: true });
    fs.mkdirSync(testHomeDir, { recursive: true });
    process.env.HOME = testHomeDir;
  });
  describe("readNewPackagesListFromLocalCache", () => {
    it("returns null for both fields when no cache file exists", () => {
      const result = readNewPackagesListFromLocalCache();
      assert.deepStrictEqual(result, { newPackagesList: null, version: null });
    });
    it("returns the list and version when both files exist", () => {
      const list = [{ package_name: "foo", version: "1.0.0" }];
      const safeChainDir = path.join(testHomeDir, ".safe-chain");
      fs.mkdirSync(safeChainDir, { recursive: true });
      fs.writeFileSync(
        path.join(safeChainDir, "newPackagesList_js.json"),
        JSON.stringify(list)
      );
      fs.writeFileSync(
        path.join(safeChainDir, "newPackagesList_version_js.txt"),
        "etag-42"
      );
      const result = readNewPackagesListFromLocalCache();
      assert.deepStrictEqual(result.newPackagesList, list);
      assert.strictEqual(result.version, "etag-42");
    });
    it("returns null version when version file is missing", () => {
      const list = [{ package_name: "foo", version: "1.0.0" }];
      const safeChainDir = path.join(testHomeDir, ".safe-chain");
      fs.mkdirSync(safeChainDir, { recursive: true });
      fs.writeFileSync(
        path.join(safeChainDir, "newPackagesList_js.json"),
        JSON.stringify(list)
      );
      const result = readNewPackagesListFromLocalCache();
      assert.deepStrictEqual(result.newPackagesList, list);
      assert.strictEqual(result.version, null);
    });
    it("trims whitespace from the version string", () => {
      const safeChainDir = path.join(testHomeDir, ".safe-chain");
      fs.mkdirSync(safeChainDir, { recursive: true });
      fs.writeFileSync(
        path.join(safeChainDir, "newPackagesList_js.json"),
        JSON.stringify([])
      );
      fs.writeFileSync(
        path.join(safeChainDir, "newPackagesList_version_js.txt"),
        "  etag-trimmed  \n"
      );
      const { version } = readNewPackagesListFromLocalCache();
      assert.strictEqual(version, "etag-trimmed");
    });
    it("uses the ecosystem name in the file path", () => {
      ecosystem = "py";
      const safeChainDir = path.join(testHomeDir, ".safe-chain");
      fs.mkdirSync(safeChainDir, { recursive: true });
      fs.writeFileSync(
        path.join(safeChainDir, "newPackagesList_py.json"),
        JSON.stringify([{ package_name: "requests", version: "2.0.0" }])
      );
      const result = readNewPackagesListFromLocalCache();
      assert.ok(result.newPackagesList !== null);
    });
    it("warns and returns nulls when the list file contains invalid JSON", () => {
      const safeChainDir = path.join(testHomeDir, ".safe-chain");
      fs.mkdirSync(safeChainDir, { recursive: true });
      fs.writeFileSync(
        path.join(safeChainDir, "newPackagesList_js.json"),
        "not-valid-json"
      );
      const result = readNewPackagesListFromLocalCache();
      assert.deepStrictEqual(result, { newPackagesList: null, version: null });
      assert.strictEqual(writeWarningCalls.length, 1);
      assert.ok(writeWarningCalls[0].includes("local cache"));
    });
  });
  describe("writeNewPackagesListToLocalCache", () => {
    it("writes the list and version to disk", () => {
      const safeChainDir = path.join(testHomeDir, ".safe-chain");
      fs.mkdirSync(safeChainDir, { recursive: true });
      const list = [{ package_name: "foo", version: "1.0.0" }];
      writeNewPackagesListToLocalCache(list, "etag-99");
      const writtenList = JSON.parse(
        fs.readFileSync(path.join(safeChainDir, "newPackagesList_js.json"), "utf8")
      );
      const writtenVersion = fs.readFileSync(
        path.join(safeChainDir, "newPackagesList_version_js.txt"),
        "utf8"
      );
      assert.deepStrictEqual(writtenList, list);
      assert.strictEqual(writtenVersion, "etag-99");
    });
    it("converts a numeric version to a string", () => {
      const safeChainDir = path.join(testHomeDir, ".safe-chain");
      fs.mkdirSync(safeChainDir, { recursive: true });
      writeNewPackagesListToLocalCache([], 42);
      const written = fs.readFileSync(
        path.join(safeChainDir, "newPackagesList_version_js.txt"),
        "utf8"
      );
      assert.strictEqual(written, "42");
    });
    it("warns when writing fails", () => {
      // Place a regular file at the .safe-chain path so getSafeChainDirectory
      // returns it as-is (existsSync is true) but writing a child path fails.
      const safeChainPath = path.join(testHomeDir, ".safe-chain");
      fs.writeFileSync(safeChainPath, "not-a-directory");
      writeNewPackagesListToLocalCache([], "etag-fail");
      assert.strictEqual(writeWarningCalls.length, 1);
      assert.ok(writeWarningCalls[0].includes("local cache"));
    });
  });
 });
--- a/packages/safe-chain/src/scanning/packageNameVariants.js
+++ b/packages/safe-chain/src/scanning/packageNameVariants.js
@ -1,29 +0,0 @@
 import { ECOSYSTEM_PY } from "../config/settings.js";
 /**
 * Normalises a Python package name per PEP 503: lowercase and collapse any
 * run of `.`, `_`, or `-` into a single hyphen.
 * @param {string} packageName
 * @returns {string}
 */
 export function normalizePipPackageName(packageName) {
  return packageName.toLowerCase().replace(/[._-]+/g, "-");
 }
 /**
 * @param {string} packageName
 * @param {string} ecosystem
 * @returns {string[]}
 */
 export function getEquivalentPackageNames(packageName, ecosystem) {
  if (ecosystem !== ECOSYSTEM_PY) {
    return [packageName];
  }
  const pythonSeparatorPattern = /[._-]/g;
  const hyphenName = packageName.replaceAll(pythonSeparatorPattern, "-");
  const underscoreName = packageName.replaceAll(pythonSeparatorPattern, "_");
  const dotName = packageName.replaceAll(pythonSeparatorPattern, ".");
  return [...new Set([packageName, hyphenName, underscoreName, dotName])];
 }
--- a/packages/safe-chain/src/shell-integration/helpers.js
+++ b/packages/safe-chain/src/shell-integration/helpers.js
@ -3,8 +3,6 @@ import * as os from "os";
 import fs from "fs";
 import path from "path";
 import { ECOSYSTEM_JS, ECOSYSTEM_PY } from "../config/settings.js";
 import { safeSpawn } from "../utils/safeSpawn.js";
 import { ui } from "../environment/userInteraction.js";
 /**
 * @typedef {Object} AikidoTool
@ -48,18 +46,6 @@ export const knownAikidoTools = [
    ecoSystem: ECOSYSTEM_JS,
    internalPackageManagerName: "pnpx",
  },
  {
    tool: "rush",
    aikidoCommand: "aikido-rush",
    ecoSystem: ECOSYSTEM_JS,
    internalPackageManagerName: "rush",
  },
  {
    tool: "rushx",
    aikidoCommand: "aikido-rushx",
    ecoSystem: ECOSYSTEM_JS,
    internalPackageManagerName: "rushx",
  },
  {
    tool: "bun",
    aikidoCommand: "aikido-bun",
@ -78,12 +64,6 @@ export const knownAikidoTools = [
    ecoSystem: ECOSYSTEM_PY,
    internalPackageManagerName: "uv",
  },
  {
    tool: "uvx",
    aikidoCommand: "aikido-uvx",
    ecoSystem: ECOSYSTEM_PY,
    internalPackageManagerName: "uvx",
  },
  {
    tool: "pip",
    aikidoCommand: "aikido-pip",
@ -119,13 +99,7 @@ export const knownAikidoTools = [
    aikidoCommand: "aikido-pipx",
    ecoSystem: ECOSYSTEM_PY,
    internalPackageManagerName: "pipx",
-  },
+  }
  {
    tool: "pdm",
    aikidoCommand: "aikido-pdm",
    ecoSystem: ECOSYSTEM_PY,
    internalPackageManagerName: "pdm",
  },
  // When adding a new tool here, also update the documentation for the new tool in the README.md
 ];
@ -145,6 +119,20 @@ export function getPackageManagerList() {
  return `${tools.join(", ")}, and ${lastTool} commands`;
 }
 /**
 * @returns {string}
 */
 export function getShimsDir() {
  return path.join(os.homedir(), ".safe-chain", "shims");
 }
 /**
 * @returns {string}
 */
 export function getScriptsDir() {
  return path.join(os.homedir(), ".safe-chain", "scripts");
 }
 /**
 * @param {string} executableName
 *
@ -228,13 +216,7 @@ export function addLineToFile(filePath, line, eol) {
  eol = eol || os.EOL;
  const fileContent = fs.readFileSync(filePath, "utf-8");
-  let updatedContent = fileContent;
+  const updatedContent = fileContent + eol + line + eol;
  if (!fileContent.endsWith(eol)) {
    updatedContent += eol;
  }
  updatedContent += line + eol;
  fs.writeFileSync(filePath, updatedContent, "utf-8");
 }
@ -255,60 +237,3 @@ function createFileIfNotExists(filePath) {
  fs.writeFileSync(filePath, "", "utf-8");
 }
 /**
 * Checks if PowerShell execution policy allows script execution
 * @param {string} shellExecutableName - The name of the PowerShell executable ("pwsh" or "powershell")
 * @returns {Promise<{isValid: boolean, policy: string}>} validation result
 */
 export async function validatePowerShellExecutionPolicy(shellExecutableName) {
  // Security: Only allow known shell executables
  const validShells = ["pwsh", "powershell"];
  if (!validShells.includes(shellExecutableName)) {
    return { isValid: false, policy: "Unknown" };
  }
  try {
    // For Windows PowerShell (5.1), clean PSModulePath to avoid conflicts with PowerShell 7 modules
    // When safe-chain is invoked from PowerShell 7, it sets its module paths to PSModulePath, causing
    // Windows PowerShell to try loading incompatible PowerShell 7 modules.
    // Setting the environment to Windows PowerShell's modules fixes this.
    let spawnOptions;
    if (shellExecutableName === "powershell") {
      const userProfile = process.env.USERPROFILE || "";
      const cleanPSModulePath = [
        path.join(userProfile, "Documents", "WindowsPowerShell", "Modules"),
        "C:\\Program Files\\WindowsPowerShell\\Modules",
        "C:\\WINDOWS\\system32\\WindowsPowerShell\\v1.0\\Modules",
      ].join(";");
      spawnOptions = {
        env: {
          ...process.env,
          PSModulePath: cleanPSModulePath,
        },
      };
    } else {
      spawnOptions = {};
    }
    const commandResult = await safeSpawn(
      shellExecutableName,
      ["-Command", "Get-ExecutionPolicy"],
      spawnOptions,
    );
    const policy = commandResult.stdout.trim();
    const acceptablePolicies = ["RemoteSigned", "Unrestricted", "Bypass"];
    return {
      isValid: acceptablePolicies.includes(policy),
      policy: policy,
    };
  } catch (err) {
    ui.writeWarning(
      `An error happened while trying to find the current executionpolicy in powershell: ${err}`,
    );
    return { isValid: false, policy: "Unknown" };
  }
 }
--- a/Show more
+++ b/Show more
Author	SHA1	Message	Date
Sander Declerck	f6abfb8a4e	Install script for linux x64 as well	2026-01-12 15:25:40 +01:00
Sander Declerck	9d1f7ac6fd	Use ramaproxy if it's available.	2026-01-12 14:15:30 +01:00