@aikidosec/safe-chain 0.0.4-connect-timeout-beta

package/src/registryProxy/interceptors/interceptorBuilder.js

@@ -0,0 +1,140 @@
+import { EventEmitter } from "events";
+
+/**
+ * @typedef {Object} Interceptor
+ * @property {(targetUrl: string) => Promise<RequestInterceptionHandler>} handleRequest
+ * @property {(event: string, listener: (...args: any[]) => void) => Interceptor} on
+ * @property {(event: string, ...args: any[]) => boolean} emit
+ *
+ *
+ * @typedef {Object} RequestInterceptionContext
+ * @property {string} targetUrl
+ * @property {(packageName: string | undefined, version: string | undefined) => void} blockMalware
+ * @property {(modificationFunc: (headers: NodeJS.Dict<string | string[]>) => NodeJS.Dict<string | string[]>) => void} modifyRequestHeaders
+ * @property {(modificationFunc: (body: Buffer, headers: NodeJS.Dict<string | string[]> | undefined) => Buffer) => void} modifyBody
+ * @property {() => RequestInterceptionHandler} build
+ *
+ *
+ * @typedef {Object} RequestInterceptionHandler
+ * @property {{statusCode: number, message: string} | undefined} blockResponse
+ * @property {(headers: NodeJS.Dict<string | string[]> | undefined) => NodeJS.Dict<string | string[]> | undefined} modifyRequestHeaders
+ * @property {() => boolean} modifiesResponse
+ * @property {(body: Buffer, headers: NodeJS.Dict<string | string[]> | undefined) => Buffer} modifyBody
+ */
+
+/**
+ * @param {(requestHandlerBuilder: RequestInterceptionContext) => Promise<void>} requestInterceptionFunc
+ * @returns {Interceptor}
+ */
+export function interceptRequests(requestInterceptionFunc) {
+  return buildInterceptor([requestInterceptionFunc]);
+}
+
+/**
+ * @param {Array<(requestHandlerBuilder: RequestInterceptionContext) => Promise<void>>} requestHandlers
+ * @returns {Interceptor}
+ */
+function buildInterceptor(requestHandlers) {
+  const eventEmitter = new EventEmitter();
+
+  return {
+    async handleRequest(targetUrl) {
+      const requestContext = createRequestContext(targetUrl, eventEmitter);
+
+      for (const handler of requestHandlers) {
+        await handler(requestContext);
+      }
+
+      return requestContext.build();
+    },
+    on(event, listener) {
+      eventEmitter.on(event, listener);
+      return this;
+    },
+    emit(event, ...args) {
+      return eventEmitter.emit(event, ...args);
+    },
+  };
+}
+
+/**
+ * @param {string} targetUrl
+ * @param {import('events').EventEmitter} eventEmitter
+ * @returns {RequestInterceptionContext}
+ */
+function createRequestContext(targetUrl, eventEmitter) {
+  /** @type {{statusCode: number, message: string} | undefined}  */
+  let blockResponse = undefined;
+  /** @type {Array<(headers: NodeJS.Dict<string | string[]>) => NodeJS.Dict<string | string[]>>} */
+  let reqheaderModificationFuncs = [];
+  /** @type {Array<(body: Buffer, headers: NodeJS.Dict<string | string[]> | undefined) => Buffer>} */
+  let modifyBodyFuncs = [];
+
+  /**
+   * @param {string | undefined} packageName
+   * @param {string | undefined} version
+   */
+  function blockMalwareSetup(packageName, version) {
+    blockResponse = {
+      statusCode: 403,
+      message: "Forbidden - blocked by safe-chain",
+    };
+
+    // Emit the malwareBlocked event
+    eventEmitter.emit("malwareBlocked", {
+      packageName,
+      version,
+      targetUrl,
+      timestamp: Date.now(),
+    });
+  }
+
+  /** @returns {RequestInterceptionHandler} */
+  function build() {
+    /**
+     * @param {NodeJS.Dict<string | string[]> | undefined} headers
+     * @returns {NodeJS.Dict<string | string[]> | undefined}
+     */
+    function modifyRequestHeaders(headers) {
+      if (headers) {
+        for (const func of reqheaderModificationFuncs) {
+          func(headers);
+        }
+      }
+
+      return headers;
+    }
+
+    /**
+     * @param {Buffer} body
+     * @param {NodeJS.Dict<string | string[]> | undefined} headers
+     * @returns {Buffer}
+     */
+    function modifyBody(body, headers) {
+      let modifiedBody = body;
+
+      for (var func of modifyBodyFuncs) {
+        modifiedBody = func(body, headers);
+      }
+
+      return modifiedBody;
+    }
+
+    // These functions are invoked in the proxy, allowing to apply the configured modifications
+    return {
+      blockResponse,
+      modifyRequestHeaders: modifyRequestHeaders,
+      modifiesResponse: () => modifyBodyFuncs.length > 0,
+      modifyBody,
+    };
+  }
+
+  // These functions are used to setup the modifications
+  return {
+    targetUrl,
+    blockMalware: blockMalwareSetup,
+    modifyRequestHeaders: (func) => reqheaderModificationFuncs.push(func),
+    modifyBody: (func) => modifyBodyFuncs.push(func),
+    build,
+  };
+}

package/src/registryProxy/interceptors/npm/modifyNpmInfo.js

@@ -0,0 +1,177 @@
+import { getMinimumPackageAgeHours } from "../../../config/settings.js";
+import { ui } from "../../../environment/userInteraction.js";
+import { getHeaderValueAsString } from "../../http-utils.js";
+
+const state = {
+  hasSuppressedVersions: false,
+};
+
+/**
+ * @param {NodeJS.Dict<string | string[]>} headers
+ * @returns {NodeJS.Dict<string | string[]>}
+ */
+export function modifyNpmInfoRequestHeaders(headers) {
+  const accept = getHeaderValueAsString(headers, "accept");
+  if (accept?.includes("application/vnd.npm.install-v1+json")) {
+    // The npm registry sometimes serves a more compact format that lacks
+    // the time metadata we need to filter out too new packages.
+    // Force the registry to return the full metadata by changing the Accept header.
+    headers["accept"] = "application/json";
+  }
+  return headers;
+}
+
+/**
+ * @param {string} url
+ * @returns {boolean}
+ */
+export function isPackageInfoUrl(url) {
+  // Remove query string and fragment to get the actual path
+  const urlWithoutParams = url.split("?")[0].split("#")[0];
+
+  // Tarball downloads end with .tgz
+  if (urlWithoutParams.endsWith(".tgz")) return false;
+
+  // Special endpoints start with /-/ and should not be modified
+  // Examples: /-/npm/v1/security/advisories/bulk, /-/v1/search, /-/package/foo/access
+  if (urlWithoutParams.includes("/-/")) return false;
+
+  // Everything else is package metadata that can be modified
+  return true;
+}
+/**
+ *
+ * @param {Buffer} body
+ * @param {NodeJS.Dict<string | string[]> | undefined} headers
+ * @returns Buffer
+ */
+export function modifyNpmInfoResponse(body, headers) {
+  try {
+    const contentType = getHeaderValueAsString(headers, "content-type");
+    if (!contentType?.toLowerCase().includes("application/json")) {
+      return body;
+    }
+
+    if (body.byteLength === 0) {
+      return body;
+    }
+
+    // utf-8 is default encoding for JSON, so we don't check if charset is defined in content-type header
+    const bodyContent = body.toString("utf8");
+    const bodyJson = JSON.parse(bodyContent);
+
+    if (!bodyJson.time || !bodyJson["dist-tags"] || !bodyJson.versions) {
+      // Just return the current body if the format is not
+      return body;
+    }
+
+    const cutOff = new Date(
+      new Date().getTime() - getMinimumPackageAgeHours() * 3600 * 1000
+    );
+
+    const hasLatestTag = !!bodyJson["dist-tags"]["latest"];
+
+    const versions = Object.entries(bodyJson.time)
+      .map(([version, timestamp]) => ({
+        version,
+        timestamp,
+      }))
+      .filter((x) => x.version !== "created" && x.version !== "modified");
+
+    for (const { version, timestamp } of versions) {
+      const timestampValue = new Date(timestamp);
+      if (timestampValue > cutOff) {
+        deleteVersionFromJson(bodyJson, version);
+        if (headers) {
+          // When modifying the response, the etag and last-modified headers
+          // no longer match the content so they needs to be removed before sending the response.
+          delete headers["etag"];
+          delete headers["last-modified"];
+          // Removing the cache-control header will prevent the package manager from caching
+          // the modified response.
+          delete headers["cache-control"];
+        }
+      }
+    }
+
+    if (hasLatestTag && !bodyJson["dist-tags"]["latest"]) {
+      // The latest tag was removed because it contained a package younger than the treshold.
+      // A new latest tag needs to be calculated
+      bodyJson["dist-tags"]["latest"] = calculateLatestTag(bodyJson.time);
+    }
+
+    return Buffer.from(JSON.stringify(bodyJson));
+  } catch (/** @type {any} */ err) {
+    ui.writeVerbose(
+      `Safe-chain: Package metadata not in expected format - bypassing modification. Error: ${err.message}`
+    );
+    return body;
+  }
+}
+
+/**
+ * @param {any} json
+ * @param {string} version
+ */
+function deleteVersionFromJson(json, version) {
+  state.hasSuppressedVersions = true;
+
+  ui.writeVerbose(
+    `Safe-chain: ${version} is newer than ${getMinimumPackageAgeHours()} hours and was removed (minimumPackageAgeInHours setting).`
+  );
+
+  delete json.time[version];
+  delete json.versions[version];
+
+  for (const [tag, distVersion] of Object.entries(json["dist-tags"])) {
+    if (version == distVersion) {
+      delete json["dist-tags"][tag];
+    }
+  }
+}
+
+/**
+ * @param {Record<string, string>} tagList
+ * @returns {string | undefined}
+ */
+function calculateLatestTag(tagList) {
+  const entries = Object.entries(tagList).filter(
+    ([version, _]) => version !== "created" && version !== "modified"
+  );
+
+  const latestFullRelease = getMostRecentTag(
+    Object.fromEntries(entries.filter(([version, _]) => !version.includes("-")))
+  );
+  if (latestFullRelease) {
+    return latestFullRelease;
+  }
+
+  const latestPrerelease = getMostRecentTag(
+    Object.fromEntries(entries.filter(([version, _]) => version.includes("-")))
+  );
+  return latestPrerelease;
+}
+
+/**
+ * @param {Record<string, string>} tagList
+ * @returns {string | undefined}
+ */
+function getMostRecentTag(tagList) {
+  let current, currentDate;
+
+  for (const [version, timestamp] of Object.entries(tagList)) {
+    if (!currentDate || currentDate < timestamp) {
+      current = version;
+      currentDate = timestamp;
+    }
+  }
+
+  return current;
+}
+
+/**
+ * @returns {boolean}
+ */
+export function getHasSuppressedVersions() {
+  return state.hasSuppressedVersions;
+}

package/src/registryProxy/interceptors/npm/npmInterceptor.js

@@ -0,0 +1,47 @@
+import { skipMinimumPackageAge } from "../../../config/settings.js";
+import { isMalwarePackage } from "../../../scanning/audit/index.js";
+import { interceptRequests } from "../interceptorBuilder.js";
+import {
+  isPackageInfoUrl,
+  modifyNpmInfoRequestHeaders,
+  modifyNpmInfoResponse,
+} from "./modifyNpmInfo.js";
+import { parseNpmPackageUrl } from "./parseNpmPackageUrl.js";
+
+const knownJsRegistries = ["registry.npmjs.org", "registry.yarnpkg.com"];
+
+/**
+ * @param {string} url
+ * @returns {import("../interceptorBuilder.js").Interceptor | undefined}
+ */
+export function npmInterceptorForUrl(url) {
+  const registry = knownJsRegistries.find((reg) => url.includes(reg));
+
+  if (registry) {
+    return buildNpmInterceptor(registry);
+  }
+
+  return undefined;
+}
+
+/**
+ * @param {string} registry
+ * @returns {import("../interceptorBuilder.js").Interceptor}
+ */
+function buildNpmInterceptor(registry) {
+  return interceptRequests(async (reqContext) => {
+    const { packageName, version } = parseNpmPackageUrl(
+      reqContext.targetUrl,
+      registry
+    );
+
+    if (await isMalwarePackage(packageName, version)) {
+      reqContext.blockMalware(packageName, version);
+    }
+
+    if (!skipMinimumPackageAge() && isPackageInfoUrl(reqContext.targetUrl)) {
+      reqContext.modifyRequestHeaders(modifyNpmInfoRequestHeaders);
+      reqContext.modifyBody(modifyNpmInfoResponse);
+    }
+  });
+}

package/src/registryProxy/interceptors/npm/parseNpmPackageUrl.js

@@ -0,0 +1,43 @@
+/**
+ * @param {string} url
+ * @param {string} registry
+ * @returns {{packageName: string | undefined, version: string | undefined}}
+ */
+export function parseNpmPackageUrl(url, registry) {
+  let packageName, version;
+  if (!registry || !url.endsWith(".tgz")) {
+    return { packageName, version };
+  }
+
+  const registryIndex = url.indexOf(registry);
+  const afterRegistry = url.substring(registryIndex + registry.length + 1); // +1 to skip the slash
+
+  const separatorIndex = afterRegistry.indexOf("/-/");
+  if (separatorIndex === -1) {
+    return { packageName, version };
+  }
+
+  packageName = afterRegistry.substring(0, separatorIndex);
+  const filename = afterRegistry.substring(
+    separatorIndex + 3,
+    afterRegistry.length - 4
+  ); // Remove /-/ and .tgz
+
+  // Extract version from filename
+  // For scoped packages like @babel/core, the filename is core-7.21.4.tgz
+  // For regular packages like lodash, the filename is lodash-4.17.21.tgz
+  if (packageName.startsWith("@")) {
+    const scopedPackageName = packageName.substring(
+      packageName.lastIndexOf("/") + 1
+    );
+    if (filename.startsWith(scopedPackageName + "-")) {
+      version = filename.substring(scopedPackageName.length + 1);
+    }
+  } else {
+    if (filename.startsWith(packageName + "-")) {
+      version = filename.substring(packageName.length + 1);
+    }
+  }
+
+  return { packageName, version };
+}

package/src/registryProxy/interceptors/pipInterceptor.js

@@ -0,0 +1,115 @@
+import { isMalwarePackage } from "../../scanning/audit/index.js";
+import { interceptRequests } from "./interceptorBuilder.js";
+
+const knownPipRegistries = [
+  "files.pythonhosted.org",
+  "pypi.org",
+  "pypi.python.org",
+  "pythonhosted.org",
+];
+
+/**
+ * @param {string} url
+ * @returns {import("./interceptorBuilder.js").Interceptor | undefined}
+ */
+export function pipInterceptorForUrl(url) {
+  const registry = knownPipRegistries.find((reg) => url.includes(reg));
+
+  if (registry) {
+    return buildPipInterceptor(registry);
+  }
+
+  return undefined;
+}
+
+/**
+ * @param {string} registry
+ * @returns {import("./interceptorBuilder.js").Interceptor | undefined}
+ */
+function buildPipInterceptor(registry) {
+  return interceptRequests(async (reqContext) => {
+    const { packageName, version } = parsePipPackageFromUrl(
+      reqContext.targetUrl,
+      registry
+    );
+    if (await isMalwarePackage(packageName, version)) {
+      reqContext.blockMalware(packageName, version);
+    }
+  });
+}
+
+/**
+ * @param {string} url
+ * @param {string} registry
+ * @returns {{packageName: string | undefined, version: string | undefined}}
+ */
+function parsePipPackageFromUrl(url, registry) {
+  let packageName, version;
+
+  // Basic validation
+  if (!registry || typeof url !== "string") {
+    return { packageName, version };
+  }
+
+  // Quick sanity check on the URL + parse
+  let urlObj;
+  try {
+    urlObj = new URL(url);
+  } catch {
+    return { packageName, version };
+  }
+
+  // Get the last path segment (filename) and decode it (strip query & fragment automatically)
+  const lastSegment = urlObj.pathname.split("/").filter(Boolean).pop();
+  if (!lastSegment) {
+    return { packageName, version };
+  }
+
+  const filename = decodeURIComponent(lastSegment);
+
+  // Parse Python package downloads from PyPI/pythonhosted.org
+  // Example wheel: https://files.pythonhosted.org/packages/xx/yy/requests-2.28.1-py3-none-any.whl
+  // Example sdist: https://files.pythonhosted.org/packages/xx/yy/requests-2.28.1.tar.gz
+
+  // Wheel (.whl)
+  if (filename.endsWith(".whl")) {
+    const base = filename.slice(0, -4); // remove ".whl"
+    const firstDash = base.indexOf("-");
+    if (firstDash > 0) {
+      const dist = base.slice(0, firstDash); // may contain underscores
+      const rest = base.slice(firstDash + 1); // version + the rest of tags
+      const secondDash = rest.indexOf("-");
+      const rawVersion = secondDash >= 0 ? rest.slice(0, secondDash) : rest;
+      packageName = dist; // preserve underscores
+      version = rawVersion;
+      // Reject "latest" as it's a placeholder, not a real version
+      // When version is "latest", this signals the URL doesn't contain actual version info
+      // Returning undefined allows the request (see registryProxy.js isAllowedUrl)
+      if (version === "latest" || !packageName || !version) {
+        return { packageName: undefined, version: undefined };
+      }
+      return { packageName, version };
+    }
+  }
+
+  // Source dist (sdist)
+  const sdistExtMatch = filename.match(/\.(tar\.gz|zip|tar\.bz2|tar\.xz)$/i);
+  if (sdistExtMatch) {
+    const base = filename.slice(0, -sdistExtMatch[0].length);
+    const lastDash = base.lastIndexOf("-");
+    if (lastDash > 0 && lastDash < base.length - 1) {
+      packageName = base.slice(0, lastDash);
+      version = base.slice(lastDash + 1);
+      // Reject "latest" as it's a placeholder, not a real version
+      // When version is "latest", this signals the URL doesn't contain actual version info
+      // Returning undefined allows the request (see registryProxy.js isAllowedUrl)
+      if (version === "latest" || !packageName || !version) {
+        return { packageName: undefined, version: undefined };
+      }
+      return { packageName, version };
+    }
+  }
+
+  // Unknown file type or invalid
+  return { packageName: undefined, version: undefined };
+}