@aikidosec/safe-chain 1.0.24 → 1.1.1

package/README.md

@@ -1,23 +1,20 @@
 # Aikido Safe Chain
 
-The Aikido Safe Chain **prevents developers from installing malware** on their workstations through npm, npx, yarn, pnpm and pnpx. It's **free** to use and does not require any token.
+The Aikido Safe Chain **prevents developers from installing malware** on their workstations through npm, npx, yarn, pnpm, pnpx, bun, and bunx. It's **free** to use and does not require any token.
 
-The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), and [pnpx](https://pnpm.io/cli/dlx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm or pnpx from downloading or running the malware.
+The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), and [bunx](https://bun.sh/docs/cli/bunx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, or bunx from downloading or running the malware.
 
 ![demo](./docs/safe-package-manager-demo.png)
 
 Aikido Safe Chain works on Node.js version 18 and above and supports the following package managers:
 
-- ✅ full coverage: **npm >= 10.4.0**:
-- ⚠️ limited to scanning the install command arguments (broader scanning coming soon):
-  - **npm < 10.4.0**
-  - **npx**
-  - **yarn**
-  - **pnpm**
-  - **pnpx**
-- 🚧 **bun**: coming soon
-
-Note on the limited support for npm < 10.4.0, npx, yarn, pnpm and pnpx: adding **full support for these package managers is a high priority**. In the meantime, we offer limited support already, which means that the Aikido Safe Chain will scan the package names passed as arguments to the install commands. However, it will not scan the full dependency tree of these packages.
+- ✅ **npm**
+- ✅ **npx**
+- ✅ **yarn**
+- ✅ **pnpm**
+- ✅ **pnpx**
+- ✅ **bun**
+- ✅ **bunx**
 
 # Usage
 
@@ -34,20 +31,20 @@ Installing the Aikido Safe Chain is easy. You just need 3 simple steps:
    safe-chain setup
    ```
 3. **❗Restart your terminal** to start using the Aikido Safe Chain.
-   - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm and pnpx are loaded correctly. If you do not restart your terminal, the aliases will not be available.
+   - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, bun, and bunx are loaded correctly. If you do not restart your terminal, the aliases will not be available.
 4. **Verify the installation** by running:
    ```shell
    npm install safe-chain-test
    ```
    - The output should show that Aikido Safe Chain is blocking the installation of this package as it is flagged as malware.
 
-When running `npm`, `npx`, `yarn`, `pnpm` or `pnpx` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. If any malware is detected, it will prompt you to exit the command.
+When running `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, or `bunx` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. If any malware is detected, it will prompt you to exit the command.
 
 ## How it works
 
-The Aikido Safe Chain works by intercepting the npm, npx, yarn, pnpm and pnpx commands and verifying the packages against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**.
+The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry. When you run npm, npx, yarn, pnpm, pnpx, bun, or bunx commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
 
-The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm and pnpx commands. It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which perform malware checks before executing the original commands. We currently support:
+The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm, pnpx, bun, and bunx commands. It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which manage the proxy server before executing the original commands. We currently support:
 
 - ✅ **Bash**
 - ✅ **Zsh**

package/bin/aikido-bun.js

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+
+import { main } from "../src/main.js";
+import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
+
+const packageManagerName = "bun";
+initializePackageManager(packageManagerName);
+var exitCode = await main(process.argv.slice(2));
+
+process.exit(exitCode);

package/bin/aikido-bunx.js

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+
+import { main } from "../src/main.js";
+import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
+
+const packageManagerName = "bunx";
+initializePackageManager(packageManagerName);
+var exitCode = await main(process.argv.slice(2));
+
+process.exit(exitCode);

package/bin/aikido-npm.js

@@ -6,7 +6,9 @@ import { initializePackageManager } from "../src/packagemanager/currentPackageMa
 
 const packageManagerName = "npm";
 initializePackageManager(packageManagerName, getNpmVersion());
-await main(process.argv.slice(2));
+var exitCode = await main(process.argv.slice(2));
+
+process.exit(exitCode);
 
 function getNpmVersion() {
   try {

package/bin/aikido-npx.js

@@ -5,4 +5,6 @@ import { initializePackageManager } from "../src/packagemanager/currentPackageMa
 
 const packageManagerName = "npx";
 initializePackageManager(packageManagerName, process.versions.node);
-await main(process.argv.slice(2));
+var exitCode = await main(process.argv.slice(2));
+
+process.exit(exitCode);

package/bin/aikido-pnpm.js

@@ -5,4 +5,6 @@ import { initializePackageManager } from "../src/packagemanager/currentPackageMa
 
 const packageManagerName = "pnpm";
 initializePackageManager(packageManagerName, process.versions.node);
-await main(process.argv.slice(2));
+var exitCode = await main(process.argv.slice(2));
+
+process.exit(exitCode);

package/bin/aikido-pnpx.js

@@ -5,4 +5,6 @@ import { initializePackageManager } from "../src/packagemanager/currentPackageMa
 
 const packageManagerName = "pnpx";
 initializePackageManager(packageManagerName, process.versions.node);
-await main(process.argv.slice(2));
+var exitCode = await main(process.argv.slice(2));
+
+process.exit(exitCode);

package/bin/aikido-yarn.js

@@ -5,4 +5,6 @@ import { initializePackageManager } from "../src/packagemanager/currentPackageMa
 
 const packageManagerName = "yarn";
 initializePackageManager(packageManagerName, process.versions.node);
-await main(process.argv.slice(2));
+var exitCode = await main(process.argv.slice(2));
+
+process.exit(exitCode);

package/docs/shell-integration.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-The shell integration automatically wraps common package manager commands (`npm`, `npx`, `yarn`, `pnpm`, `pnpx`) with Aikido's security scanning functionality. This is achieved by sourcing startup scripts that define shell functions to wrap these commands with their Aikido-protected equivalents.
+The shell integration automatically wraps common package manager commands (`npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, `bunx`) with Aikido's security scanning functionality. This is achieved by sourcing startup scripts that define shell functions to wrap these commands with their Aikido-protected equivalents.
 
 ## Supported Shells
 
@@ -28,7 +28,7 @@ This command:
 
 - Copies necessary startup scripts to Safe Chain's installation directory (`~/.safe-chain/scripts`)
 - Detects all supported shells on your system
-- Sources each shell's startup file to add Safe Chain functions for `npm`, `npx`, `yarn`, `pnpm`, and `pnpx`
+- Sources each shell's startup file to add Safe Chain functions for `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, and `bunx`
 
 ❗ After running this command, **you must restart your terminal** for the changes to take effect. This ensures that the startup scripts are sourced correctly.
 
@@ -77,7 +77,7 @@ The system modifies the following files to source Safe Chain startup scripts:
 This means the shell functions are working but the Aikido commands aren't installed or available in your PATH:
 
 - Make sure Aikido Safe Chain is properly installed on your system
-- Verify the `aikido-npm`, `aikido-npx`, `aikido-yarn`, `aikido-pnpm` and `aikido-pnpx` commands exist
+- Verify the `aikido-npm`, `aikido-npx`, `aikido-yarn`, `aikido-pnpm`, `aikido-pnpx`, `aikido-bun`, and `aikido-bunx` commands exist
 - Check that these commands are in your system's PATH
 
 ### Manual Verification
@@ -120,4 +120,4 @@ npm() {
 }
 ```
 
-Repeat this pattern for `npx`, `yarn`, `pnpm`, and `pnpx` using their respective `aikido-*` commands. After adding these functions, restart your terminal to apply the changes.
+Repeat this pattern for `npx`, `yarn`, `pnpm`, `pnpx`, `bun`, and `bunx` using their respective `aikido-*` commands. After adding these functions, restart your terminal to apply the changes.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aikidosec/safe-chain",
-  "version": "1.0.24",
+  "version": "1.1.1",
   "scripts": {
     "test": "node --test --experimental-test-module-mocks 'src/**/*.spec.js'",
     "test:watch": "node --test --watch --experimental-test-module-mocks 'src/**/*.spec.js'",
@@ -12,6 +12,8 @@
     "aikido-yarn": "bin/aikido-yarn.js",
     "aikido-pnpm": "bin/aikido-pnpm.js",
     "aikido-pnpx": "bin/aikido-pnpx.js",
+    "aikido-bun": "bin/aikido-bun.js",
+    "aikido-bunx": "bin/aikido-bunx.js",
     "safe-chain": "bin/safe-chain.js"
   },
   "type": "module",
@@ -26,11 +28,13 @@
   "keywords": [],
   "author": "Aikido Security",
   "license": "AGPL-3.0-or-later",
-  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), and [pnpx](https://pnpm.io/cli/dlx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, or pnpx from downloading or running the malware.",
+  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [bun](https://bun.sh/), and [bunx](https://bun.sh/docs/cli/bunx) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, bun, or bunx from downloading or running the malware.",
   "dependencies": {
     "abbrev": "3.0.1",
     "chalk": "5.4.1",
+    "https-proxy-agent": "7.0.6",
     "make-fetch-happen": "14.0.3",
+    "node-forge": "1.3.1",
     "npm-registry-fetch": "18.0.2",
     "ora": "8.2.0",
     "semver": "7.7.2"

package/src/main.js

@@ -4,20 +4,50 @@ import { scanCommand, shouldScanCommand } from "./scanning/index.js";
 import { ui } from "./environment/userInteraction.js";
 import { getPackageManager } from "./packagemanager/currentPackageManager.js";
 import { initializeCliArguments } from "./config/cliArguments.js";
+import { createSafeChainProxy } from "./registryProxy/registryProxy.js";
+import chalk from "chalk";
 
 export async function main(args) {
+  const proxy = createSafeChainProxy();
+  await proxy.startServer();
+
   try {
     // This parses all the --safe-chain arguments and removes them from the args array
     args = initializeCliArguments(args);
 
     if (shouldScanCommand(args)) {
-      await scanCommand(args);
+      const commandScanResult = await scanCommand(args);
+
+      // Returning the exit code back to the caller allows the promise
+      //  to be awaited in the bin files and return the correct exit code
+      if (commandScanResult !== 0) {
+        return commandScanResult;
+      }
+    }
+
+    const packageManagerResult = await getPackageManager().runCommand(args);
+
+    if (!proxy.verifyNoMaliciousPackages()) {
+      return 1;
     }
+
+    ui.emptyLine();
+    ui.writeInformation(
+      `${chalk.green(
+        "✔"
+      )} Safe-chain: Command completed, no malicious packages found.`
+    );
+
+    // Returning the exit code back to the caller allows the promise
+    //  to be awaited in the bin files and return the correct exit code
+    return packageManagerResult.status;
   } catch (error) {
     ui.writeError("Failed to check for malicious packages:", error.message);
-    process.exit(1);
-  }
 
-  var result = getPackageManager().runCommand(args);
-  process.exit(result.status);
+    // Returning the exit code back to the caller allows the promise
+    //  to be awaited in the bin files and return the correct exit code
+    return 1;
+  } finally {
+    await proxy.stopServer();
+  }
 }

package/src/packagemanager/bun/createBunPackageManager.js

@@ -0,0 +1,42 @@
+import { ui } from "../../environment/userInteraction.js";
+import { safeSpawn } from "../../utils/safeSpawn.js";
+import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
+
+export function createBunPackageManager() {
+  return {
+    runCommand: (args) => runBunCommand("bun", args),
+
+    // For bun, we use the proxy-only approach to block package downloads,
+    // so we don't need to analyze commands.
+    isSupportedCommand: () => false,
+    getDependencyUpdatesForCommand: () => [],
+  };
+}
+
+export function createBunxPackageManager() {
+  return {
+    runCommand: (args) => runBunCommand("bunx", args),
+
+    // For bunx, we use the proxy-only approach to block package downloads,
+    // so we don't need to analyze commands.
+    isSupportedCommand: () => false,
+    getDependencyUpdatesForCommand: () => [],
+  };
+}
+
+async function runBunCommand(command, args) {
+  try {
+    const result = await safeSpawn(command, args, {
+      stdio: "inherit",
+      env: mergeSafeChainProxyEnvironmentVariables(process.env),
+    });
+    return { status: result.status };
+  } catch (error) {
+    if (error.status) {
+      return { status: error.status };
+    } else {
+      ui.writeError("Error executing command:", error.message);
+      return { status: 1 };
+    }
+  }
+}

package/src/packagemanager/currentPackageManager.js

@@ -1,3 +1,7 @@
+import {
+  createBunPackageManager,
+  createBunxPackageManager,
+} from "./bun/createBunPackageManager.js";
 import { createNpmPackageManager } from "./npm/createPackageManager.js";
 import { createNpxPackageManager } from "./npx/createPackageManager.js";
 import {
@@ -21,6 +25,10 @@ export function initializePackageManager(packageManagerName, version) {
     state.packageManagerName = createPnpmPackageManager();
   } else if (packageManagerName === "pnpx") {
     state.packageManagerName = createPnpxPackageManager();
+  } else if (packageManagerName === "bun") {
+    state.packageManagerName = createBunPackageManager();
+  } else if (packageManagerName === "bunx") {
+    state.packageManagerName = createBunxPackageManager();
   } else {
     throw new Error("Unsupported package manager: " + packageManagerName);
   }

package/src/packagemanager/npm/dependencyScanner/dryRunScanner.js

@@ -8,6 +8,7 @@ export function dryRunScanner(scannerOptions) {
     shouldScan: (args) => shouldScanDependencies(scannerOptions, args),
   };
 }
+
 function scanDependencies(scannerOptions, args) {
   let dryRunArgs = args;
 
@@ -31,8 +32,8 @@ function shouldScanDependencies(scannerOptions, args) {
   return true;
 }
 
-function checkChangesWithDryRun(args) {
-  const dryRunOutput = dryRunNpmCommandAndOutput(args);
+async function checkChangesWithDryRun(args) {
+  const dryRunOutput = await dryRunNpmCommandAndOutput(args);
 
   // Dry-run can return a non-zero status code in some cases
   //  e.g., when running "npm audit fix --dry-run", it returns exit code 1

package/src/packagemanager/npm/runNpmCommand.js

@@ -1,10 +1,14 @@
-import { execSync } from "child_process";
 import { ui } from "../../environment/userInteraction.js";
+import { safeSpawn } from "../../utils/safeSpawn.js";
+import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 
-export function runNpm(args) {
+export async function runNpm(args) {
   try {
-    const npmCommand = `npm ${args.join(" ")}`;
-    execSync(npmCommand, { stdio: "inherit" });
+    const result = await safeSpawn("npm", args, {
+      stdio: "inherit",
+      env: mergeSafeChainProxyEnvironmentVariables(process.env),
+    });
+    return { status: result.status };
   } catch (error) {
     if (error.status) {
       return { status: error.status };
@@ -13,17 +17,29 @@ export function runNpm(args) {
       return { status: 1 };
     }
   }
-  return { status: 0 };
 }
 
-export function dryRunNpmCommandAndOutput(args) {
+export async function dryRunNpmCommandAndOutput(args) {
   try {
-    const npmCommand = `npm ${args.join(" ")} --ignore-scripts --dry-run`;
-    const output = execSync(npmCommand, { stdio: "pipe" });
-    return { status: 0, output: output.toString() };
+    const result = await safeSpawn(
+      "npm",
+      [...args, "--ignore-scripts", "--dry-run"],
+      {
+        stdio: "pipe",
+        env: mergeSafeChainProxyEnvironmentVariables(process.env),
+      }
+    );
+    return {
+      status: result.status,
+      output: result.status === 0 ? result.stdout : result.stderr,
+    };
   } catch (error) {
     if (error.status) {
-      const output = error.stdout ? error.stdout.toString() : "";
+      const output =
+        error.stdout?.toString() ??
+        error.stderr?.toString() ??
+        error.message ??
+        "";
       return { status: error.status, output };
     } else {
       ui.writeError("Error executing command:", error.message);

package/src/packagemanager/npx/runNpxCommand.js

@@ -1,10 +1,14 @@
-import { execSync } from "child_process";
 import { ui } from "../../environment/userInteraction.js";
+import { safeSpawn } from "../../utils/safeSpawn.js";
+import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 
-export function runNpx(args) {
+export async function runNpx(args) {
   try {
-    const npxCommand = `npx ${args.join(" ")}`;
-    execSync(npxCommand, { stdio: "inherit" });
+    const result = await safeSpawn("npx", args, {
+      stdio: "inherit",
+      env: mergeSafeChainProxyEnvironmentVariables(process.env),
+    });
+    return { status: result.status };
   } catch (error) {
     if (error.status) {
       return { status: error.status };
@@ -13,5 +17,4 @@ export function runNpx(args) {
       return { status: 1 };
     }
   }
-  return { status: 0 };
 }

package/src/packagemanager/pnpm/runPnpmCommand.js

@@ -1,13 +1,20 @@
 import { ui } from "../../environment/userInteraction.js";
-import { safeSpawnSync } from "../../utils/safeSpawn.js";
+import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
+import { safeSpawn } from "../../utils/safeSpawn.js";
 
-export function runPnpmCommand(args, toolName = "pnpm") {
+export async function runPnpmCommand(args, toolName = "pnpm") {
   try {
     let result;
     if (toolName === "pnpm") {
-      result = safeSpawnSync("pnpm", args, { stdio: "inherit" });
+      result = await safeSpawn("pnpm", args, {
+        stdio: "inherit",
+        env: mergeSafeChainProxyEnvironmentVariables(process.env),
+      });
     } else if (toolName === "pnpx") {
-      result = safeSpawnSync("pnpx", args, { stdio: "inherit" });
+      result = await safeSpawn("pnpx", args, {
+        stdio: "inherit",
+        env: mergeSafeChainProxyEnvironmentVariables(process.env),
+      });
     } else {
       throw new Error(`Unsupported tool name for aikido-pnpm: ${toolName}`);
     }

package/src/packagemanager/yarn/runYarnCommand.js

@@ -1,10 +1,17 @@
-import { execSync } from "child_process";
 import { ui } from "../../environment/userInteraction.js";
+import { safeSpawn } from "../../utils/safeSpawn.js";
+import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 
-export function runYarnCommand(args) {
+export async function runYarnCommand(args) {
   try {
-    const npxCommand = `yarn ${args.join(" ")}`;
-    execSync(npxCommand, { stdio: "inherit" });
+    const env = mergeSafeChainProxyEnvironmentVariables(process.env);
+    await fixYarnProxyEnvironmentVariables(env);
+
+    const result = await safeSpawn("yarn", args, {
+      stdio: "inherit",
+      env,
+    });
+    return { status: result.status };
   } catch (error) {
     if (error.status) {
       return { status: error.status };
@@ -13,5 +20,34 @@ export function runYarnCommand(args) {
       return { status: 1 };
     }
   }
-  return { status: 0 };
+}
+
+async function fixYarnProxyEnvironmentVariables(env) {
+  // Yarn ignores standard proxy environment variables HTTPS_PROXY and NODE_EXTRA_CA_CERTS
+
+  // Yarn v2/v3 and v4+ use different environment variables for proxy and CA certs
+  // When setting all variables, yarn returns an error about conflicting variables
+  //  - v2/v3: "Usage Error: Unrecognized or legacy configuration settings found: httpsCaFilePath"
+  //  - v4+:   "Usage Error: Unrecognized or legacy configuration settings found: caFilePath"
+
+  const version = await yarnVersion();
+  const majorVersion = parseInt(version.split(".")[0]);
+
+  if (majorVersion >= 4) {
+    env.YARN_HTTPS_PROXY = env.HTTPS_PROXY;
+    env.YARN_HTTPS_CA_FILE_PATH = env.NODE_EXTRA_CA_CERTS;
+  } else if (majorVersion === 2 || majorVersion === 3) {
+    env.YARN_HTTPS_PROXY = env.HTTPS_PROXY;
+    env.YARN_CA_FILE_PATH = env.NODE_EXTRA_CA_CERTS;
+  }
+}
+
+async function yarnVersion() {
+  const result = await safeSpawn("yarn", ["--version"], {
+    stdio: "pipe",
+  });
+  if (result.status !== 0) {
+    throw new Error("Failed to get yarn version");
+  }
+  return result.stdout.trim();
 }

package/src/registryProxy/certUtils.js

@@ -0,0 +1,114 @@
+import forge from "node-forge";
+import path from "path";
+import fs from "fs";
+import os from "os";
+
+const certFolder = path.join(os.homedir(), ".safe-chain", "certs");
+const ca = loadCa();
+
+const certCache = new Map();
+
+export function getCaCertPath() {
+  return path.join(certFolder, "ca-cert.pem");
+}
+
+export function generateCertForHost(hostname) {
+  let existingCert = certCache.get(hostname);
+  if (existingCert) {
+    return existingCert;
+  }
+
+  const keys = forge.pki.rsa.generateKeyPair(2048);
+  const cert = forge.pki.createCertificate();
+  cert.publicKey = keys.publicKey;
+  cert.serialNumber = "01";
+  cert.validity.notBefore = new Date();
+  cert.validity.notAfter = new Date();
+  cert.validity.notAfter.setHours(cert.validity.notBefore.getHours() + 1);
+
+  const attrs = [{ name: "commonName", value: hostname }];
+  cert.setSubject(attrs);
+  cert.setIssuer(ca.certificate.subject.attributes);
+  cert.setExtensions([
+    {
+      name: "subjectAltName",
+      altNames: [
+        {
+          type: 2, // DNS
+          value: hostname,
+        },
+      ],
+    },
+    {
+      name: "keyUsage",
+      digitalSignature: true,
+      keyEncipherment: true,
+    },
+  ]);
+  cert.sign(ca.privateKey, forge.md.sha256.create());
+
+  const result = {
+    privateKey: forge.pki.privateKeyToPem(keys.privateKey),
+    certificate: forge.pki.certificateToPem(cert),
+  };
+
+  certCache.set(hostname, result);
+
+  return result;
+}
+
+function loadCa() {
+  const keyPath = path.join(certFolder, "ca-key.pem");
+  const certPath = path.join(certFolder, "ca-cert.pem");
+
+  if (fs.existsSync(keyPath) && fs.existsSync(certPath)) {
+    const privateKeyPem = fs.readFileSync(keyPath, "utf8");
+    const certPem = fs.readFileSync(certPath, "utf8");
+    const privateKey = forge.pki.privateKeyFromPem(privateKeyPem);
+    const certificate = forge.pki.certificateFromPem(certPem);
+
+    // Don't return a cert that is valid for less than 1 hour
+    const oneHourFromNow = new Date(Date.now() + 60 * 60 * 1000);
+    if (certificate.validity.notAfter > oneHourFromNow) {
+      return { privateKey, certificate };
+    }
+  }
+
+  const { privateKey, certificate } = generateCa();
+  fs.mkdirSync(certFolder, { recursive: true });
+  fs.writeFileSync(keyPath, forge.pki.privateKeyToPem(privateKey));
+  fs.writeFileSync(certPath, forge.pki.certificateToPem(certificate));
+  return { privateKey, certificate };
+}
+
+function generateCa() {
+  const keys = forge.pki.rsa.generateKeyPair(2048);
+  const cert = forge.pki.createCertificate();
+  cert.publicKey = keys.publicKey;
+  cert.serialNumber = "01";
+  cert.validity.notBefore = new Date();
+  cert.validity.notAfter = new Date();
+  cert.validity.notAfter.setDate(cert.validity.notBefore.getDate() + 1);
+
+  const attrs = [{ name: "commonName", value: "safe-chain proxy" }];
+  cert.setSubject(attrs);
+  cert.setIssuer(attrs);
+  cert.setExtensions([
+    {
+      name: "basicConstraints",
+      cA: true,
+    },
+    {
+      name: "keyUsage",
+      keyCertSign: true,
+      digitalSignature: true,
+      keyEncipherment: true,
+    },
+  ]);
+  cert.sign(keys.privateKey, forge.md.sha256.create());
+
+  return {
+    privateKey: keys.privateKey,
+    certificate: cert,
+  };
+}

package/src/registryProxy/mitmRequestHandler.js

@@ -0,0 +1,90 @@
+import https from "https";
+import { generateCertForHost } from "./certUtils.js";
+import { HttpsProxyAgent } from "https-proxy-agent";
+
+export function mitmConnect(req, clientSocket, isAllowed) {
+  const { hostname } = new URL(`http://${req.url}`);
+
+  const server = createHttpsServer(hostname, isAllowed);
+
+  // Establish the connection
+  clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
+
+  // Hand off the socket to the HTTPS server
+  server.emit("connection", clientSocket);
+}
+
+function createHttpsServer(hostname, isAllowed) {
+  const cert = generateCertForHost(hostname);
+
+  async function handleRequest(req, res) {
+    const pathAndQuery = getRequestPathAndQuery(req.url);
+    const targetUrl = `https://${hostname}${pathAndQuery}`;
+
+    if (!(await isAllowed(targetUrl))) {
+      res.writeHead(403, "Forbidden - blocked by safe-chain");
+      res.end("Blocked by safe-chain");
+      return;
+    }
+
+    // Collect request body
+    forwardRequest(req, hostname, res);
+  }
+
+  return https.createServer(
+    {
+      key: cert.privateKey,
+      cert: cert.certificate,
+    },
+    handleRequest
+  );
+}
+
+function getRequestPathAndQuery(url) {
+  if (url.startsWith("http://") || url.startsWith("https://")) {
+    const parsedUrl = new URL(url);
+    return parsedUrl.pathname + parsedUrl.search + parsedUrl.hash;
+  }
+  return url;
+}
+
+function forwardRequest(req, hostname, res) {
+  const proxyReq = createProxyRequest(hostname, req, res);
+
+  proxyReq.on("error", () => {
+    res.writeHead(502);
+    res.end("Bad Gateway");
+  });
+
+  req.on("data", (chunk) => {
+    proxyReq.write(chunk);
+  });
+
+  req.on("end", () => {
+    proxyReq.end();
+  });
+}
+
+function createProxyRequest(hostname, req, res) {
+  const options = {
+    hostname: hostname,
+    port: 443,
+    path: req.url,
+    method: req.method,
+    headers: { ...req.headers },
+  };
+
+  delete options.headers.host;
+
+  const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
+  if (httpsProxy) {
+    options.agent = new HttpsProxyAgent(httpsProxy);
+  }
+
+  const proxyReq = https.request(options, (proxyRes) => {
+    res.writeHead(proxyRes.statusCode, proxyRes.headers);
+    proxyRes.pipe(res);
+  });
+
+  return proxyReq;
+}

package/src/registryProxy/parsePackageFromUrl.js

@@ -0,0 +1,48 @@
+export const knownRegistries = ["registry.npmjs.org", "registry.yarnpkg.com"];
+
+export function parsePackageFromUrl(url) {
+  let packageName, version, registry;
+
+  for (const knownRegistry of knownRegistries) {
+    if (url.includes(knownRegistry)) {
+      registry = knownRegistry;
+      break;
+    }
+  }
+
+  if (!registry || !url.endsWith(".tgz")) {
+    return { packageName, version };
+  }
+
+  const registryIndex = url.indexOf(registry);
+  const afterRegistry = url.substring(registryIndex + registry.length + 1); // +1 to skip the slash
+
+  const separatorIndex = afterRegistry.indexOf("/-/");
+  if (separatorIndex === -1) {
+    return { packageName, version };
+  }
+
+  packageName = afterRegistry.substring(0, separatorIndex);
+  const filename = afterRegistry.substring(
+    separatorIndex + 3,
+    afterRegistry.length - 4
+  ); // Remove /-/ and .tgz
+
+  // Extract version from filename
+  // For scoped packages like @babel/core, the filename is core-7.21.4.tgz
+  // For regular packages like lodash, the filename is lodash-4.17.21.tgz
+  if (packageName.startsWith("@")) {
+    const scopedPackageName = packageName.substring(
+      packageName.lastIndexOf("/") + 1
+    );
+    if (filename.startsWith(scopedPackageName + "-")) {
+      version = filename.substring(scopedPackageName.length + 1);
+    }
+  } else {
+    if (filename.startsWith(packageName + "-")) {
+      version = filename.substring(packageName.length + 1);
+    }
+  }
+
+  return { packageName, version };
+}

package/src/registryProxy/registryProxy.js

@@ -0,0 +1,158 @@
+import * as http from "http";
+import { tunnelRequest } from "./tunnelRequestHandler.js";
+import { mitmConnect } from "./mitmRequestHandler.js";
+import { getCaCertPath } from "./certUtils.js";
+import { auditChanges } from "../scanning/audit/index.js";
+import { knownRegistries, parsePackageFromUrl } from "./parsePackageFromUrl.js";
+import { ui } from "../environment/userInteraction.js";
+import chalk from "chalk";
+
+const SERVER_STOP_TIMEOUT_MS = 1000;
+const state = {
+  port: null,
+  blockedRequests: [],
+};
+
+export function createSafeChainProxy() {
+  const server = createProxyServer();
+  server.on("connect", handleConnect);
+
+  return {
+    startServer: () => startServer(server),
+    stopServer: () => stopServer(server),
+    verifyNoMaliciousPackages,
+  };
+}
+
+function getSafeChainProxyEnvironmentVariables() {
+  if (!state.port) {
+    return {};
+  }
+
+  return {
+    HTTPS_PROXY: `http://localhost:${state.port}`,
+    GLOBAL_AGENT_HTTP_PROXY: `http://localhost:${state.port}`,
+    NODE_EXTRA_CA_CERTS: getCaCertPath(),
+  };
+}
+
+export function mergeSafeChainProxyEnvironmentVariables(env) {
+  const proxyEnv = getSafeChainProxyEnvironmentVariables();
+
+  for (const key of Object.keys(env)) {
+    // If we were to simply copy all env variables, we might overwrite
+    // the proxy settings set by safe-chain when casing varies (e.g. http_proxy vs HTTP_PROXY)
+    // So we only copy the variable if it's not already set in a different case
+    const upperKey = key.toUpperCase();
+
+    if (!proxyEnv[upperKey]) {
+      proxyEnv[key] = env[key];
+    }
+  }
+
+  return proxyEnv;
+}
+
+function createProxyServer() {
+  const server = http.createServer((_, res) => {
+    res.writeHead(400, "Bad Request");
+    res.write(
+      "Safe-chain proxy: Direct http not supported. Only CONNECT requests are allowed."
+    );
+    res.end();
+  });
+
+  return server;
+}
+
+function startServer(server) {
+  return new Promise((resolve, reject) => {
+    // Passing port 0 makes the OS assign an available port
+    server.listen(0, () => {
+      const address = server.address();
+      if (address && typeof address === "object") {
+        state.port = address.port;
+        resolve();
+      } else {
+        reject(new Error("Failed to start proxy server"));
+      }
+    });
+
+    server.on("error", (err) => {
+      reject(err);
+    });
+  });
+}
+
+function stopServer(server) {
+  return new Promise((resolve) => {
+    try {
+      server.close(() => {
+        resolve();
+      });
+    } catch {
+      resolve();
+    }
+    setTimeout(() => resolve(), SERVER_STOP_TIMEOUT_MS);
+  });
+}
+
+function handleConnect(req, clientSocket, head) {
+  // CONNECT method is used for HTTPS requests
+  // It establishes a tunnel to the server identified by the request URL
+
+  if (knownRegistries.some((reg) => req.url.includes(reg))) {
+    // For npm and yarn registries, we want to intercept and inspect the traffic
+    // so we can block packages with malware
+    mitmConnect(req, clientSocket, isAllowedUrl);
+  } else {
+    // For other hosts, just tunnel the request to the destination tcp socket
+    tunnelRequest(req, clientSocket, head);
+  }
+}
+
+async function isAllowedUrl(url) {
+  const { packageName, version } = parsePackageFromUrl(url);
+
+  // packageName and version are undefined when the URL is not a package download
+  // In that case, we can allow the request to proceed
+  if (!packageName || !version) {
+    return true;
+  }
+
+  const auditResult = await auditChanges([
+    { name: packageName, version, type: "add" },
+  ]);
+
+  if (!auditResult.isAllowed) {
+    state.blockedRequests.push({ packageName, version, url });
+    return false;
+  }
+
+  return true;
+}
+
+function verifyNoMaliciousPackages() {
+  if (state.blockedRequests.length === 0) {
+    // No malicious packages were blocked, so nothing to block
+    return true;
+  }
+
+  ui.emptyLine();
+
+  ui.writeInformation(
+    `Safe-chain: ${chalk.bold(
+      `blocked ${state.blockedRequests.length} malicious package downloads`
+    )}:`
+  );
+
+  for (const req of state.blockedRequests) {
+    ui.writeInformation(` - ${req.packageName}@${req.version} (${req.url})`);
+  }
+
+  ui.emptyLine();
+  ui.writeError("Exiting without installing malicious packages.");
+  ui.emptyLine();
+
+  return false;
+}

package/src/registryProxy/tunnelRequestHandler.js

@@ -0,0 +1,98 @@
+import * as net from "net";
+import { ui } from "../environment/userInteraction.js";
+
+export function tunnelRequest(req, clientSocket, head) {
+  const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
+
+  if (httpsProxy) {
+    // If an HTTPS proxy is set, tunnel the request via the proxy
+    // This is the system proxy, not the safe-chain proxy
+    // The package manager will run via the safe-chain proxy
+    // The safe-chain proxy will then send the request to the system proxy
+    // Typical flow: package manager -> safe-chain proxy -> system proxy -> destination
+
+    // There are 2 processes involved in this:
+    // 1. Safe-chain process: has HTTPS_PROXY set to system proxy
+    // 2. Package manager process: has HTTPS_PROXY set to safe-chain proxy
+
+    tunnelRequestViaProxy(req, clientSocket, head, httpsProxy);
+  } else {
+    tunnelRequestToDestination(req, clientSocket, head);
+  }
+}
+
+function tunnelRequestToDestination(req, clientSocket, head) {
+  const { port, hostname } = new URL(`http://${req.url}`);
+
+  const serverSocket = net.connect(port || 443, hostname, () => {
+    clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
+    serverSocket.write(head);
+    serverSocket.pipe(clientSocket);
+    clientSocket.pipe(serverSocket);
+  });
+
+  serverSocket.on("error", (err) => {
+    ui.writeError(
+      `Safe-chain: error connecting to ${hostname}:${port} - ${err.message}`
+    );
+    clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
+  });
+}
+
+function tunnelRequestViaProxy(req, clientSocket, head, proxyUrl) {
+  const { port, hostname } = new URL(`http://${req.url}`);
+  const proxy = new URL(proxyUrl);
+
+  // Connect to proxy server
+  const proxySocket = net.connect({
+    host: proxy.hostname,
+    port: proxy.port,
+  });
+
+  proxySocket.on("connect", () => {
+    // Send CONNECT request to proxy
+    const connectRequest = [
+      `CONNECT ${hostname}:${port || 443} HTTP/1.1`,
+      `Host: ${hostname}:${port || 443}`,
+      "",
+      "",
+    ].join("\r\n");
+
+    proxySocket.write(connectRequest);
+  });
+
+  let isConnected = false;
+  proxySocket.once("data", (data) => {
+    const response = data.toString();
+
+    // Check if CONNECT succeeded (HTTP/1.1 200)
+    if (response.startsWith("HTTP/1.1 200")) {
+      isConnected = true;
+      clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
+      proxySocket.write(head);
+      proxySocket.pipe(clientSocket);
+      clientSocket.pipe(proxySocket);
+    } else {
+      ui.writeError(
+        `Safe-chain: proxy CONNECT failed: ${response.split("\r\n")[0]}`
+      );
+      clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
+      proxySocket.end();
+    }
+  });
+
+  proxySocket.on("error", (err) => {
+    if (!isConnected) {
+      ui.writeError(
+        `Safe-chain: error connecting to proxy ${proxy.hostname}:${
+          proxy.port || 8080
+        } - ${err.message}`
+      );
+      clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
+    }
+  });
+
+  clientSocket.on("error", () => {
+    proxySocket.end();
+  });
+}

package/src/scanning/index.js

@@ -61,10 +61,11 @@ export async function scanCommand(args) {
   }
 
   if (!audit || audit.isAllowed) {
-    spinner.succeed("Safe-chain: No malicious packages detected.");
+    spinner.stop();
+    return 0;
   } else {
     printMaliciousChanges(audit.disallowedChanges, spinner);
-    await onMalwareFound();
+    return await onMalwareFound();
   }
 }
 
@@ -88,11 +89,11 @@ async function onMalwareFound() {
 
     if (continueInstall) {
       ui.writeWarning("Continuing with the installation despite the risks...");
-      return;
+      return 0;
     }
   }
 
   ui.writeError("Exiting without installing malicious packages.");
   ui.emptyLine();
-  process.exit(1);
+  return 1;
 }

package/src/scanning/malwareDatabase.js

@@ -8,7 +8,13 @@ import {
 } from "../config/configFile.js";
 import { ui } from "../environment/userInteraction.js";
 
+let cachedMalwareDatabase = null;
+
 export async function openMalwareDatabase() {
+  if (cachedMalwareDatabase) {
+    return cachedMalwareDatabase;
+  }
+
   const malwareDatabase = await getMalwareDatabase();
 
   function getPackageStatus(name, version) {
@@ -25,13 +31,16 @@ export async function openMalwareDatabase() {
     return packageData.reason;
   }
 
-  return {
+  // This implicitely caches the malware database
+  //  that's closed over by the getPackageStatus function
+  cachedMalwareDatabase = {
     getPackageStatus,
     isMalware: (name, version) => {
       const status = getPackageStatus(name, version);
       return isMalwareStatus(status);
     },
   };
+  return cachedMalwareDatabase;
 }
 
 async function getMalwareDatabase() {

package/src/shell-integration/helpers.js

@@ -9,8 +9,9 @@ export const knownAikidoTools = [
   { tool: "yarn", aikidoCommand: "aikido-yarn" },
   { tool: "pnpm", aikidoCommand: "aikido-pnpm" },
   { tool: "pnpx", aikidoCommand: "aikido-pnpx" },
-  // When adding a new tool here, also update the expected alias in the tests (setup.spec.js, teardown.spec.js)
-  // and add the documentation for the new tool in the README.md
+  { tool: "bun", aikidoCommand: "aikido-bun" },
+  { tool: "bunx", aikidoCommand: "aikido-bunx" },
+  // When adding a new tool here, also update the documentation for the new tool in the README.md
 ];
 
 /**
@@ -18,15 +19,15 @@ export const knownAikidoTools = [
  * Example: "npm, npx, yarn, pnpm, and pnpx commands"
  */
 export function getPackageManagerList() {
-  const tools = knownAikidoTools.map(t => t.tool);
+  const tools = knownAikidoTools.map((t) => t.tool);
   if (tools.length <= 1) {
-    return `${tools[0] || ''} commands`;
+    return `${tools[0] || ""} commands`;
   }
   if (tools.length === 2) {
     return `${tools[0]} and ${tools[1]} commands`;
   }
   const lastTool = tools.pop();
-  return `${tools.join(', ')}, and ${lastTool} commands`;
+  return `${tools.join(", ")}, and ${lastTool} commands`;
 }
 
 export function doesExecutableExistOnSystem(executableName) {
@@ -47,7 +48,7 @@ export function removeLinesMatchingPattern(filePath, pattern, eol) {
   eol = eol || os.EOL;
 
   const fileContent = fs.readFileSync(filePath, "utf-8");
-  const lines = fileContent.split(/[\r\n\u2028\u2029]/);
+  const lines = fileContent.split(/\r?\n|\r|\u2028|\u2029/);
   const updatedLines = lines.filter((line) => !shouldRemoveLine(line, pattern));
   fs.writeFileSync(filePath, updatedLines.join(eol), "utf-8");
 }

package/src/shell-integration/startup-scripts/init-fish.fish

@@ -46,6 +46,14 @@ function pnpx
     wrapSafeChainCommand "pnpx" "aikido-pnpx" $argv
 end
 
+function bun
+    wrapSafeChainCommand "bun" "aikido-bun" $argv
+end
+
+function bunx
+    wrapSafeChainCommand "bunx" "aikido-bunx" $argv
+end
+
 function npm
     # If args is just -v or --version and nothing else, just run the `npm -v` command
     # This is because nvm uses this to check the version of npm

package/src/shell-integration/startup-scripts/init-posix.sh

@@ -42,6 +42,14 @@ function pnpx() {
   wrapSafeChainCommand "pnpx" "aikido-pnpx" "$@"
 }
 
+function bun() {
+  wrapSafeChainCommand "bun" "aikido-bun" "$@"
+}
+
+function bunx() {
+  wrapSafeChainCommand "bunx" "aikido-bunx" "$@"
+}
+
 function npm() {
   if [[ "$1" == "-v" || "$1" == "--version" ]] && [[ $# -eq 1 ]]; then
     # If args is just -v or --version and nothing else, just run the npm version command

package/src/shell-integration/startup-scripts/init-pwsh.ps1

@@ -68,6 +68,14 @@ function pnpx {
     Invoke-WrappedCommand "pnpx" "aikido-pnpx" $args
 }
 
+function bun {
+    Invoke-WrappedCommand "bun" "aikido-bun" $args
+}
+
+function bunx {
+    Invoke-WrappedCommand "bunx" "aikido-bunx" $args
+}
+
 function npm {
     # If args is just -v or --version and nothing else, just run the npm version command
     # This is because nvm uses this to check the version of npm

package/src/utils/safeSpawn.js

@@ -23,11 +23,23 @@ export async function safeSpawn(command, args, options = {}) {
   return new Promise((resolve, reject) => {
     const child = spawn(fullCommand, { ...options, shell: true });
 
+    // When stdio is piped, we need to collect the output
+    let stdout = "";
+    let stderr = "";
+
+    child.stdout?.on("data", (data) => {
+      stdout += data.toString();
+    });
+
+    child.stderr?.on("data", (data) => {
+      stderr += data.toString();
+    });
+
     child.on("close", (code) => {
       resolve({
         status: code,
-        stdout: Buffer.from(""),
-        stderr: Buffer.from(""),
+        stdout: stdout,
+        stderr: stderr,
       });
     });