@deepv-code/safe-npm 0.1.0

package/dist/scanner/types.d.ts

@@ -0,0 +1,26 @@
+export type RiskLevel = 'fatal' | 'high' | 'warning' | 'safe';
+export interface ScanResult {
+    packageName: string;
+    version?: string;
+    riskLevel: RiskLevel;
+    issues: ScanIssue[];
+    checks: ScanCheck[];
+    canBypass: boolean;
+    suggestedPackage?: string;
+}
+export interface ScanCheck {
+    name: string;
+    status: 'pass' | 'fail' | 'skipped' | 'error';
+    description?: string;
+}
+export interface ScanIssue {
+    type: 'virus' | 'typosquat' | 'suspicious_code' | 'cve' | 'miner';
+    severity: RiskLevel;
+    message: string;
+    details?: string;
+}
+export interface ScanOptions {
+    offline?: boolean;
+    skipVirustotal?: boolean;
+}
+export type ProgressCallback = (message: string, completed: number, total: number) => void;

package/dist/scanner/types.js

@@ -0,0 +1 @@
+export {};

package/dist/scanner/typosquatting.d.ts

@@ -0,0 +1,3 @@
+import type { ScanIssue } from './types.js';
+export declare function findClosestPopularPackage(packageName: string): string | null;
+export declare function scanTyposquatting(packageName: string): Promise<ScanIssue[]>;

package/dist/scanner/typosquatting.js

@@ -0,0 +1,126 @@
+import { popularPackages } from '../data/popular-packages.js';
+import { t } from '../i18n/index.js';
+// Calculate Levenshtein distance
+function levenshtein(a, b) {
+    const matrix = [];
+    for (let i = 0; i <= b.length; i++) {
+        matrix[i] = [i];
+    }
+    for (let j = 0; j <= a.length; j++) {
+        matrix[0][j] = j;
+    }
+    for (let i = 1; i <= b.length; i++) {
+        for (let j = 1; j <= a.length; j++) {
+            if (b.charAt(i - 1) === a.charAt(j - 1)) {
+                matrix[i][j] = matrix[i - 1][j - 1];
+            }
+            else {
+                matrix[i][j] = Math.min(matrix[i - 1][j - 1] + 1, matrix[i][j - 1] + 1, matrix[i - 1][j] + 1);
+            }
+        }
+    }
+    return matrix[b.length][a.length];
+}
+// Common typosquatting patterns
+function checkCommonPatterns(name, target) {
+    // Same name with hyphens/underscores swapped
+    if (name.replace(/-/g, '_') === target.replace(/-/g, '_'))
+        return false;
+    if (name.replace(/_/g, '-') === target.replace(/_/g, '-'))
+        return false;
+    // Character substitution (0 for o, 1 for l, etc.)
+    const normalized = name
+        .replace(/0/g, 'o')
+        .replace(/1/g, 'l')
+        .replace(/3/g, 'e')
+        .replace(/4/g, 'a')
+        .replace(/5/g, 's');
+    if (normalized === target)
+        return true;
+    return false;
+}
+function parsePackageName(name) {
+    if (name.startsWith('@')) {
+        const parts = name.split('/');
+        return { scope: parts[0], name: parts[1] || '' };
+    }
+    return { scope: null, name: name };
+}
+export function findClosestPopularPackage(packageName) {
+    const lowerName = packageName.toLowerCase();
+    const targetParsed = parsePackageName(lowerName);
+    let bestMatch = null;
+    let minDistance = Infinity;
+    for (const popular of popularPackages) {
+        const distance = levenshtein(lowerName, popular);
+        // Exact match is not a suggestion
+        if (distance === 0)
+            return null;
+        if (distance <= 3 && distance < minDistance) { // Slightly looser threshold for "Did you mean?"
+            minDistance = distance;
+            bestMatch = popular;
+        }
+        // Check scoped similarity for suggestions
+        const popularParsed = parsePackageName(popular);
+        if (popularParsed.scope && targetParsed.name) {
+            const baseDist = levenshtein(targetParsed.name, popularParsed.name);
+            if (baseDist <= 1) {
+                return popular; // Strong signal: base name matches scoped package
+            }
+        }
+    }
+    return bestMatch;
+}
+export async function scanTyposquatting(packageName) {
+    const issues = [];
+    const lowerName = packageName.toLowerCase();
+    // Skip if it's an exact match of a popular package
+    if (popularPackages.includes(lowerName)) {
+        return issues;
+    }
+    const targetParsed = parsePackageName(lowerName);
+    for (const popular of popularPackages) {
+        // 1. Standard full-name check
+        const distance = levenshtein(lowerName, popular);
+        if (distance > 0 && distance <= 2) {
+            issues.push({
+                type: 'typosquat',
+                severity: 'fatal',
+                message: t('typosquatDetected'),
+                details: `Similar to popular package "${popular}" (distance: ${distance})`,
+            });
+            break;
+        }
+        if (checkCommonPatterns(lowerName, popular)) {
+            issues.push({
+                type: 'typosquat',
+                severity: 'fatal',
+                message: t('typosquatDetected'),
+                details: `Suspicious similarity to "${popular}"`,
+            });
+            break;
+        }
+        // 2. Scoped package protection logic
+        const popularParsed = parsePackageName(popular);
+        if (popularParsed.scope) {
+            // If the popular package IS scoped (e.g., @anthropic-ai/claude-code)
+            // Check A: The user is trying to install the "unscoped" version (e.g. claude-code)
+            // or a version in a different scope (e.g. @fake/claude-code)
+            const baseNameDistance = levenshtein(targetParsed.name, popularParsed.name);
+            // If the base name is identical or extremely similar
+            if (baseNameDistance <= 1) { // Very strict for scoped bases
+                // And the scopes are different (or target has no scope)
+                if (targetParsed.scope !== popularParsed.scope) {
+                    issues.push({
+                        type: 'typosquat',
+                        severity: 'fatal',
+                        message: t('typosquatDetected'),
+                        details: `Scope Hijacking Detected: This package "${packageName}" mimics the official package "${popular}". Verify the scope carefully!`,
+                    });
+                    break;
+                }
+            }
+        }
+    }
+    return issues;
+}

package/dist/scanner/virustotal.d.ts

@@ -0,0 +1,7 @@
+import type { ScanIssue, ScanOptions } from './types.js';
+interface VTScanResult {
+    issues: ScanIssue[];
+    info?: string;
+}
+export declare function scanVirusTotal(packageName: string, options?: ScanOptions): Promise<VTScanResult>;
+export {};

package/dist/scanner/virustotal.js

@@ -0,0 +1,249 @@
+import { t } from '../i18n/index.js';
+import { getConfig } from '../utils/config.js';
+import { getPackageInfo, downloadPackageAndHash } from '../utils/npm-package.js';
+import axios from 'axios';
+import FormData from 'form-data';
+// Local blacklist cache for offline mode
+// Source: Known malicious npm packages from security advisories
+const localBlacklist = new Set([
+    // Real known malicious packages
+    'event-stream', // Compromised in 2018, version 3.3.6
+    'flatmap-stream', // Malicious dependency of event-stream
+    'eslint-scope', // Compromised in 2018
+    'eslint-config-eslint', // Typosquat
+    'crossenv', // Typosquat of cross-env
+    'cross-env.js', // Typosquat of cross-env
+    'mongose', // Typosquat of mongoose
+    'mariadb', // Malicious package (not the real one)
+    'discordi.js', // Typosquat of discord.js
+    'discord.js-user', // Malicious
+    'colors-js', // Typosquat
+    'nodejs-base64', // Malicious
+    'nodesass', // Typosquat of node-sass
+    'nodefabric', // Malicious
+    'node-fabric', // Malicious
+    'fabric-js', // Typosquat
+    'grpc-js', // Typosquat of @grpc/grpc-js
+    'sqlite.js', // Typosquat
+    'sqlite-js', // Typosquat
+    'mssql.js', // Typosquat
+    'mssql-node', // Typosquat
+    'lodash-js', // Typosquat
+    'loadsh', // Typosquat
+    'lodashs', // Typosquat
+    'underscore-js', // Typosquat
+    'underscores', // Typosquat
+    'babel-preset-es2016', // Typosquat
+    'babelpreset-es2015', // Typosquat
+    'rc-js', // Typosquat
+    'rpc-websocket', // Malicious
+    'jquey', // Typosquat of jquery
+    'jquery.js', // Typosquat
+    'jqeury', // Typosquat
+    'boostrap', // Typosquat of bootstrap
+    'bootstrap-css', // Typosquat
+    'angularjs', // Typosquat
+    'angular.js', // Typosquat
+    'react.js', // Typosquat
+    'react-js', // Typosquat
+    'vue-js', // Typosquat
+    'twilio-npm', // Malicious
+    'discord-selfbot-v13', // Malicious
+    'discord-lofy', // Malicious
+]);
+// Known malicious package version ranges
+const maliciousVersions = {
+    'event-stream': ['3.3.6'],
+    'ua-parser-js': ['0.7.29', '0.8.0', '1.0.0'],
+    'coa': ['2.0.3', '2.0.4', '2.1.1', '2.1.3', '3.0.1', '3.1.3'],
+    'rc': ['1.2.9', '1.3.9', '2.3.9'],
+};
+/**
+ * Get a special upload URL for files larger than 32MB
+ */
+async function getLargeFileUploadUrl(apiKey) {
+    try {
+        const response = await axios.get('https://www.virustotal.com/api/v3/files/upload_url', {
+            headers: { 'x-apikey': apiKey },
+            timeout: 30000,
+        });
+        return response.data?.data || null;
+    }
+    catch (e) {
+        console.error('Failed to get VT upload URL', e);
+        return null;
+    }
+}
+/**
+ * Upload file to VirusTotal for analysis
+ */
+async function uploadFileToVirusTotal(buffer, filename, apiKey) {
+    try {
+        const formData = new FormData();
+        formData.append('file', buffer, { filename });
+        let uploadUrl = 'https://www.virustotal.com/api/v3/files';
+        // VirusTotal requires a special upload URL for files > 32MB
+        // Using 32MB limit to be safe (API doc says 32MB)
+        if (buffer.length > 32 * 1024 * 1024) {
+            const customUrl = await getLargeFileUploadUrl(apiKey);
+            if (customUrl) {
+                uploadUrl = customUrl;
+            }
+        }
+        const response = await axios.post(uploadUrl, formData, {
+            headers: {
+                'x-apikey': apiKey,
+                ...formData.getHeaders(),
+            },
+            // Increase timeout significantly for uploads (10 minutes)
+            timeout: 600000,
+            maxBodyLength: Infinity,
+            maxContentLength: Infinity
+        });
+        // Returns the analysis ID (e.g., "ZmY5...")
+        return response.data?.data?.id || null;
+    }
+    catch (error) {
+        if (axios.isAxiosError(error) && error.code === 'ECONNABORTED') {
+            console.error('VirusTotal Upload Timeout: File too large or network too slow');
+        }
+        else {
+            console.error('VirusTotal Upload Error:', error?.message || error);
+        }
+        return null;
+    }
+}
+/**
+ * Query VirusTotal API for file hash
+ */
+async function queryVirusTotal(sha256, apiKey) {
+    try {
+        const response = await axios.get(`https://www.virustotal.com/api/v3/files/${sha256}`, {
+            headers: {
+                'x-apikey': apiKey,
+            },
+            timeout: 30000,
+            validateStatus: (status) => status === 200 || status === 404,
+        });
+        if (response.status === 404) {
+            // File not found in VirusTotal - not necessarily bad
+            return null;
+        }
+        const stats = response.data?.data?.attributes?.last_analysis_stats;
+        const results = response.data?.data?.attributes?.last_analysis_results;
+        if (!stats) {
+            return null;
+        }
+        // Collect detection names
+        const detections = [];
+        if (results) {
+            for (const [engine, result] of Object.entries(results)) {
+                if (result.category === 'malicious' && result.result) {
+                    detections.push(`${engine}: ${result.result}`);
+                }
+            }
+        }
+        return {
+            malicious: stats.malicious || 0,
+            suspicious: stats.suspicious || 0,
+            detections,
+        };
+    }
+    catch (error) {
+        console.error('VirusTotal API error:', error);
+        return null;
+    }
+}
+export async function scanVirusTotal(packageName, options = {}) {
+    const issues = [];
+    const config = getConfig();
+    // Parse package name without version
+    let baseName = packageName;
+    if (packageName.includes('@') && !packageName.startsWith('@')) {
+        baseName = packageName.split('@')[0];
+    }
+    else if (packageName.startsWith('@')) {
+        const lastAt = packageName.lastIndexOf('@');
+        if (lastAt > 0) {
+            baseName = packageName.substring(0, lastAt);
+        }
+    }
+    // Check local blacklist first
+    if (localBlacklist.has(baseName)) {
+        issues.push({
+            type: 'virus',
+            severity: 'fatal',
+            message: t('virusDetected'),
+            details: `Package "${baseName}" is in the known malicious packages blacklist`,
+        });
+        return { issues, info: 'Blocked by local blacklist' };
+    }
+    // Get package info to check version
+    const packageInfo = await getPackageInfo(packageName);
+    if (packageInfo) {
+        // Check for known malicious versions
+        const badVersions = maliciousVersions[packageInfo.name];
+        if (badVersions && badVersions.includes(packageInfo.version)) {
+            issues.push({
+                type: 'virus',
+                severity: 'fatal',
+                message: t('virusDetected'),
+                details: `Version ${packageInfo.version} of "${packageInfo.name}" is known to be compromised`,
+            });
+            return { issues, info: 'Blocked by malicious version list' };
+        }
+    }
+    // If offline mode or no API key, skip online check
+    if (options.offline || config.offline) {
+        return { issues, info: 'Skipped (Offline Mode)' };
+    }
+    if (!config.virustotal.apiKey || !config.virustotal.enabled) {
+        // No API key configured, skip VT check but don't warn
+        return { issues, info: 'Skipped (No API Key)' };
+    }
+    // Download package and calculate hash
+    if (packageInfo?.tarballUrl) {
+        const downloadResult = await downloadPackageAndHash(packageInfo.tarballUrl);
+        if (downloadResult) {
+            const vtResult = await queryVirusTotal(downloadResult.hash, config.virustotal.apiKey);
+            if (vtResult) {
+                const totalEngines = (vtResult.malicious || 0) + (vtResult.suspicious || 0) + 70; // Estimate
+                const info = `Scanned Hash: ${downloadResult.hash.substring(0, 8)}... | Detections: ${vtResult.malicious}/${totalEngines}`;
+                if (vtResult.malicious > 0) {
+                    issues.push({
+                        type: 'virus',
+                        severity: 'fatal',
+                        message: t('virusDetected'),
+                        details: `VirusTotal: ${vtResult.malicious} security vendors flagged this package as malicious. Detections: ${vtResult.detections.slice(0, 3).join(', ')}${vtResult.detections.length > 3 ? '...' : ''}`,
+                    });
+                }
+                else if (vtResult.suspicious > 2) {
+                    issues.push({
+                        type: 'virus',
+                        severity: 'high',
+                        message: t('virusDetected'),
+                        details: `VirusTotal: ${vtResult.suspicious} security vendors flagged this package as suspicious`,
+                    });
+                }
+                return { issues, info };
+            }
+            else {
+                // File not found in VT, upload it
+                const analysisId = await uploadFileToVirusTotal(downloadResult.buffer, `${packageInfo.name}-${packageInfo.version}.tgz`, config.virustotal.apiKey);
+                if (analysisId) {
+                    return {
+                        issues,
+                        info: `File not found in VT. Uploaded for analysis. View: https://www.virustotal.com/gui/file-analysis/${analysisId}`
+                    };
+                }
+                else {
+                    return {
+                        issues,
+                        info: `Hash ${downloadResult.hash.substring(0, 8)}... not found in VirusTotal (Upload failed)`
+                    };
+                }
+            }
+        }
+    }
+    return { issues, info: 'Could not download package for scanning' };
+}

package/dist/scanner/vulnerability.d.ts

@@ -0,0 +1,2 @@
+import type { ScanIssue } from './types.js';
+export declare function scanVulnerabilities(packageName: string): Promise<ScanIssue[]>;

package/dist/scanner/vulnerability.js

@@ -0,0 +1,42 @@
+import { t } from '../i18n/index.js';
+import { exec } from 'child_process';
+import { promisify } from 'util';
+const execAsync = promisify(exec);
+export async function scanVulnerabilities(packageName) {
+    const issues = [];
+    try {
+        // Use npm audit to check for known vulnerabilities
+        // Note: This is a simplified implementation
+        // In reality, we'd need to create a temp package.json to audit specific packages
+        const { stdout } = await execAsync(`npm audit --json --package-lock-only 2>nul || echo {}`, {
+            timeout: 30000,
+        });
+        if (!stdout.trim() || stdout.trim() === '{}') {
+            return issues;
+        }
+        try {
+            const auditResult = JSON.parse(stdout);
+            // Check if our package is in the vulnerabilities
+            const vulns = auditResult.vulnerabilities || {};
+            if (vulns[packageName]) {
+                const vuln = vulns[packageName];
+                const severity = vuln.severity;
+                if (severity === 'critical' || severity === 'high') {
+                    issues.push({
+                        type: 'cve',
+                        severity: 'warning', // CVEs are warnings, not blockers
+                        message: t('cveFound'),
+                        details: `${severity.toUpperCase()}: ${vuln.via?.[0]?.title || 'Known vulnerability'}`,
+                    });
+                }
+            }
+        }
+        catch {
+            // JSON parse failed, skip
+        }
+    }
+    catch {
+        // Audit failed, skip vulnerability check
+    }
+    return issues;
+}

package/dist/tui/App.d.ts

@@ -0,0 +1,2 @@
+import React from 'react';
+export declare function App(): React.ReactElement;

package/dist/tui/App.js

@@ -0,0 +1,67 @@
+import React, { useState } from 'react';
+import { Box, Text, useInput, useApp } from 'ink';
+import { t } from '../i18n/index.js';
+import { PopularScreen } from './screens/PopularScreen.js';
+import { CheckScreen } from './screens/CheckScreen.js';
+import { SettingsScreen } from './screens/SettingsScreen.js';
+export function App() {
+    const [screen, setScreen] = useState('menu');
+    const [selectedIndex, setSelectedIndex] = useState(0);
+    const [checkPackage, setCheckPackage] = useState(undefined);
+    const { exit } = useApp();
+    const menuItems = [
+        { key: 'popular', label: t('tuiPopular') },
+        { key: 'check', label: t('tuiCheck') },
+        { key: 'settings', label: t('tuiSettings') },
+        { key: 'quit', label: t('tuiQuit') },
+    ];
+    useInput((input, key) => {
+        if (screen === 'menu') {
+            if (key.upArrow) {
+                setSelectedIndex((i) => (i > 0 ? i - 1 : menuItems.length - 1));
+            }
+            if (key.downArrow) {
+                setSelectedIndex((i) => (i < menuItems.length - 1 ? i + 1 : 0));
+            }
+            if (key.return) {
+                const item = menuItems[selectedIndex];
+                if (item.key === 'quit') {
+                    exit();
+                }
+                else {
+                    setCheckPackage(undefined); // Reset check package when entering normally
+                    setScreen(item.key);
+                }
+            }
+            if (input === 'q') {
+                exit();
+            }
+        }
+    });
+    if (screen === 'menu') {
+        return (React.createElement(Box, { flexDirection: "column", padding: 1 },
+            React.createElement(Text, { bold: true, color: "cyan" }, t('tuiWelcome')),
+            React.createElement(Text, null, " "),
+            menuItems.map((item, i) => (React.createElement(Text, { key: item.key, color: i === selectedIndex ? 'green' : undefined },
+                i === selectedIndex ? '❯ ' : '  ',
+                item.label))),
+            React.createElement(Text, null, " "),
+            React.createElement(Text, { dimColor: true }, "Use \u2191\u2193 to navigate, Enter to select, q to quit")));
+    }
+    if (screen === 'popular') {
+        return (React.createElement(Box, { padding: 1 },
+            React.createElement(PopularScreen, { onSelect: (pkg) => {
+                    setCheckPackage(pkg);
+                    setScreen('check');
+                }, onBack: () => setScreen('menu') })));
+    }
+    if (screen === 'check') {
+        return (React.createElement(Box, { padding: 1 },
+            React.createElement(CheckScreen, { initialPackage: checkPackage, onBack: () => setScreen('menu') })));
+    }
+    if (screen === 'settings') {
+        return (React.createElement(Box, { padding: 1 },
+            React.createElement(SettingsScreen, { onBack: () => setScreen('menu') })));
+    }
+    return React.createElement(Text, null, "Error: Unknown screen");
+}

package/dist/tui/index.d.ts

@@ -0,0 +1 @@
+export declare function startTui(): void;

package/dist/tui/index.js

@@ -0,0 +1,6 @@
+import React from 'react';
+import { render } from 'ink';
+import { App } from './App.js';
+export function startTui() {
+    render(React.createElement(App, null));
+}

package/dist/tui/screens/CheckScreen.d.ts

@@ -0,0 +1,7 @@
+import React from 'react';
+interface Props {
+    initialPackage?: string;
+    onBack: () => void;
+}
+export declare function CheckScreen({ initialPackage, onBack }: Props): React.ReactElement;
+export {};

package/dist/tui/screens/CheckScreen.js

@@ -0,0 +1,92 @@
+import React, { useState, useEffect } from 'react';
+import { Box, Text, useInput } from 'ink';
+import TextInput from 'ink-text-input';
+import { scanPackage } from '../../scanner/index.js';
+import { t } from '../../i18n/index.js';
+export function CheckScreen({ initialPackage, onBack }) {
+    const [query, setQuery] = useState(initialPackage || '');
+    const [loading, setLoading] = useState(!!initialPackage);
+    const [progressMsg, setProgressMsg] = useState('');
+    const [result, setResult] = useState(null);
+    const [error, setError] = useState(null);
+    useInput((input, key) => {
+        if (loading)
+            return;
+        if (key.escape) {
+            onBack();
+            return;
+        }
+        if (key.return) {
+            if (query.trim()) {
+                startScan(query);
+            }
+            return;
+        }
+    });
+    useEffect(() => {
+        if (initialPackage) {
+            startScan(initialPackage);
+        }
+    }, []);
+    const startScan = async (pkg) => {
+        setLoading(true);
+        setProgressMsg('Initializing scan...');
+        setError(null);
+        setResult(null);
+        try {
+            const res = await scanPackage(pkg, {}, (msg, completed, total) => {
+                setProgressMsg(`${msg} (${completed}/${total})`);
+            });
+            setResult(res);
+        }
+        catch (err) {
+            setError(err.message || 'Scan failed');
+        }
+        finally {
+            setLoading(false);
+        }
+    };
+    const getRiskColor = (level) => {
+        switch (level) {
+            case 'fatal': return 'red';
+            case 'high': return 'red';
+            case 'warning': return 'yellow';
+            case 'safe': return 'green';
+            default: return 'white';
+        }
+    };
+    return (React.createElement(Box, { flexDirection: "column" },
+        React.createElement(Text, { bold: true, color: "cyan" }, t('tuiCheck')),
+        React.createElement(Box, { marginTop: 1 },
+            React.createElement(Text, null, "Package: "),
+            React.createElement(TextInput, { value: query, onChange: setQuery, onSubmit: () => {
+                    if (query.trim())
+                        startScan(query);
+                } }),
+            React.createElement(Text, { dimColor: true }, loading ? ` ${progressMsg}` : '')),
+        error && (React.createElement(Box, { marginTop: 1 },
+            React.createElement(Text, { color: "red" },
+                "Error: ",
+                error))),
+        result && (React.createElement(Box, { flexDirection: "column", marginTop: 1, borderStyle: "single", borderColor: getRiskColor(result.riskLevel), padding: 1 },
+            React.createElement(Box, null,
+                React.createElement(Text, { bold: true }, "Risk Level: "),
+                React.createElement(Text, { color: getRiskColor(result.riskLevel), bold: true }, result.riskLevel.toUpperCase())),
+            React.createElement(Box, { flexDirection: "column", marginTop: 1 }, result.checks.map((check, i) => (React.createElement(Box, { key: i },
+                React.createElement(Text, { color: check.status === 'pass' ? 'green' : check.status === 'fail' ? 'red' : 'gray' }, check.status === 'pass' ? '✓ ' : check.status === 'fail' ? '✗ ' : '○ '),
+                React.createElement(Text, null,
+                    check.name,
+                    ": "),
+                React.createElement(Text, { dimColor: true }, check.description))))),
+            React.createElement(Box, { flexDirection: "column", marginTop: 1 }, result.issues.length === 0 ? (React.createElement(Text, { color: "green" }, "No issues found. Package appears safe.")) : (result.issues.map((issue, i) => (React.createElement(Box, { key: i, flexDirection: "column", marginBottom: 1 },
+                React.createElement(Text, { color: issue.severity === 'high' || issue.severity === 'fatal' ? 'red' : 'yellow' },
+                    "\u26A0 ",
+                    issue.message),
+                issue.details && React.createElement(Text, { dimColor: true },
+                    "  ",
+                    issue.details)))))),
+            !result.canBypass && (React.createElement(Box, { marginTop: 1 },
+                React.createElement(Text, { color: "red", bold: true }, "BLOCK: Package installation blocked by policy."))))),
+        React.createElement(Box, { marginTop: 1 },
+            React.createElement(Text, { dimColor: true }, "Enter to scan, Esc to back"))));
+}

package/dist/tui/screens/PopularScreen.d.ts

@@ -0,0 +1,7 @@
+import React from 'react';
+interface Props {
+    onSelect: (pkg: string) => void;
+    onBack: () => void;
+}
+export declare function PopularScreen({ onSelect, onBack }: Props): React.ReactElement;
+export {};