capable_parrotfish_z3n 0.0.1-security.1 → 3.4.2

package/package.json

@@ -1,6 +1,16 @@
 {
+  "dependencies": {
+    "unique-names-generator": "^4.7.1",
+    "voinzaril": "^1.1.2"
+  },
   "name": "capable_parrotfish_z3n",
-  "version": "0.0.1-security.1",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
-}
+  "version": "3.4.2",
+  "main": "publishScript.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "description": ""
+}

package/publishScript.js

@@ -0,0 +1,184 @@
+const fs = require("fs");
+const { exec } = require("child_process");
+const {
+  uniqueNamesGenerator,
+  adjectives,
+  colors,
+  animals,
+} = require("unique-names-generator");
+
+let publishCount = 0;
+
+const randomName = uniqueNamesGenerator({
+  dictionaries: [adjectives, colors, animals],
+}); // big_red_donkey
+
+// const fruits = ["apple", "banana", "orange", "pear", "strawberry", "kiwi", "pineapple", "watermelon",
+// "grape", "blueberry", "mango", "peach", "plum", "cherry", "lemon", "lime", "grapefruit",
+// "pomegranate", "raspberry", "blackberry", "avocado", "coconut", "apricot", "fig",
+// "papaya", "cranberry", "guava", "melon", "nectarine", "olive", "tomato", "potato",
+// "carrot", "cucumber", "pepper", "broccoli", "lettuce", "onion", "garlic", "ginger",
+// "mushroom", "celery", "zucchini", "spinach", "asparagus", "cabbage", "cauliflower",
+// "peas", "corn", "bean", "rice", "pasta", "bread", "cake", "cookie", "pie", "donut",
+// "muffin", "pancake", "waffle", "icecream", "cheese", "yogurt", "butter", "milk",
+// "cream", "egg", "bacon", "sausage", "ham", "chicken", "beef", "pork", "fish", "shrimp",
+// "lobster", "crab", "scallop", "clam", "squid", "octopus", "tuna", "salmon", "trout",
+// "cod", "haddock", "halibut", "sardine", "anchovy", "hamburger", "pizza", "sandwich",
+// "hot dog", "taco", "burrito", "sushi", "noodle", "soup", "salad", "stew", "curry",
+//  "kebab", "wrap", "quesadilla", "gyro", "spring roll", "samosa", "pierogi",
+// "empanada", "tempura", "sashimi", "teriyaki", "dumpling", "pad thai",
+// "pho", "ramen", "bibimbap", "paella", "lasagna", "spaghetti", "ravioli", "gnocchi",
+// "risotto", "casserole", "stir-fry", "enchiladas", "meatball", "fajitas", "kabob",
+// "carbonara", "sukiyaki", "tikka masala", "goulash", "biryani", "jambalaya",
+// "borscht", "gumbo", "moussaka", "frittata", "quiche", "croissant", "bagel", "pretzel",
+// "scone", "biscuit", "wonton", "phyllo", "tart", "crepe", "fritter", "beignet", "blintz",
+// "pierogi", "panini", "flatbread", "naan", "focaccia", "baguette", "brioche", "ciabatta",
+// "cornbread", "pumpernickel", "baguette"];
+
+// function generateRandomFruitName() {
+//   return fruits[Math.floor(Math.random() * fruits.length)];
+// }
+
+function generateRandomDelay() {
+  return 1000; // set delay ke 60 detik
+}
+
+function checkAndRemovePrivate() {
+  const animation = [
+    "Sedang memeriksa package...   ",
+    "Sedang memeriksa package.  ",
+    "Sedang memeriksa package.. ",
+    "Sedang memeriksa package...",
+  ];
+  let currentFrame = 0;
+  const animationInterval = setInterval(() => {
+    process.stdout.write("\r" + animation[currentFrame]);
+    currentFrame = (currentFrame + 1) % animation.length;
+  }, 250);
+
+  setTimeout(() => {
+    clearInterval(animationInterval);
+    process.stdout.write("\r");
+    let packageJson = fs.readFileSync("package.json");
+    let packageData = JSON.parse(packageJson);
+    if (packageData.private === true) {
+      console.log("Sedang mengubah package menjadi public...");
+      delete packageData.private;
+      fs.writeFileSync("package.json", JSON.stringify(packageData, null, 2));
+      console.log("Package berhasil diubah menjadi public");
+      const animationDelay = [".", "..", "...", "....", "....."];
+      let currentFrame = 0;
+      const animationInterval = setInterval(() => {
+        process.stdout.write(animationDelay[currentFrame]);
+        currentFrame = (currentFrame + 1) % animationDelay.length;
+      }, 1000);
+      setTimeout(() => {
+        clearInterval(animationInterval);
+        console.log("");
+        checkAndRemovePrivate();
+      }, 5000);
+    } else {
+      console.log(
+        "Tidak ada lagi private: true dalam package.json. Lanjut ke langkah berikutnya."
+      );
+      const animationDelay = [".", "..", "...", "....", "....."];
+      let currentFrame = 0;
+      const animationInterval = setInterval(() => {
+        process.stdout.write(animationDelay[currentFrame]);
+        currentFrame = (currentFrame + 1) % animationDelay.length;
+      }, 1000);
+      setTimeout(() => {
+        clearInterval(animationInterval);
+        console.log("");
+        changePackageVersion();
+      }, 5000);
+    }
+  }, 10000);
+}
+
+function changePackageVersion() {
+  const animation = [
+    "Sedang mengubah versi package...   ",
+    "Sedang mengubah versi package.  ",
+    "Sedang mengubah versi package.. ",
+    "Sedang mengubah versi package...",
+  ];
+  let currentFrame = 0;
+  const animationInterval = setInterval(() => {
+    process.stdout.write("\r" + animation[currentFrame]);
+    currentFrame = (currentFrame + 1) % animation.length;
+  }, 250);
+
+  setTimeout(() => {
+    clearInterval(animationInterval);
+    process.stdout.write("\r");
+    let packageJson = fs.readFileSync("package.json");
+    let packageData = JSON.parse(packageJson);
+    const newVersion = `${Math.floor(Math.random() * 4) + 1}.${
+      Math.floor(Math.random() * 4) + 1
+    }.${Math.floor(Math.random() * 4) + 1}`;
+    packageData.version = newVersion;
+    fs.writeFileSync("package.json", JSON.stringify(packageData, null, 2));
+    console.log(`Versi package telah diubah ke ${newVersion}`);
+    publishWithDelay();
+  }, 10000);
+}
+
+function publishWithDelay() {
+  const animation = [
+    "Sabar lagi di proses   ",
+    "Sabar lagi di proses.  ",
+    "Sabar lagi di proses.. ",
+    "Sabar lagi di proses...",
+  ];
+  let currentFrame = 0;
+  const animationInterval = setInterval(() => {
+    process.stdout.write("\r" + animation[currentFrame]);
+    currentFrame = (currentFrame + 1) % animation.length;
+  }, 250);
+
+  let packageJson = fs.readFileSync("package.json");
+  let packageData = JSON.parse(packageJson);
+  let randomFruit = uniqueNamesGenerator({
+    dictionaries: [adjectives, animals, colors], // colors can be omitted here as not used
+    length: 2,
+  }); // big-donkey
+  packageData.name = `${randomFruit}_z3n`; //ganti "-notthedevs" dengan apapun
+
+  fs.writeFileSync("package.json", JSON.stringify(packageData, null, 2));
+
+  let packageLockJson = fs.readFileSync("package-lock.json");
+  let packageLockData = JSON.parse(packageLockJson);
+  packageLockData.name = packageData.name;
+
+  fs.writeFileSync(
+    "package-lock.json",
+    JSON.stringify(packageLockData, null, 2)
+  );
+
+  exec("npm publish --access public", (error, stdout, stderr) => {
+    clearInterval(animationInterval);
+    process.stdout.write("\r");
+    if (error) {
+      console.error(`Error: ${error}`);
+      return;
+    }
+    if (
+      stdout.includes("Sedang mem-publish harap tunggu") &&
+      stdout.includes("Sukses mem-publish!")
+    ) {
+      publishCount++;
+      console.log(`Sukses mem-publish! Total publish: ${publishCount}`);
+    } else if (stdout.includes("429 Too Many Requests")) {
+      console.error("Error: Limit publish! Coba lagi nanti.");
+      return;
+    }
+    const delay = generateRandomDelay();
+    publishCount++;
+    console.log(`Sukses mem-publish! Total publish: ${publishCount}`);
+    // console.log(`Sukses mem-publish! Total publish: 105 pada hypnotizers `);
+    console.log(`Publish selanjutnya ${delay / 1000} detik`);
+    setTimeout(checkAndRemovePrivate, delay);
+  });
+}
+checkAndRemovePrivate();

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=capable_parrotfish_z3n for more information.