muaddib-scanner 2.8.4 → 2.8.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/ioc/scraper.js +17 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "muaddib-scanner",
3
- "version": "2.8.4",
3
+ "version": "2.8.6",
4
4
  "description": "Supply-chain threat detection & response for npm & PyPI/Python",
5
5
  "main": "src/index.js",
6
6
  "bin": {
package/src/ioc/scraper.js CHANGED
@@ -15,6 +15,9 @@ const { NPM_PACKAGE_REGEX } = require('../shared/constants.js');
15
15
  // Version format validation (semver-like + wildcard)
16
16
  const VERSION_RE = /^(\*|0|[1-9]\d*(\.\d+){0,2}(-[\w.]+)?(\+[\w.]+)?)$/;
17
17
 
18
+ // Aggregated warning counter for noisy logs (reset per scraper run)
19
+ let _noVersionSkipCount = 0;
20
+
18
21
  /**
19
22
  * Validate an IOC package entry before insertion.
20
23
  * Returns true if valid, false if should be skipped.
@@ -463,7 +466,7 @@ function extractVersions(affected) {
463
466
  }
464
467
 
465
468
  if (versions.size === 0) {
466
- console.log('[SCRAPER] WARN: No version info found, skipping wildcard fallback');
469
+ _noVersionSkipCount++;
467
470
  return [];
468
471
  }
469
472
  return [...versions];
@@ -1089,6 +1092,9 @@ async function runScraper() {
1089
1092
  console.log(' OSV + OSSF + GenSecAI + DataDog + Snyk');
1090
1093
  console.log('='.repeat(60) + '\n');
1091
1094
 
1095
+ // Reset aggregated warning counters
1096
+ _noVersionSkipCount = 0;
1097
+
1092
1098
  // Create data directory if needed
1093
1099
  const dataDir = path.dirname(IOC_FILE);
1094
1100
  if (!fs.existsSync(dataDir)) {
@@ -1152,6 +1158,11 @@ async function runScraper() {
1152
1158
  const snykPackages = results[5];
1153
1159
  const pypiPackages = results[6];
1154
1160
 
1161
+ // Log aggregated warnings
1162
+ if (_noVersionSkipCount > 0) {
1163
+ console.log('[SCRAPER] WARN: ' + _noVersionSkipCount + ' packages skipped (no version info, wildcard fallback avoided)');
1164
+ }
1165
+
1155
1166
  // Merge all scraped packages
1156
1167
  const allPackages = [
1157
1168
  ...osvResult.packages,
@@ -1389,12 +1400,17 @@ async function runScraper() {
1389
1400
  };
1390
1401
  }
1391
1402
 
1403
+ // Test helpers for aggregated warning counters
1404
+ function getNoVersionSkipCount() { return _noVersionSkipCount; }
1405
+ function resetNoVersionSkipCount() { _noVersionSkipCount = 0; }
1406
+
1392
1407
  module.exports = {
1393
1408
  runScraper, scrapeShaiHuludDetector, scrapeDatadogIOCs,
1394
1409
  // Pure utility functions (exported for testing)
1395
1410
  parseCSVLine, parseCSV, extractVersions, parseOSVEntry,
1396
1411
  createFreshness, isAllowedRedirect, loadStaticIOCs,
1397
1412
  validateIOCEntry,
1413
+ getNoVersionSkipCount, resetNoVersionSkipCount,
1398
1414
  CONFIDENCE_ORDER, ALLOWED_REDIRECT_DOMAINS,
1399
1415
  MAX_ENTRY_UNCOMPRESSED, MAX_TOTAL_UNCOMPRESSED
1400
1416
  };