npm - passbolt-browser-extension - Versions diffs - 5.10.4 → 5.12.1 - Mend

passbolt-browser-extension 5.10.4 → 5.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (296) hide show

package/am_i_compromised.py ADDED Viewed

@@ -0,0 +1,1036 @@
+#!/usr/bin/env python3
+"""am_i_compromised.py - supply chain graph analysis for Mini Shai-Hulud (May 2025)
+Ref: https://www.aikido.dev/blog/mini-shai-hulud-is-back-tanstack-compromised
+Scans npm/yarn/pnpm lockfiles and classifies findings into 4 tiers:
+  T1 COMPROMISED  exact match against known-bad pkg@version
+  T2 DIRECT        root dep/devDep from a compromised namespace
+  T3 TRANSITIVE    compromised namespace pkg in tree via transitive chain
+  T4 SHADOW        installed pkg's own devDependencies reference compromised namespace
+                   (not installed, but indicates build tooling was targeted)
+Usage: ./am_i_compromised.py [path ...] [--deep]
+  path   lockfile or directory (default: .)
+  --deep fetch package metadata from npm registry for T4 (slow)
+"""
+import json
+import os
+import re
+import sys
+import urllib.request
+import urllib.error
+from collections import defaultdict, deque
+from concurrent.futures import ThreadPoolExecutor, as_completed
+from pathlib import Path
+# ── Known-bad pkg@version pairs (complete as of 2025-05-12) ─────────────────
+BAD_VERSIONS = {
+    "@beproduct/nestjs-auth@0.1.10",
+    "@beproduct/nestjs-auth@0.1.11",
+    "@beproduct/nestjs-auth@0.1.12",
+    "@beproduct/nestjs-auth@0.1.13",
+    "@beproduct/nestjs-auth@0.1.14",
+    "@beproduct/nestjs-auth@0.1.15",
+    "@beproduct/nestjs-auth@0.1.16",
+    "@beproduct/nestjs-auth@0.1.17",
+    "@beproduct/nestjs-auth@0.1.18",
+    "@beproduct/nestjs-auth@0.1.19",
+    "@beproduct/nestjs-auth@0.1.2",
+    "@beproduct/nestjs-auth@0.1.3",
+    "@beproduct/nestjs-auth@0.1.4",
+    "@beproduct/nestjs-auth@0.1.5",
+    "@beproduct/nestjs-auth@0.1.6",
+    "@beproduct/nestjs-auth@0.1.7",
+    "@beproduct/nestjs-auth@0.1.8",
+    "@beproduct/nestjs-auth@0.1.9",
+    "@dirigible-ai/sdk@0.6.2",
+    "@dirigible-ai/sdk@0.6.3",
+    "@draftauth/client@0.2.1",
+    "@draftauth/client@0.2.2",
+    "@draftauth/core@0.13.1",
+    "@draftauth/core@0.13.2",
+    "@draftlab/auth-router@0.5.1",
+    "@draftlab/auth-router@0.5.2",
+    "@draftlab/auth@0.24.1",
+    "@draftlab/auth@0.24.2",
+    "@draftlab/db@0.16.1",
+    "@mesadev/rest@0.28.3",
+    "@mesadev/saguaro@0.4.22",
+    "@mesadev/sdk@0.28.3",
+    "@mistralai/mistralai-azure@1.7.1",
+    "@mistralai/mistralai-azure@1.7.2",
+    "@mistralai/mistralai-azure@1.7.3",
+    "@mistralai/mistralai-gcp@1.7.1",
+    "@mistralai/mistralai-gcp@1.7.2",
+    "@mistralai/mistralai-gcp@1.7.3",
+    "@mistralai/mistralai@2.2.2",
+    "@mistralai/mistralai@2.2.3",
+    "@mistralai/mistralai@2.2.4",
+    "@ml-toolkit-ts/preprocessing@1.0.2",
+    "@ml-toolkit-ts/preprocessing@1.0.3",
+    "@ml-toolkit-ts/xgboost@1.0.3",
+    "@ml-toolkit-ts/xgboost@1.0.4",
+    "@squawk/airport-data@0.7.4",
+    "@squawk/airport-data@0.7.5",
+    "@squawk/airport-data@0.7.6",
+    "@squawk/airport-data@0.7.7",
+    "@squawk/airports@0.6.2",
+    "@squawk/airports@0.6.3",
+    "@squawk/airports@0.6.4",
+    "@squawk/airports@0.6.5",
+    "@squawk/airspace-data@0.5.3",
+    "@squawk/airspace-data@0.5.4",
+    "@squawk/airspace-data@0.5.5",
+    "@squawk/airspace-data@0.5.6",
+    "@squawk/airspace@0.8.1",
+    "@squawk/airspace@0.8.2",
+    "@squawk/airspace@0.8.3",
+    "@squawk/airspace@0.8.4",
+    "@squawk/airway-data@0.5.4",
+    "@squawk/airway-data@0.5.5",
+    "@squawk/airway-data@0.5.6",
+    "@squawk/airway-data@0.5.7",
+    "@squawk/airways@0.4.2",
+    "@squawk/airways@0.4.3",
+    "@squawk/airways@0.4.4",
+    "@squawk/airways@0.4.5",
+    "@squawk/fix-data@0.6.4",
+    "@squawk/fix-data@0.6.5",
+    "@squawk/fix-data@0.6.6",
+    "@squawk/fix-data@0.6.7",
+    "@squawk/fixes@0.3.2",
+    "@squawk/fixes@0.3.3",
+    "@squawk/fixes@0.3.4",
+    "@squawk/fixes@0.3.5",
+    "@squawk/flight-math@0.5.4",
+    "@squawk/flight-math@0.5.5",
+    "@squawk/flight-math@0.5.6",
+    "@squawk/flight-math@0.5.7",
+    "@squawk/flightplan@0.5.2",
+    "@squawk/flightplan@0.5.3",
+    "@squawk/flightplan@0.5.4",
+    "@squawk/flightplan@0.5.5",
+    "@squawk/geo@0.4.4",
+    "@squawk/geo@0.4.5",
+    "@squawk/geo@0.4.6",
+    "@squawk/geo@0.4.7",
+    "@squawk/icao-registry-data@0.8.4",
+    "@squawk/icao-registry-data@0.8.5",
+    "@squawk/icao-registry-data@0.8.6",
+    "@squawk/icao-registry-data@0.8.7",
+    "@squawk/icao-registry@0.5.2",
+    "@squawk/icao-registry@0.5.3",
+    "@squawk/icao-registry@0.5.4",
+    "@squawk/icao-registry@0.5.5",
+    "@squawk/mcp@0.9.1",
+    "@squawk/mcp@0.9.2",
+    "@squawk/mcp@0.9.3",
+    "@squawk/mcp@0.9.4",
+    "@squawk/navaid-data@0.6.4",
+    "@squawk/navaid-data@0.6.5",
+    "@squawk/navaid-data@0.6.6",
+    "@squawk/navaid-data@0.6.7",
+    "@squawk/navaids@0.4.2",
+    "@squawk/navaids@0.4.3",
+    "@squawk/navaids@0.4.4",
+    "@squawk/navaids@0.4.5",
+    "@squawk/notams@0.3.6",
+    "@squawk/notams@0.3.7",
+    "@squawk/notams@0.3.8",
+    "@squawk/notams@0.3.9",
+    "@squawk/procedure-data@0.7.3",
+    "@squawk/procedure-data@0.7.4",
+    "@squawk/procedure-data@0.7.5",
+    "@squawk/procedure-data@0.7.6",
+    "@squawk/procedures@0.5.2",
+    "@squawk/procedures@0.5.3",
+    "@squawk/procedures@0.5.4",
+    "@squawk/procedures@0.5.5",
+    "@squawk/types@0.8.2",
+    "@squawk/types@0.8.3",
+    "@squawk/types@0.8.4",
+    "@squawk/units@0.4.3",
+    "@squawk/units@0.4.4",
+    "@squawk/units@0.4.5",
+    "@squawk/units@0.4.6",
+    "@squawk/weather@0.5.6",
+    "@squawk/weather@0.5.7",
+    "@squawk/weather@0.5.8",
+    "@squawk/weather@0.5.9",
+    "@supersurkhet/cli@0.0.2",
+    "@supersurkhet/cli@0.0.3",
+    "@supersurkhet/cli@0.0.4",
+    "@supersurkhet/cli@0.0.5",
+    "@supersurkhet/cli@0.0.6",
+    "@supersurkhet/cli@0.0.7",
+    "@supersurkhet/sdk@0.0.2",
+    "@supersurkhet/sdk@0.0.3",
+    "@supersurkhet/sdk@0.0.4",
+    "@supersurkhet/sdk@0.0.5",
+    "@supersurkhet/sdk@0.0.6",
+    "@supersurkhet/sdk@0.0.7",
+    "@tallyui/components@1.0.1",
+    "@tallyui/components@1.0.2",
+    "@tallyui/components@1.0.3",
+    "@tallyui/connector-medusa@1.0.1",
+    "@tallyui/connector-medusa@1.0.2",
+    "@tallyui/connector-medusa@1.0.3",
+    "@tallyui/connector-shopify@1.0.1",
+    "@tallyui/connector-shopify@1.0.2",
+    "@tallyui/connector-shopify@1.0.3",
+    "@tallyui/connector-vendure@1.0.1",
+    "@tallyui/connector-vendure@1.0.2",
+    "@tallyui/connector-vendure@1.0.3",
+    "@tallyui/connector-woocommerce@1.0.1",
+    "@tallyui/connector-woocommerce@1.0.2",
+    "@tallyui/connector-woocommerce@1.0.3",
+    "@tallyui/core@0.2.1",
+    "@tallyui/core@0.2.2",
+    "@tallyui/core@0.2.3",
+    "@tallyui/database@1.0.1",
+    "@tallyui/database@1.0.2",
+    "@tallyui/database@1.0.3",
+    "@tallyui/pos@0.1.1",
+    "@tallyui/pos@0.1.2",
+    "@tallyui/pos@0.1.3",
+    "@tallyui/storage-sqlite@0.2.1",
+    "@tallyui/storage-sqlite@0.2.2",
+    "@tallyui/storage-sqlite@0.2.3",
+    "@tallyui/theme@0.2.1",
+    "@tallyui/theme@0.2.2",
+    "@tallyui/theme@0.2.3",
+    "@tanstack/arktype-adapter@1.166.12",
+    "@tanstack/arktype-adapter@1.166.15",
+    "@tanstack/eslint-plugin-router@1.161.9",
+    "@tanstack/eslint-plugin-start@0.0.4",
+    "@tanstack/eslint-plugin-start@0.0.7",
+    "@tanstack/history@1.161.12",
+    "@tanstack/history@1.161.9",
+    "@tanstack/nitro-v2-vite-plugin@1.154.12",
+    "@tanstack/nitro-v2-vite-plugin@1.154.15",
+    "@tanstack/react-router-devtools@1.166.16",
+    "@tanstack/react-router-devtools@1.166.19",
+    "@tanstack/react-router-ssr-query@1.166.15",
+    "@tanstack/react-router-ssr-query@1.166.18",
+    "@tanstack/react-router@1.169.5",
+    "@tanstack/react-router@1.169.8",
+    "@tanstack/react-start-client@1.166.51",
+    "@tanstack/react-start-client@1.166.54",
+    "@tanstack/react-start-rsc@0.0.47",
+    "@tanstack/react-start-rsc@0.0.50",
+    "@tanstack/react-start-server@1.166.55",
+    "@tanstack/react-start-server@1.166.58",
+    "@tanstack/react-start@1.167.68",
+    "@tanstack/react-start@1.167.71",
+    "@tanstack/router-cli@1.166.46",
+    "@tanstack/router-cli@1.166.49",
+    "@tanstack/router-core@1.169.5",
+    "@tanstack/router-core@1.169.8",
+    "@tanstack/router-devtools-core@1.167.6",
+    "@tanstack/router-devtools-core@1.167.9",
+    "@tanstack/router-devtools@1.166.16",
+    "@tanstack/router-devtools@1.166.19",
+    "@tanstack/router-generator@1.166.45",
+    "@tanstack/router-generator@1.166.48",
+    "@tanstack/router-plugin@1.167.38",
+    "@tanstack/router-plugin@1.167.41",
+    "@tanstack/router-ssr-query-core@1.168.3",
+    "@tanstack/router-ssr-query-core@1.168.6",
+    "@tanstack/router-utils@1.161.11",
+    "@tanstack/router-utils@1.161.14",
+    "@tanstack/router-vite-plugin@1.166.53",
+    "@tanstack/router-vite-plugin@1.166.56",
+    "@tanstack/solid-router-devtools@1.166.16",
+    "@tanstack/solid-router-devtools@1.166.19",
+    "@tanstack/solid-router-ssr-query@1.166.15",
+    "@tanstack/solid-router-ssr-query@1.166.18",
+    "@tanstack/solid-router@1.169.5",
+    "@tanstack/solid-router@1.169.8",
+    "@tanstack/solid-start-client@1.166.50",
+    "@tanstack/solid-start-client@1.166.53",
+    "@tanstack/solid-start-server@1.166.54",
+    "@tanstack/solid-start-server@1.166.57",
+    "@tanstack/solid-start@1.167.65",
+    "@tanstack/solid-start@1.167.68",
+    "@tanstack/start-client-core@1.168.5",
+    "@tanstack/start-client-core@1.168.8",
+    "@tanstack/start-fn-stubs@1.161.12",
+    "@tanstack/start-fn-stubs@1.161.9",
+    "@tanstack/start-plugin-core@1.169.23",
+    "@tanstack/start-plugin-core@1.169.26",
+    "@tanstack/start-server-core@1.167.33",
+    "@tanstack/start-server-core@1.167.36",
+    "@tanstack/start-static-server-functions@1.166.44",
+    "@tanstack/start-static-server-functions@1.166.47",
+    "@tanstack/start-storage-context@1.166.38",
+    "@tanstack/start-storage-context@1.166.41",
+    "@tanstack/valibot-adapter@1.166.12",
+    "@tanstack/valibot-adapter@1.166.15",
+    "@tanstack/virtual-file-routes@1.161.10",
+    "@tanstack/virtual-file-routes@1.161.13",
+    "@tanstack/vue-router-devtools@1.166.16",
+    "@tanstack/vue-router-devtools@1.166.19",
+    "@tanstack/vue-router-ssr-query@1.166.15",
+    "@tanstack/vue-router-ssr-query@1.166.18",
+    "@tanstack/vue-router@1.169.5",
+    "@tanstack/vue-router@1.169.8",
+    "@tanstack/vue-start-client@1.166.46",
+    "@tanstack/vue-start-client@1.166.49",
+    "@tanstack/vue-start-server@1.166.50",
+    "@tanstack/vue-start-server@1.166.53",
+    "@tanstack/vue-start@1.167.61",
+    "@tanstack/vue-start@1.167.64",
+    "@tanstack/zod-adapter@1.166.12",
+    "@tanstack/zod-adapter@1.166.15",
+    "@taskflow-corp/cli@0.1.24",
+    "@taskflow-corp/cli@0.1.25",
+    "@taskflow-corp/cli@0.1.26",
+    "@taskflow-corp/cli@0.1.27",
+    "@taskflow-corp/cli@0.1.28",
+    "@taskflow-corp/cli@0.1.29",
+    "@tolka/cli@1.0.2",
+    "@tolka/cli@1.0.3",
+    "@tolka/cli@1.0.4",
+    "@tolka/cli@1.0.5",
+    "@tolka/cli@1.0.6",
+    "@uipath/access-policy-sdk@0.3.1",
+    "@uipath/access-policy-tool@0.3.1",
+    "@uipath/admin-tool@0.1.1",
+    "@uipath/agent-sdk@1.0.2",
+    "@uipath/agent-tool@1.0.1",
+    "@uipath/agent.sdk@0.0.18",
+    "@uipath/aops-policy-tool@0.3.1",
+    "@uipath/ap-chat@1.5.7",
+    "@uipath/api-workflow-tool@1.0.1",
+    "@uipath/apollo-core@5.9.2",
+    "@uipath/apollo-react@4.24.5",
+    "@uipath/apollo-wind@2.16.2",
+    "@uipath/auth@1.0.1",
+    "@uipath/case-tool@1.0.1",
+    "@uipath/cli@1.0.1",
+    "@uipath/codedagent-tool@1.0.1",
+    "@uipath/codedagents-tool@0.1.12",
+    "@uipath/codedapp-tool@1.0.1",
+    "@uipath/common@1.0.1",
+    "@uipath/context-grounding-tool@0.1.1",
+    "@uipath/data-fabric-tool@1.0.2",
+    "@uipath/docsai-tool@1.0.1",
+    "@uipath/filesystem@1.0.1",
+    "@uipath/flow-tool@1.0.2",
+    "@uipath/functions-tool@1.0.1",
+    "@uipath/gov-tool@0.3.1",
+    "@uipath/identity-tool@0.1.1",
+    "@uipath/insights-sdk@1.0.1",
+    "@uipath/insights-tool@1.0.1",
+    "@uipath/integrationservice-sdk@1.0.2",
+    "@uipath/integrationservice-tool@1.0.2",
+    "@uipath/llmgw-tool@1.0.1",
+    "@uipath/maestro-sdk@1.0.1",
+    "@uipath/maestro-tool@1.0.1",
+    "@uipath/orchestrator-tool@1.0.1",
+    "@uipath/packager-tool-apiworkflow@0.0.19",
+    "@uipath/packager-tool-bpmn@0.0.9",
+    "@uipath/packager-tool-case@0.0.9",
+    "@uipath/packager-tool-connector@0.0.19",
+    "@uipath/packager-tool-flow@0.0.19",
+    "@uipath/packager-tool-functions@0.1.1",
+    "@uipath/packager-tool-webapp@1.0.6",
+    "@uipath/packager-tool-workflowcompiler-browser@0.0.34",
+    "@uipath/packager-tool-workflowcompiler@0.0.16",
+    "@uipath/platform-tool@1.0.1",
+    "@uipath/project-packager@1.1.16",
+    "@uipath/resource-tool@1.0.1",
+    "@uipath/resourcecatalog-tool@0.1.1",
+    "@uipath/resources-tool@0.1.11",
+    "@uipath/robot@1.3.4",
+    "@uipath/rpa-legacy-tool@1.0.1",
+    "@uipath/rpa-tool@0.9.5",
+    "@uipath/solution-packager@0.0.35",
+    "@uipath/solution-tool@1.0.1",
+    "@uipath/solutionpackager-sdk@1.0.11",
+    "@uipath/solutionpackager-tool-core@0.0.34",
+    "@uipath/tasks-tool@1.0.1",
+    "@uipath/telemetry@0.0.7",
+    "@uipath/test-manager-tool@1.0.2",
+    "@uipath/tool-workflowcompiler@0.0.12",
+    "@uipath/traces-tool@1.0.1",
+    "@uipath/ui-widgets-multi-file-upload@1.0.1",
+    "@uipath/uipath-python-bridge@1.0.1",
+    "@uipath/vertical-solutions-tool@1.0.1",
+    "@uipath/vss@0.1.6",
+    "@uipath/widget.sdk@1.2.3",
+    "agentwork-cli@0.1.4",
+    "agentwork-cli@0.1.5",
+    "cmux-agent-mcp@0.1.3",
+    "cmux-agent-mcp@0.1.4",
+    "cmux-agent-mcp@0.1.5",
+    "cmux-agent-mcp@0.1.6",
+    "cmux-agent-mcp@0.1.7",
+    "cmux-agent-mcp@0.1.8",
+    "cross-stitch@1.1.3",
+    "cross-stitch@1.1.4",
+    "cross-stitch@1.1.5",
+    "cross-stitch@1.1.6",
+    "git-branch-selector@1.3.3",
+    "git-branch-selector@1.3.4",
+    "git-branch-selector@1.3.5",
+    "git-branch-selector@1.3.6",
+    "git-branch-selector@1.3.7",
+    "git-git-git@1.0.10",
+    "git-git-git@1.0.11",
+    "git-git-git@1.0.12",
+    "git-git-git@1.0.8",
+    "git-git-git@1.0.9",
+    "ml-toolkit-ts@1.0.4",
+    "ml-toolkit-ts@1.0.5",
+    "nextmove-mcp@0.1.3",
+    "nextmove-mcp@0.1.4",
+    "nextmove-mcp@0.1.5",
+    "nextmove-mcp@0.1.6",
+    "nextmove-mcp@0.1.7",
+    "safe-action@0.8.3",
+    "safe-action@0.8.4",
+    "ts-dna@3.0.1",
+    "ts-dna@3.0.2",
+    "ts-dna@3.0.3",
+    "ts-dna@3.0.4",
+    "wot-api@0.8.1",
+    "wot-api@0.8.2",
+    "wot-api@0.8.3",
+    "wot-api@0.8.4",
+}
+# Scoped namespace prefixes and unscoped package names
+SCOPED_NAMESPACES = [
+    "@beproduct/", "@dirigible-ai/", "@draftauth/", "@draftlab/",
+    "@mesadev/", "@mistralai/", "@ml-toolkit-ts/", "@squawk/",
+    "@supersurkhet/", "@tallyui/", "@tanstack/", "@taskflow-corp/",
+    "@tolka/", "@uipath/",
+]
+UNSCOPED_NAMES = [
+    "agentwork-cli", "cmux-agent-mcp", "cross-stitch", "git-branch-selector",
+    "git-git-git", "ml-toolkit-ts", "nextmove-mcp", "safe-action",
+    "ts-dna", "wot-api",
+]
+IOC_MARKERS = [
+    "router_init.js",
+    "router_runtime.js",
+    "tanstack_runner.js",
+    "@tanstack/setup",
+    "tanstack/router#79ac49eedf774dd4b0cfa308722bc463cfe5885c",
+    "ab4fcadaec49c03278063dd269ea5eef82d24f2124a8e15d7b90f2fa8601266c",
+    "2ec78d556d696e208927cc503d48e4b5eb56b31abc2870c2ed2e98d6be27fc96",
+    "getsession.org",
+    "bun run tanstack_runner",
+]
+# ── Colors ───────────────────────────────────────────────────────────────────
+if sys.stdout.isatty():
+    C_RED = "\033[0;31m"
+    C_YEL = "\033[1;33m"
+    C_GRN = "\033[0;32m"
+    C_DIM = "\033[0;90m"
+    C_CYN = "\033[0;36m"
+    C_RST = "\033[0m"
+    C_BLD = "\033[1m"
+else:
+    C_RED = C_YEL = C_GRN = C_DIM = C_CYN = C_RST = C_BLD = ""
+def is_compromised_namespace(name):
+    for ns in SCOPED_NAMESPACES:
+        if name.startswith(ns):
+            return True
+    return name in UNSCOPED_NAMES
+def matching_namespace(name):
+    for ns in SCOPED_NAMESPACES:
+        if name.startswith(ns):
+            return ns
+    if name in UNSCOPED_NAMES:
+        return name
+    return None
+# ── Lockfile parsers ─────────────────────────────────────────────────────────
+# Each returns: {pkg_name: {version, dev, dependencies: {name: range}, peers: {name: range}}}
+def parse_npm_v3(data):
+    """Parse npm lockfile v2/v3 (flat packages section)."""
+    pkgs = data.get("packages", {})
+    result = {}
+    root_entry = pkgs.get("", {})
+    root_deps = set(root_entry.get("dependencies", {}).keys())
+    root_dev_deps = set(root_entry.get("devDependencies", {}).keys())
+    for key, val in pkgs.items():
+        if not key or not isinstance(val, dict):
+            continue
+        name = key.rsplit("node_modules/", 1)[-1]
+        version = val.get("version", "")
+        if not version:
+            continue
+        is_dev = val.get("dev", False) or val.get("devOptional", False)
+        deps = {}
+        for dep_name in val.get("dependencies", {}):
+            deps[dep_name] = val["dependencies"][dep_name]
+        for dep_name in val.get("optionalDependencies", {}):
+            deps[dep_name] = val["optionalDependencies"][dep_name]
+        peers = dict(val.get("peerDependencies", {}))
+        result[name] = {
+            "version": version,
+            "dev": is_dev,
+            "dependencies": deps,
+            "peers": peers,
+        }
+    return result, root_deps, root_dev_deps
+def parse_npm_v1(data):
+    """Parse npm lockfile v1 (nested dependencies)."""
+    result = {}
+    root_pkg = data.get("dependencies", {})
+    root_deps = set(root_pkg.keys())
+    root_dev_deps = set(data.get("devDependencies", {}).keys())
+    def walk(deps, dev_context=False):
+        for name, val in deps.items():
+            if not isinstance(val, dict):
+                continue
+            version = val.get("version", "")
+            if not version:
+                continue
+            is_dev = val.get("dev", False) or dev_context
+            dep_deps = {}
+            for d, v in val.get("requires", {}).items():
+                dep_deps[d] = v
+            result[name] = {
+                "version": version,
+                "dev": is_dev,
+                "dependencies": dep_deps,
+                "peers": {},
+            }
+            walk(val.get("dependencies", {}), is_dev)
+    walk(root_pkg)
+    return result, root_deps, root_dev_deps
+def parse_npm_lockfile(path):
+    """Parse npm/shrinkwrap lockfile, auto-detecting v1 vs v2/v3."""
+    with open(path) as f:
+        data = json.load(f)
+    if data.get("packages") is not None:
+        return parse_npm_v3(data)
+    return parse_npm_v1(data)
+def parse_yarn_lockfile(path):
+    """Parse yarn.lock (classic or berry)."""
+    result = {}
+    root_deps = set()
+    root_dev_deps = set()
+    with open(path) as f:
+        content = f.read()
+    current_pkg = None
+    for line in content.splitlines():
+        if not line or line.startswith("#"):
+            continue
+        if not line[0].isspace() and "@" in line:
+            raw = line.rstrip(":")
+            raw = raw.strip('"')
+            parts = raw.split(",")
+            first = parts[0].strip().strip('"')
+            if first.startswith("@"):
+                at_pos = first.index("@", 1)
+                current_pkg = first[:at_pos]
+            else:
+                at_pos = first.index("@")
+                current_pkg = first[:at_pos]
+            root_deps.add(current_pkg)
+            continue
+        if current_pkg and line.strip().startswith("version"):
+            ver = line.split()[-1].strip('"').strip("'")
+            if ver and ver[0].isdigit():
+                result[current_pkg] = {
+                    "version": ver,
+                    "dev": False,
+                    "dependencies": {},
+                    "peers": {},
+                }
+            current_pkg = None
+    return result, root_deps, root_dev_deps
+def parse_pnpm_lockfile(path):
+    """Parse pnpm-lock.yaml (v6 and v9 formats)."""
+    result = {}
+    root_deps = set()
+    root_dev_deps = set()
+    with open(path) as f:
+        content = f.read()
+    # v6: /@scope/name/1.2.3: or /name/1.2.3:
+    for m in re.finditer(r"/(@[^/]+/[^/]+|[^@/\s][^/\s]*)/([0-9][^:\s]+)", content):
+        name, ver = m.group(1), m.group(2)
+        if name not in result:
+            result[name] = {
+                "version": ver,
+                "dev": False,
+                "dependencies": {},
+                "peers": {},
+            }
+    # v9: '@scope/name@1.2.3': or 'name@1.2.3':
+    for m in re.finditer(r"'([^']+)@(\d[^']*)'", content):
+        name, ver = m.group(1), m.group(2)
+        if name not in result:
+            result[name] = {
+                "version": ver,
+                "dev": False,
+                "dependencies": {},
+                "peers": {},
+            }
+    return result, root_deps, root_dev_deps
+def detect_and_parse(path):
+    """Auto-detect lockfile format and parse it."""
+    name = os.path.basename(path).lower()
+    if "yarn" in name and name.endswith(".lock"):
+        return parse_yarn_lockfile(path)
+    if "pnpm" in name and name.endswith(".yaml"):
+        return parse_pnpm_lockfile(path)
+    if "package-lock" in name or "shrinkwrap" in name:
+        return parse_npm_lockfile(path)
+    with open(path) as f:
+        head = f.read(512)
+    if head.lstrip().startswith("{"):
+        return parse_npm_lockfile(path)
+    if "lockfileVersion" in head:
+        return parse_pnpm_lockfile(path)
+    return parse_yarn_lockfile(path)
+# ── Graph analysis ───────────────────────────────────────────────────────────
+def build_forward_graph(packages):
+    """Build name -> set of dependency names from lockfile data."""
+    graph = defaultdict(set)
+    for pkg_name, info in packages.items():
+        for dep_name in info.get("dependencies", {}):
+            graph[pkg_name].add(dep_name)
+        for dep_name in info.get("peers", {}):
+            graph[pkg_name].add(dep_name)
+    return graph
+def build_reverse_graph(packages):
+    """For each package, find all packages that depend on it."""
+    rev = defaultdict(set)
+    for pkg_name, info in packages.items():
+        for dep_name in info.get("dependencies", {}):
+            if dep_name in packages:
+                rev[dep_name].add(pkg_name)
+        for dep_name in info.get("peers", {}):
+            if dep_name in packages:
+                rev[dep_name].add(pkg_name)
+    return rev
+def trace_chains_to_root(target, reverse_graph, root_deps, root_dev_deps):
+    """BFS from target back to root. Returns list of (chain, dep_type) tuples.
+    dep_type is 'dep' or 'devDep' based on whether the root-level entry is
+    in dependencies or devDependencies."""
+    chains = []
+    queue = deque()
+    queue.append([target])
+    visited = {target}
+    while queue:
+        path = queue.popleft()
+        head = path[-1]
+        if head in root_deps or head in root_dev_deps:
+            dep_type = "devDep" if head in root_dev_deps and head not in root_deps else "dep"
+            chain = list(reversed(path))
+            chains.append((chain, dep_type))
+            continue
+        parents = reverse_graph.get(head, set())
+        if not parents:
+            chain = list(reversed(path))
+            chains.append((chain, "?"))
+            continue
+        for parent in parents:
+            if parent not in visited:
+                visited.add(parent)
+                queue.append(path + [parent])
+    return chains
+# ── T4 Shadow: check devDependencies of installed packages ──────────────────
+def check_shadow_from_node_modules(lockfile_path, packages):
+    """Check node_modules on disk near the lockfile for T4 shadow deps."""
+    lockdir = os.path.dirname(os.path.abspath(lockfile_path))
+    nm_dir = os.path.join(lockdir, "node_modules")
+    shadows = {}
+    if not os.path.isdir(nm_dir):
+        return shadows
+    for pkg_name in packages:
+        parts = pkg_name.split("/")
+        if pkg_name.startswith("@"):
+            pjson = os.path.join(nm_dir, parts[0], parts[1], "package.json")
+        else:
+            pjson = os.path.join(nm_dir, parts[0], "package.json")
+        if not os.path.isfile(pjson):
+            continue
+        try:
+            with open(pjson) as f:
+                meta = json.load(f)
+        except (json.JSONDecodeError, OSError):
+            continue
+        dev_deps = meta.get("devDependencies", {})
+        if not dev_deps:
+            continue
+        refs = []
+        for dep_name in dev_deps:
+            ns = matching_namespace(dep_name)
+            if ns:
+                refs.append(dep_name)
+        if refs:
+            shadows[pkg_name] = refs
+    return shadows
+def _fetch_shadow_for_pkg(pkg_name, version):
+    """Fetch one package from registry, return (pkg_name, refs) or None."""
+    url = f"https://registry.npmjs.org/{pkg_name}/{version}"
+    try:
+        req = urllib.request.Request(url, headers={"Accept": "application/json"})
+        with urllib.request.urlopen(req, timeout=10) as resp:
+            meta = json.loads(resp.read())
+    except (urllib.error.URLError, urllib.error.HTTPError, OSError, json.JSONDecodeError):
+        return None
+    dev_deps = meta.get("devDependencies", {})
+    if not dev_deps:
+        return None
+    refs = [d for d in dev_deps if matching_namespace(d)]
+    return (pkg_name, refs) if refs else None
+def check_shadow_from_registry(packages):
+    """Fetch package metadata from npm registry for T4 shadow deps."""
+    shadows = {}
+    candidates = {k: v for k, v in packages.items() if not is_compromised_namespace(k)}
+    total = len(candidates)
+    checked = 0
+    with ThreadPoolExecutor(max_workers=20) as pool:
+        futures = {
+            pool.submit(_fetch_shadow_for_pkg, name, info["version"]): name
+            for name, info in candidates.items()
+        }
+        for future in as_completed(futures):
+            checked += 1
+            if sys.stderr.isatty():
+                sys.stderr.write(f"\r  registry: {checked}/{total}    ")
+                sys.stderr.flush()
+            result = future.result()
+            if result:
+                shadows[result[0]] = result[1]
+    if sys.stderr.isatty():
+        sys.stderr.write("\r" + " " * 60 + "\r")
+        sys.stderr.flush()
+    return shadows
+# ── IOC scan ─────────────────────────────────────────────────────────────────
+def scan_iocs_in_file(path):
+    """Grep for IOC markers in a file."""
+    hits = []
+    try:
+        with open(path, errors="replace") as f:
+            content = f.read()
+    except OSError:
+        return hits
+    for marker in IOC_MARKERS:
+        if marker in content:
+            hits.append(marker)
+    return hits
+def scan_payload_files(root):
+    """Find payload files on disk."""
+    payloads = []
+    bad_names = {"router_init.js", "router_runtime.js", "tanstack_runner.js"}
+    bad_hashes = {
+        "ab4fcadaec49c03278063dd269ea5eef82d24f2124a8e15d7b90f2fa8601266c",
+        "2ec78d556d696e208927cc503d48e4b5eb56b31abc2870c2ed2e98d6be27fc96",
+    }
+    for dirpath, dirnames, filenames in os.walk(root):
+        dirnames[:] = [d for d in dirnames if d not in (".git",)]
+        for fname in filenames:
+            if fname in bad_names:
+                fpath = os.path.join(dirpath, fname)
+                try:
+                    import hashlib
+                    sha = hashlib.sha256(open(fpath, "rb").read()).hexdigest()
+                except OSError:
+                    sha = ""
+                if sha in bad_hashes:
+                    payloads.append((fpath, "COMPROMISED"))
+                else:
+                    payloads.append((fpath, "IOC"))
+    return payloads
+# ── Output formatting ────────────────────────────────────────────────────────
+def fmt_chain(chain, dep_type):
+    arrow = f" {C_DIM}->{C_RST} "
+    return f"({dep_type}): {arrow.join(chain)}"
+def print_finding(tier, label, pkg, detail, chains=None):
+    tier_colors = {
+        "T1": C_RED,
+        "T2": C_YEL,
+        "T3": C_YEL,
+        "T4": C_CYN,
+    }
+    color = tier_colors.get(tier, "")
+    print(f"  {color}{tier} {label}{C_RST}  {C_BLD}{pkg}{C_RST}")
+    if detail:
+        print(f"    {C_DIM}{detail}{C_RST}")
+    if chains:
+        for chain, dep_type in chains:
+            print(f"    chain {fmt_chain(chain, dep_type)}")
+# ── Main analysis ────────────────────────────────────────────────────────────
+def find_lockfiles(root):
+    lockfile_names = {
+        "package-lock.json", "yarn.lock", "pnpm-lock.yaml", "npm-shrinkwrap.json",
+    }
+    results = []
+    for dirpath, dirnames, filenames in os.walk(root):
+        dirnames[:] = [d for d in dirnames if d not in ("node_modules", ".git")]
+        for fname in filenames:
+            if fname in lockfile_names:
+                results.append(os.path.join(dirpath, fname))
+    return results
+def analyze_lockfile(path, deep=False):
+    """Analyze one lockfile. Returns (t1_count, t2_count, t3_count, t4_count, ioc_count)."""
+    counts = {"t1": 0, "t2": 0, "t3": 0, "t4": 0, "ioc": 0}
+    try:
+        packages, root_deps, root_dev_deps = detect_and_parse(path)
+    except (json.JSONDecodeError, OSError) as e:
+        print(f"  {C_RED}ERROR{C_RST} failed to parse: {e}")
+        return counts
+    if not packages:
+        print(f"  {C_DIM}(no packages found){C_RST}")
+        return counts
+    reverse_graph = build_reverse_graph(packages)
+    # T1: exact bad version match
+    for pkg_name, info in packages.items():
+        pair = f"{pkg_name}@{info['version']}"
+        if pair in BAD_VERSIONS:
+            chains = trace_chains_to_root(pkg_name, reverse_graph, root_deps, root_dev_deps)
+            print_finding("T1", "COMPROMISED", pair,
+                          "exact match against known-bad version", chains)
+            counts["t1"] += 1
+    # T2/T3: packages from compromised namespaces in the tree
+    for pkg_name, info in packages.items():
+        pair = f"{pkg_name}@{info['version']}"
+        if pair in BAD_VERSIONS:
+            continue
+        if not is_compromised_namespace(pkg_name):
+            continue
+        if pkg_name in root_deps:
+            print_finding("T2", "DIRECT", pair,
+                          "root dependency from compromised namespace")
+            counts["t2"] += 1
+        elif pkg_name in root_dev_deps:
+            print_finding("T2", "DIRECT", pair,
+                          "root devDependency from compromised namespace")
+            counts["t2"] += 1
+        else:
+            chains = trace_chains_to_root(pkg_name, reverse_graph, root_deps, root_dev_deps)
+            print_finding("T3", "TRANSITIVE", pair,
+                          "transitive dep from compromised namespace", chains)
+            counts["t3"] += 1
+    # Peer/optional deps referencing compromised namespaces (not installed but declared)
+    try:
+        with open(path, errors="replace") as f:
+            raw = f.read()
+    except OSError:
+        raw = ""
+    for ns in SCOPED_NAMESPACES + UNSCOPED_NAMES:
+        if ns in raw:
+            installed = any(
+                pkg_name.startswith(ns) if ns.endswith("/") else pkg_name == ns
+                for pkg_name in packages
+            )
+            if not installed:
+                for pkg_name, info in packages.items():
+                    peers = info.get("peers", {})
+                    for peer_name in peers:
+                        if peer_name.startswith(ns) if ns.endswith("/") else peer_name == ns:
+                            chains = trace_chains_to_root(pkg_name, reverse_graph, root_deps, root_dev_deps)
+                            print_finding("T3", "PEER REF", f"{pkg_name}@{info['version']}",
+                                          f"peerDependency references {peer_name} (not installed)",
+                                          chains)
+                            counts["t3"] += 1
+    # T4: shadow devDependencies
+    lockdir = os.path.dirname(os.path.abspath(path))
+    has_nm = os.path.isdir(os.path.join(lockdir, "node_modules"))
+    shadows = check_shadow_from_node_modules(path, packages) if has_nm else {}
+    if not shadows and deep:
+        print(f"  {C_DIM}(fetching from npm registry...){C_RST}")
+        shadows = check_shadow_from_registry(packages)
+    if not has_nm and not deep:
+        print(f"  {C_DIM}(T4 skipped: no node_modules on disk; use --deep for registry check){C_RST}")
+    for pkg_name, refs in shadows.items():
+        info = packages[pkg_name]
+        chains = trace_chains_to_root(pkg_name, reverse_graph, root_deps, root_dev_deps)
+        ref_str = ", ".join(refs)
+        print_finding("T4", "SHADOW", f"{pkg_name}@{info['version']}",
+                      f"devDependencies reference {ref_str}", chains)
+        counts["t4"] += 1
+    # IOC markers in lockfile
+    iocs = scan_iocs_in_file(path)
+    for marker in iocs:
+        print(f"  {C_RED}T1 IOC{C_RST}      {marker}")
+        counts["ioc"] += 1
+    return counts
+def main():
+    args = sys.argv[1:]
+    deep = "--deep" in args
+    if deep:
+        args.remove("--deep")
+    paths = args if args else ["."]
+    lockfiles = []
+    for p in paths:
+        if os.path.isfile(p):
+            lockfiles.append(p)
+        elif os.path.isdir(p):
+            lockfiles.extend(find_lockfiles(p))
+        else:
+            print(f"{C_RED}Not found:{C_RST} {p}", file=sys.stderr)
+    if not lockfiles:
+        print("No lockfiles found.")
+        sys.exit(0)
+    print(f"Scanning {len(lockfiles)} lockfile(s) for Mini Shai-Hulud supply chain attack...\n")
+    totals = {"t1": 0, "t2": 0, "t3": 0, "t4": 0, "ioc": 0}
+    for lf in lockfiles:
+        print(f"{C_DIM}== {lf} =={C_RST}")
+        counts = analyze_lockfile(lf, deep=deep)
+        for k in totals:
+            totals[k] += counts[k]
+        if all(v == 0 for v in counts.values()):
+            print(f"  {C_GRN}Clean{C_RST}")
+        print()
+    # Payload files on disk
+    dirs_checked = set()
+    for lf in lockfiles:
+        d = os.path.dirname(os.path.abspath(lf))
+        if d not in dirs_checked:
+            dirs_checked.add(d)
+            payloads = scan_payload_files(d)
+            for fpath, severity in payloads:
+                if severity == "COMPROMISED":
+                    print(f"  {C_RED}T1 PAYLOAD{C_RST}  Malicious file: {fpath}")
+                    totals["t1"] += 1
+                else:
+                    print(f"  {C_YEL}T1 IOC{C_RST}      Suspicious filename: {fpath}")
+                    totals["ioc"] += 1
+    # Summary
+    critical = totals["t1"] + totals["ioc"]
+    review = totals["t2"] + totals["t3"]
+    shadow = totals["t4"]
+    print(f"{C_BLD}Summary:{C_RST}")
+    if critical > 0:
+        print(f"  {C_RED}{critical} confirmed finding(s) (T1/IOC){C_RST}")
+        print("  If npm/yarn/pnpm install ran with a compromised version, assume credential theft.")
+        print("  Rotate: npm tokens, GitHub tokens/OIDC, AWS creds, Vault tokens, CI/CD secrets.")
+    if review > 0:
+        print(f"  {C_YEL}{review} namespace hit(s) in dependency tree (T2/T3){C_RST}")
+        print("  Verify these packages are on clean versions.")
+    if shadow > 0:
+        print(f"  {C_CYN}{shadow} shadow devDependency reference(s) (T4){C_RST}")
+        print("  These packages' build tooling was targeted. Monitor for future compromise.")
+    if critical == 0 and review == 0 and shadow == 0:
+        print(f"  {C_GRN}Clean: no compromised versions, IOC markers, or affected namespaces found.{C_RST}")
+    if critical > 0:
+        print(f"\n  Details: https://www.aikido.dev/blog/mini-shai-hulud-is-back-tanstack-compromised")
+        sys.exit(1)
+    sys.exit(0)
+if __name__ == "__main__":
+    main()