vanguard-cli 3.1.17 → 3.1.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/vanguard.js +32 -1
- package/package.json +1 -1
- package/vanguard-malware-lab/core.js +0 -12
- package/vanguard-malware-lab/package.json +0 -11
package/bin/vanguard.js
CHANGED
|
@@ -45,7 +45,38 @@ async function handleAction(actionName, logicFn) {
|
|
|
45
45
|
]);
|
|
46
46
|
|
|
47
47
|
if (!proceed) {
|
|
48
|
-
console.log('⚠️ Skipping protection. Proceeding at your own risk.');
|
|
48
|
+
console.log(chalk.yellow('⚠️ Skipping protection. Proceeding at your own risk.'));
|
|
49
|
+
|
|
50
|
+
// If the user skips Vanguard, we must execute the original git command
|
|
51
|
+
if (actionName === 'CLONE') {
|
|
52
|
+
// Reconstruct arguments
|
|
53
|
+
const args = process.argv.slice(3); // Remove node, bin, clone
|
|
54
|
+
// This is a simplified fallback. In a real integration, we'd want to execSync/spawn
|
|
55
|
+
// "git clone ..." but since we are inside a node process wrapping git,
|
|
56
|
+
// we can suggest the user run usage logic or attempt spawn.
|
|
57
|
+
|
|
58
|
+
// However, for the 'integrate' shell function, if 'vanguard' exits with 0 and no output,
|
|
59
|
+
// the shell function expects to be done.
|
|
60
|
+
// The Shell Integration logic:
|
|
61
|
+
// if [ "$1" = "clone" ] ... vanguard clone ... else git clone ...
|
|
62
|
+
|
|
63
|
+
// If we return here, Vanguard finishes. The shell wrapper won't run `git clone` because
|
|
64
|
+
// it delegated the job to `vanguard clone`.
|
|
65
|
+
|
|
66
|
+
// SO: We must actually perform the git clone ourselves now, or exit with a specific code
|
|
67
|
+
// that tells the shell wrapper to fallback (complex).
|
|
68
|
+
|
|
69
|
+
// Easiest path: Spawn 'git' directly here.
|
|
70
|
+
const { spawn } = await import('child_process');
|
|
71
|
+
const gitArgs = [actionName.toLowerCase(), ...process.argv.slice(3)];
|
|
72
|
+
|
|
73
|
+
const child = spawn('git', gitArgs, { stdio: 'inherit', shell: true });
|
|
74
|
+
child.on('close', (code) => {
|
|
75
|
+
process.exit(code);
|
|
76
|
+
});
|
|
77
|
+
// We return promise to await exit
|
|
78
|
+
return new Promise(() => { });
|
|
79
|
+
}
|
|
49
80
|
return;
|
|
50
81
|
}
|
|
51
82
|
|
package/package.json
CHANGED
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* 🚨 THREAT VECTOR: PROJECT_OMEGA (MOCK)
|
|
3
|
-
* This file contains the mock threat signature we added to lib/threats.json.
|
|
4
|
-
*/
|
|
5
|
-
|
|
6
|
-
function initializeSystem() {
|
|
7
|
-
console.log("System initializing...");
|
|
8
|
-
}
|
|
9
|
-
|
|
10
|
-
// ALERT: PROJECT_OMEGA sequence initiated
|
|
11
|
-
const secretKey = "SG0uLi4uIHRoaXMgaXMgYSBzZWNyZXQ=";
|
|
12
|
-
initializeSystem();
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"name": "vanguard-malware-lab",
|
|
3
|
-
"version": "1.0.0",
|
|
4
|
-
"description": "Educational test repository for supply chain security auditing.",
|
|
5
|
-
"scripts": {
|
|
6
|
-
"postinstall": "node ./scripts/postinstall.js"
|
|
7
|
-
},
|
|
8
|
-
"dependencies": {
|
|
9
|
-
"axios": "^1.6.0"
|
|
10
|
-
}
|
|
11
|
-
}
|