zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-17 22:33:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add platform and supply-chain audit commands (#1926)

Browse Source
This commit is contained in:
Affaan Mustafa
2026-05-15 08:06:26 -04:00
committed by GitHub
parent ee85e1482e
commit 13585f1092
10 changed files with 1049 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
tests/ci/scan-supply-chain-iocs.test.js
View File

@@ -154,6 +154,21 @@ function run() {
});
})) passed++; else failed++;
if (test('does not flag benign substrings in clean package scripts', () => {
withFixture({
'node_modules/uuid/package.json': JSON.stringify({
name: 'uuid',
version: '9.0.1',
scripts: {
test: 'BABEL_ENV=commonjsNode node --throw-deprecation node_modules/.bin/jest test/unit/',
},
}, null, 2),
}, rootDir => {
const result = scanSupplyChainIocs({ rootDir });
assert.deepStrictEqual(result.findings, []);
});
})) passed++; else failed++;
if (test('rejects malicious optional dependency markers', () => {
withFixture({
'package-lock.json': JSON.stringify({
@@ -241,7 +256,6 @@ function run() {
assert.ok(indicators.includes('claude@users.noreply.github.com'));
assert.ok(indicators.includes('dependabout/'));
assert.ok(indicators.includes('signalservice'));
assert.ok(indicators.includes('snode'));
});
})) passed++; else failed++;