From f575cc16313d2c8250f81e0e9d51ce8ad7011d73 Mon Sep 17 00:00:00 2001 From: Holger Bergunde Date: Fri, 28 Nov 2025 16:57:25 +0100 Subject: [PATCH] feat(otto-url): Move to affected packages from otto to prevent pollution from external repo. --- prevention/block-shai-hulud.sh | 4 ++-- prevention/github-actions/shai-hulud-blocking.yml | 6 +++--- shai_hulud_scanner.js | 2 +- shai_hulud_scanner.py | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/prevention/block-shai-hulud.sh b/prevention/block-shai-hulud.sh index 1a0c433..6c0765c 100755 --- a/prevention/block-shai-hulud.sh +++ b/prevention/block-shai-hulud.sh @@ -166,12 +166,12 @@ download_scanner() { TEMP_DIR=$(mktemp -d) # Download scanner files - if ! curl -sSL https://raw.githubusercontent.com/rapticore/OreNPMGuard/main/shai_hulud_scanner.py -o "$TEMP_DIR/shai_hulud_scanner.py"; then + if ! curl -sSL https://raw.githubusercontent.com/rapticore/otto-de/main/shai_hulud_scanner.py -o "$TEMP_DIR/shai_hulud_scanner.py"; then log_error "Failed to download Python scanner" return 1 fi - if ! curl -sSL https://raw.githubusercontent.com/rapticore/OreNPMGuard/main/affected_packages.yaml -o "$TEMP_DIR/affected_packages.yaml"; then + if ! curl -sSL https://raw.githubusercontent.com/rapticore/otto-de/main/affected_packages.yaml -o "$TEMP_DIR/affected_packages.yaml"; then log_error "Failed to download package database" return 1 fi diff --git a/prevention/github-actions/shai-hulud-blocking.yml b/prevention/github-actions/shai-hulud-blocking.yml index 764f444..706695a 100644 --- a/prevention/github-actions/shai-hulud-blocking.yml +++ b/prevention/github-actions/shai-hulud-blocking.yml @@ -44,9 +44,9 @@ jobs: - name: 🚨 Download OreNPMGuard Scanner run: | echo "🔍 Downloading latest OreNPMGuard scanner..." - curl -sSL https://raw.githubusercontent.com/rapticore/OreNPMGuard/main/shai_hulud_scanner.py -o shai_hulud_scanner.py - curl -sSL https://raw.githubusercontent.com/rapticore/OreNPMGuard/main/shai_hulud_scanner.js -o shai_hulud_scanner.js - curl -sSL https://raw.githubusercontent.com/rapticore/OreNPMGuard/main/affected_packages.yaml -o affected_packages.yaml + curl -sSL https://raw.githubusercontent.com/otto-de/OreNPMGuard/main/shai_hulud_scanner.py -o shai_hulud_scanner.py + curl -sSL https://raw.githubusercontent.com/otto-de/OreNPMGuard/main/shai_hulud_scanner.js -o shai_hulud_scanner.js + curl -sSL https://raw.githubusercontent.com/otto-de/OreNPMGuard/main/affected_packages.yaml -o affected_packages.yaml chmod +x shai_hulud_scanner.py shai_hulud_scanner.js - name: 🔍 Scan package.json files diff --git a/shai_hulud_scanner.js b/shai_hulud_scanner.js index e6166a2..0098c4c 100644 --- a/shai_hulud_scanner.js +++ b/shai_hulud_scanner.js @@ -39,7 +39,7 @@ const SHAI_HULUD_IOCS = { dockerPrivilegeEscalationPattern: /docker\s+run\s+--rm\s+--privileged\s+-v\s+\/:\/host/ }; -const GITHUB_YAML_URL = "https://raw.githubusercontent.com/rapticore/OreNPMGuard/main/affected_packages.yaml"; +const GITHUB_YAML_URL = "https://raw.githubusercontent.com/otto-de/OreNPMGuard/main/affected_packages.yaml"; // Global cache for affected packages data let _affectedPackagesCache = null; diff --git a/shai_hulud_scanner.py b/shai_hulud_scanner.py index a4ea1b5..19e6584 100644 --- a/shai_hulud_scanner.py +++ b/shai_hulud_scanner.py @@ -43,7 +43,7 @@ 'docker_privilege_escalation_pattern': r'docker\s+run\s+--rm\s+--privileged\s+-v\s+/:/host' } -GITHUB_YAML_URL = "https://raw.githubusercontent.com/rapticore/OreNPMGuard/main/affected_packages.yaml" +GITHUB_YAML_URL = "https://raw.githubusercontent.com/otto-de/OreNPMGuard/main/affected_packages.yaml" # Global cache for affected packages data _affected_packages_cache = None