Skip to content

feat: Update affected packages#3

Merged
holgerb merged 3 commits into
mainfrom
feat/update-affected-packges
Dec 5, 2025
Merged

feat: Update affected packages#3
holgerb merged 3 commits into
mainfrom
feat/update-affected-packges

Conversation

@holgerb

@holgerb holgerb commented Dec 4, 2025

Copy link
Copy Markdown

No description provided.

@holgerb holgerb self-assigned this Dec 4, 2025
@holgerb holgerb marked this pull request as ready for review December 5, 2025 07:17
@holgerb holgerb requested a review from Copilot December 5, 2025 07:17

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request updates the Shai-Hulud attack tracking data to include newly discovered compromised npm packages from December 2025, expanding the affected package list from 738 to 996 packages.

Key changes:

  • Added 258 new compromised packages with their affected versions to the banned packages database
  • Updated metadata to reflect December 2025 detection date and revised package counts
  • Updated documentation to reflect the expanded scope of the attack

Reviewed changes

Copilot reviewed 2 out of 9 changed files in this pull request and generated 2 comments.

File Description
prevention/bannedpackages.csv Added 996 rows of compromised package data including package names, versions, severity levels, and detection metadata
prevention/banned-packages.yaml Updated metadata including last_updated date (2025-12-04), total_packages count (996), and severity distribution; added 258 new package entries
README.md Added new section documenting December 2025 update with revised package counts (996+ packages, 1647+ unique combinations)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread prevention/bannedpackages.csv
Comment thread prevention/banned-packages.yaml
@holgerb holgerb changed the title feat: update affected packges feat: Update affected packages Dec 5, 2025
@holgerb holgerb merged commit b9d724f into main Dec 5, 2025
7 checks passed
@holgerb holgerb deleted the feat/update-affected-packges branch December 17, 2025 13:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants