diff --git a/securityCheck.ps1 b/securityCheck.ps1 new file mode 100644 index 0000000..0025948 --- /dev/null +++ b/securityCheck.ps1 @@ -0,0 +1,68 @@ +# List of suspicious authors/packages to check for +$authors = @( + "art-ws", + "ahmedhfarag", + "rxap", + "crowdstrike", + "ctrl", + "hestjs", + "nativescript-community", + "nexe", + "operato", + "nstudio", + "teselagen", + "thangved", + "hings-factory", + "nf-dev", + "ui-ux-gang", + "yoobic", + "N/A" + # add the rest here... +) + + +$outFile = "npm-scan-results.txt" +"=== NPM Security Scan Results ($(Get-Date)) ===" | Out-File $outFile + + +"--- Checking package-lock.json files ---" | Out-File $outFile -Append +Get-ChildItem -Recurse -Filter "package-lock.json" | ForEach-Object { + $matches = Select-String -Path $_.FullName -Pattern ($authors -join "|") + if ($matches) { + "Found in: $($_.FullName)" | Out-File $outFile -Append + $matches | ForEach-Object { $_.Line } | Out-File $outFile -Append + "" | Out-File $outFile -Append + } +} + +"--- Checking node_modules directories ---" | Out-File $outFile -Append +Get-ChildItem -Recurse -Directory -Filter "node_modules" | ForEach-Object { + $path = $_.FullName + try { + $result = npm ls --prefix $path --all 2>$null | findstr /i ($authors -join " ") + if ($result) { + "Found in node_modules at: $path" | Out-File $outFile -Append + $result | Out-File $outFile -Append + "" | Out-File $outFile -Append + } + } + catch { + # ignore npm errors + } +} + + +"--- Checking global npm installs ---" | Out-File $outFile -Append +try { + $global = npm ls -g --depth=0 2>$null | findstr /i ($authors -join " ") + if ($global) { + "Found in GLOBAL npm installs:" | Out-File $outFile -Append + $global | Out-File $outFile -Append + } +} +catch { + # ignore npm errors +} + +"=== Scan Complete ===" | Out-File $outFile -Append +Write-Host "Scan complete. Results saved to $outFile" \ No newline at end of file