{"id":47596163,"url":"https://github.com/homeofe/supply-chain-guard","last_synced_at":"2026-05-08T07:09:27.961Z","repository":{"id":345437282,"uuid":"1185867580","full_name":"homeofe/supply-chain-guard","owner":"homeofe","description":"Open-source supply-chain security scanner for npm, PyPI, and VS Code extensions. Detects GlassWorm and similar malware campaigns.","archived":false,"fork":false,"pushed_at":"2026-04-26T05:27:46.000Z","size":731,"stargazers_count":1,"open_issues_count":0,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-26T07:05:04.098Z","etag":null,"topics":["cli","elvatis","github-action","glassworm","malware-detection","npm","scanner","security","supply-chain"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/homeofe.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-19T02:46:03.000Z","updated_at":"2026-04-26T05:27:50.000Z","dependencies_parsed_at":null,"dependency_job_id":"7d48a549-ebe4-45e0-8788-55a41ac0ace9","html_url":"https://github.com/homeofe/supply-chain-guard","commit_stats":null,"previous_names":["homeofe/supply-chain-guard"],"tags_count":22,"template":false,"template_full_name":null,"purl":"pkg:github/homeofe/supply-chain-guard","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/homeofe%2Fsupply-chain-guard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/homeofe%2Fsupply-chain-guard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/homeofe%2Fsupply-chain-guard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/homeofe%2Fsupply-chain-guard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/homeofe","download_url":"https://codeload.github.com/homeofe/supply-chain-guard/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/homeofe%2Fsupply-chain-guard/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32558899,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T03:21:47.309Z","status":"ssl_error","status_checked_at":"2026-05-03T03:21:43.884Z","response_time":103,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","elvatis","github-action","glassworm","malware-detection","npm","scanner","security","supply-chain"],"created_at":"2026-04-01T18:05:49.746Z","updated_at":"2026-05-03T07:08:53.772Z","avatar_url":"https://github.com/homeofe.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# supply-chain-guard\n\nOpen-source supply-chain security scanner for npm, PyPI, Cargo, Go, Docker, Terraform, VS Code extensions, GitHub Actions and GitHub repositories. Detects malware campaigns (GlassWorm, Vidar, Shai-Hulud), fake AI tool repos, account takeovers, and 170+ threat indicators. Generates CycloneDX 1.6 SBOMs with real dependency inventories, verifies SLSA provenance, and correlates findings into attack-chain incidents.\n\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[![Node.js](https://img.shields.io/badge/Node.js-%3E%3D20-green)](https://nodejs.org)\n[![npm](https://img.shields.io/npm/v/supply-chain-guard)](https://www.npmjs.com/package/supply-chain-guard)\n\n## Background\n\nFor a deep dive into how GlassWorm infiltrates the software supply chain and the detection techniques behind this tool, read the blog post: [How GlassWorm Gets In and How We Locked It Out](https://blog.elvatis.com/how-glassworm-gets-in-and-how-we-locked-it-out/).\n\n## What It Detects\n\n### Malware Campaigns\n- GlassWorm campaign markers and Solana blockchain C2\n- Vidar/GhostSocks infostealers (April 2026 Claude Code leak campaign)\n- Shai-Hulud self-replicating npm worm\n- XZ Utils backdoor (CVE-2024-3094), SolarWinds SUNBURST, Codecov, ua-parser-js, coa/rc\n- Fake AI tool repos (Claude Code, Copilot, Cursor, ChatGPT, OpenClaw lures)\n\n### Code-Level Threats\n- Obfuscated execution: eval+atob, eval+Buffer.from, template literal eval, dynamic `import()`\n- Invisible Unicode, RTL override, SVG script injection, steganography\n- Shannon entropy analysis for encoded payloads\n- Proxy handler traps, WebAssembly from external sources\n\n### Supply Chain Attacks\n- Install hook deep analysis (secret harvesting, download-exec chains, binary blobs)\n- Levenshtein-based typosquatting detection against top 100 npm packages with known-safe whitelist\n- Dependency confusion and namespace squatting\n- Known-bad version blocklist (axios, ua-parser-js, coa, rc, event-stream, node-ipc, colors, faker)\n- Publishing anomaly detection (maintainer changes, version gaps, script additions)\n\n### Infrastructure \u0026 CI/CD\n- GitHub Actions: unpinned actions, secrets exfiltration, encoded payloads, curl piping\n- Dockerfile: curl pipe, unpinned base images, hardcoded secrets, SUID bits\n- Terraform/IaC: inline scripts, external modules, hardcoded secrets\n- Package manager configs (.npmrc, .yarnrc, pip.conf): HTTP registries, exposed tokens\n- Git hooks and submodule security\n\n### Repository Trust Signals\n- GitHub repo metadata analysis (account age, star-farming, single-commit repos)\n- Release artifact scanning (.exe, .7z, double extensions, LNK shortcuts, PE magic)\n- README lure detection (leaked/pirated/urgency language)\n\n### Credential Detection\n- AWS access keys (AKIA/ASIA), GitHub tokens (ghp_/gho_), npm tokens\n- SSH private keys, generic API keys, PEM private keys\n\n### Dead-Drop Resolver / C2 Detection\n- Steam Community profiles, Telegram channels, Pastebin, GitHub Gists\n- DNS TXT records, DNS-over-HTTPS, dynamic WebSocket URLs\n- Known C2 domains and IPs (from IOC blocklist)\n\n### Correlation Engine (v4.2)\nLinks individual findings into incident-level attack chains:\n- \"GlassWorm Campaign\" (marker + eval + exfiltration)\n- \"Vidar Stealer Infection\" (dead-drop + browser theft + dropper)\n- \"npm Account Takeover\" (maintainer change + install hooks + C2)\n- \"Fake Repository Malware\" (lure + exe release + new account)\n- 15+ correlation rules with confidence scoring\n\n### Trust Breakdown (v4.2)\n4-dimension trust scoring for every scan:\n- Publisher Trust (40%) / Code Quality (30%) / Dependency Trust (20%) / Release Process (10%)\n\n## Installation\n\n```bash\nnpm install -g supply-chain-guard\n```\n\nOr use directly with npx:\n\n```bash\nnpx supply-chain-guard scan ./my-project\n```\n\n## Quickstart\n\n```bash\n# Scan a local directory\nsupply-chain-guard scan ./my-project\n\n# Scan a GitHub repo (includes trust signal analysis)\nsupply-chain-guard scan https://github.com/user/repo\n\n# Analyze a GitHub repo for trust signals + malware\nsupply-chain-guard repo https://github.com/user/repo\n\n# Scan an npm package (downloads without installing)\nsupply-chain-guard npm suspicious-package-name\n\n# Scan a PyPI package\nsupply-chain-guard pypi suspicious-package\n\n# Scan a VS Code extension\nsupply-chain-guard vscode publisher.extension-name\n\n# Detect dependency confusion\nsupply-chain-guard confusion ./my-project\n\n# Scan an entire GitHub organization\nsupply-chain-guard org my-github-org\n\n# Scan only files changed since a commit (diff mode)\nsupply-chain-guard scan ./project --since HEAD~5\n\n# Monitor a Solana C2 wallet\nsupply-chain-guard monitor \u003cwallet-address\u003e --once\n```\n\n## Output Formats\n\n```bash\nsupply-chain-guard scan ./project                # Human-readable text (default)\nsupply-chain-guard scan ./project --format json   # JSON (for CI/CD pipelines)\nsupply-chain-guard scan ./project --format html   # Standalone HTML report\nsupply-chain-guard scan ./project --format markdown # Markdown (for PR comments)\nsupply-chain-guard scan ./project --format sarif  # SARIF 2.1.0 (GitHub Code Scanning)\nsupply-chain-guard scan ./project --format sbom   # CycloneDX 1.6 SBOM with real dependency inventory\nsupply-chain-guard scan ./project --sbom-output sbom.json  # Write SBOM to file separately\n```\n\n## CI Exit Code Control\n\n```bash\nsupply-chain-guard scan ./project --fail-on critical  # Fail only on critical\nsupply-chain-guard scan ./project --fail-on high       # Fail on high or above\nsupply-chain-guard scan ./project --fail-on info       # Fail on any finding\n```\n\n## Filtering\n\n```bash\nsupply-chain-guard scan ./project --min-severity high\nsupply-chain-guard scan ./project --exclude SOLANA_MAINNET,HEX_ARRAY\n```\n\n## Policy Configuration (v4.4)\n\nCreate `.supply-chain-guard.yml` in your project root to customize behavior:\n\n```yaml\nrules:\n  disable:\n    - HEX_ARRAY\n    - CHARCODE_OBFUSCATION\n  severityOverrides:\n    GHA_UNPINNED_ACTION: medium\n\nallowlist:\n  packages:\n    - internal-utils\n  domains:\n    - company.internal\n  githubOrgs:\n    - my-org\n\nsuppress:\n  - rule: RELEASE_EXE_ARTIFACT\n    reason: Legitimate Windows installer\n\nbaseline:\n  file: .scg-baseline.json\n```\n\n## Baseline Diffing (v4.4)\n\nOnly report NEW findings (ignore known baseline):\n\n```bash\n# Save current findings as baseline\nsupply-chain-guard scan ./project --save-baseline .scg-baseline.json\n\n# On subsequent scans, only show new findings\nsupply-chain-guard scan ./project --baseline .scg-baseline.json\n```\n\n## Example Output\n\n```\n╔══════════════════════════════════════════════════════════════════════════════╗\n║  supply-chain-guard                                                  v5.1.0 ║\n╚══════════════════════════════════════════════════════════════════════════════╝\n\n  Target      ./suspicious-package\n  Type        directory  ·  18 / 18 files scanned\n  Duration    142ms\n  Time        2026-04-07T12:00:00.000Z\n\n┌─────────────────────────────── RISK SCORE ─────────────────────────────────┐\n│                                                                              │\n│   83 / 100   █████████████████████████████████░░░░░   CRITICAL             │\n│                                                                              │\n└──────────────────────────────────────────────────────────────────────────────┘\n\n┌──────────────────────────── FINDINGS SUMMARY ───────────────────────────────┐\n│  CRITICAL      3  ████████████████████████████████                          │\n│  HIGH          1  ██████████                                                 │\n│  MEDIUM        0  ────────────────────────────────                           │\n│  LOW           0  ────────────────────────────────                           │\n│  INFO          0  ────────────────────────────────                           │\n└──────────────────────────────────────────────────────────────────────────────┘\n\n┌──────────────────────────────── FINDINGS ───────────────────────────────────┐\n│                                                                              │\n│  [CRITICAL]  DEAD_DROP_STEAM                                                │\n│              Steam Community profile URL used as dead-drop C2 resolver      │\n│              src/config.js:12                                                │\n│              match  https://steamcommunity[.]com/profiles/76561198...       │\n│              fix    Remove external URL resolution; use static configuration │\n│                                                                              │\n│ ············································································· │\n│                                                                              │\n│  [CRITICAL]  VIDAR_BROWSER_THEFT                                            │\n│              Browser credential file access (infostealer pattern)           │\n│              src/steal.js:45                                                 │\n│              match  AppData[...]Google[...]Chrome[...]Login Data             │\n│              fix    Never access browser credential stores                   │\n│                                                                              │\n│ ············································································· │\n│                                                                              │\n│  [CRITICAL]  DROPPER_TEMP_EXEC                                              │\n│              Dropper: file written and executed from temp directory          │\n│              src/loader.js:23                                                │\n│              match  saveFile(tmpdir, payload); exe‹c›(tmpPath)              │\n│              fix    Remove dropper logic; audit all exec() call sites        │\n│                                                                              │\n└──────────────────────────────────────────────────────────────────────────────┘\n\n┌─────────────────────────── TRUST BREAKDOWN ─────────────────────────────────┐\n│  Publisher       ██████░░░░░░░░░░░░░░░░░░░░░░░░░░░░  20/100               │\n│  Code            █████████░░░░░░░░░░░░░░░░░░░░░░░░░  30/100               │\n│  Dependencies    ████████████████████████████████████ 100/100              │\n│  Release         ██████████████████████████░░░░░░░░░  80/100               │\n│────────────────────────────────────────────────────────────────────────────│\n│  Overall         █████████████░░░░░░░░░░░░░░░░░░░░░░  48/100               │\n└──────────────────────────────────────────────────────────────────────────────┘\n\n┌──────────────────────────── CORRELATED INCIDENTS ───────────────────────────┐\n│                                                                              │\n│  [CRITICAL]  Vidar Stealer Infection  95% confidence                        │\n│  Multiple infostealer indicators: dead-drop resolvers for C2,               │\n│  browser credential theft, and crypto wallet targeting.                     │\n│  Indicators: DEAD_DROP_STEAM, VIDAR_BROWSER_THEFT, DROPPER_TEMP_EXEC       │\n│                                                                              │\n└──────────────────────────────────────────────────────────────────────────────┘\n```\n\n## Supported Ecosystems\n\n| Ecosystem | Command | What It Scans |\n|-----------|---------|---------------|\n| npm | `scan`, `npm` | package.json, install scripts, lockfile, tarball |\n| PyPI | `pypi` | setup.py, setup.cfg, pyproject.toml, install hooks |\n| Cargo/Rust | `scan` | Cargo.toml, build.rs, proc macros |\n| Go | `scan` | go.mod, init() functions, CGo, plugin loading |\n| Docker | `scan` | Dockerfile, docker-compose.yml, Containerfile |\n| Terraform | `scan` | .tf, .hcl files (provisioners, modules, secrets) |\n| VS Code | `vscode` | .vsix files, activation events, dangerous APIs |\n| GitHub Actions | `scan` | .github/workflows/*.yml |\n| GitHub Repos | `repo` | Trust signals, releases, README lures |\n| Solana | `monitor` | C2 wallet memo transactions |\n\n## GitHub Action\n\n```yaml\nname: Supply Chain Security\non: [push, pull_request]\n\njobs:\n  scan:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - uses: homeofe/supply-chain-guard@v5\n        with:\n          fail-on: critical\n          comment-on-pr: true\n```\n\n### Action Inputs\n\n| Input | Description | Default |\n|-------|-------------|---------|\n| `path` | Path to scan | `.` |\n| `format` | Output format (text/json/markdown/html/sarif/sbom) | `markdown` |\n| `min-severity` | Minimum severity to report | `low` |\n| `exclude-rules` | Comma-separated rule IDs to exclude | |\n| `fail-on` | Fail check at this severity or above | `critical` |\n| `comment-on-pr` | Post findings as PR comment | `true` |\n\n## Adding Custom Patterns\n\nEdit `src/patterns.ts` to add new detection rules:\n\n```typescript\n{\n  name: \"my-custom-pattern\",\n  pattern: \"regex-pattern-here\",\n  description: \"What this detects\",\n  severity: \"high\",\n  rule: \"MY_CUSTOM_RULE\",\n}\n```\n\n## Architecture\n\n```\nscan() -\u003e collectFiles() -\u003e per-file analysis\n  -\u003e Pattern matching (170+ rules across 12 categories)\n  -\u003e Entropy analysis (Shannon entropy for encoded payloads)\n  -\u003e IOC blocklist check (known C2 domains, IPs, hashes)\n  -\u003e Install hook deep analysis (secret harvesting, download-exec)\n  -\u003e Dependency risk analysis (Levenshtein typosquatting)\n  -\u003e Sub-scanners (lockfile, GitHub Actions, Docker, Cargo, Go, IaC)\n  -\u003e SLSA verifier (provenance level 0-3, sigstore/cosign, attestations)\n  -\u003e SBOM generator (reads package-lock.json → real CycloneDX 1.6 components)\n  -\u003e GitHub trust signal analysis (account age, stars, releases)\n  -\u003e Correlation engine (links findings into incidents)\n  -\u003e Trust breakdown (4-dimension scoring)\n  -\u003e Report generation (text/json/html/markdown/sarif/sbom)\n```\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines. The most impactful contribution is adding new detection patterns for emerging threats.\n\n## Changelog\n\n### v5.2.4 (2026-04-30)\n**Threat intel: DPRK @validate-sdk/v2 + LofyGang / LofyStealer (April 2026)**\n\nTwo fresh April 2026 supply-chain campaigns are now signatured.\n\n- **DPRK AI-inserted npm malware** — `@validate-sdk/v2` was inserted into a victim project as a dependency by the Claude Opus LLM during a social-engineering operation attributed to North Korean actors. New rule `DPRK_VALIDATE_SDK` in `src/patterns.ts` plus a `MALICIOUS_PACKAGE_PATTERNS` entry, a bundled threat-intel `package` IOC, and a recommendation to audit AI-suggested dependencies.\n- **LofyGang / LofyStealer (aka GrabBot)** — Brazilian crew resurfaces after three years targeting Minecraft players with a new infostealer disguised as Minecraft hacks. New rules `LOFYSTEALER_MARKER` and `LOFYGANG_MINECRAFT_LURE` in `src/patterns.ts`, plus threat-intel `package` IOCs for the family aliases.\n- 5 new tests in `src/__tests__/campaigns.test.ts`.\n\n### v5.2.3 (2026-04-26)\n**Documentation catch-up** — bumps version strings in `src/cli.ts`, `src/reporter.ts` (text header, SARIF, SBOM, HTML footer) that were stuck at `5.2.0` / `5.1.0` since the v5.2.1 and v5.2.2 releases. No behavior change.\n\n### v5.2.2 (2026-04-26)\n**Solana monitor: rate-limit-aware RPC client** — closes [#21](https://github.com/homeofe/supply-chain-guard/issues/21).\n\nThe public Solana RPC (`api.mainnet-beta.solana.com`) returns HTTP 429 and JSON-RPC error `-32005` when its per-IP quota is exceeded. Previously the monitor surfaced these as fatal poll errors and skipped the interval. Now `solanaRpc()` retries with exponential backoff and recovers automatically.\n\n- **Detection**: HTTP 429, JSON-RPC code `-32005`, or message heuristics (`rate.?limit`, `too many requests`, `429`, `-32005`)\n- **Backoff**: exponential 1s -\u003e 32s with +/- 25% jitter, capped at 5 retries\n- **Retry-After**: header (seconds or HTTP-date) is honored when present and overrides backoff\n- **Test seam**: `__setSleepForTesting()` lets tests run instantly without real timers\n- 6 new tests in `src/__tests__/solana-monitor.test.ts` cover 429 retry, `-32005` retry, Retry-After honoring, max-retry exhaustion, non-rate-limit pass-through, and message-based detection\n\n### v5.2.1 (2026-04-26)\n**Threat intel: Checkmarx KICS / Bitwarden CLI supply-chain breach (April 2026)**\n\nA single threat actor (claiming \"TeamPCP\") compromised both the Checkmarx KICS Docker images / VSCode-OpenVSX extensions and the `@bitwarden/cli` npm package on April 22, 2026, using a shared `audit.checkmarx.cx/v1/telemetry` exfiltration endpoint. Targets GitHub tokens, AWS/Azure/GCP credentials, npm tokens, SSH keys, and Claude configs. Marked as a successor to the Shai-Hulud npm worm.\n\n- **C2 domains**: `audit.checkmarx.cx`, `checkmarx.cx` (`src/ioc-blocklist.ts`)\n- **C2 IPs**: `94.154.172.43`, `91.195.240.123`\n- **Compromised package**: `@bitwarden/cli@2026.4.0`\n- **New campaign rules** in `src/patterns.ts`:\n  - `CHECKMARX_SHAI_HULUD_V3` — matches the `Shai-Hulud: The Third Coming` exfil marker string\n  - `CHECKMARX_MCP_ADDON` — matches the `mcpAddon.js` loader filename\n  - `BITWARDEN_CLI_LOADER` — matches `bw_setup.js` / `bw1.js` loader/payload pair\n- 4 new tests in `src/__tests__/campaigns.test.ts`\n\n### v5.2.0 (2026-04-08)\n**Self-Scan Clean + Text Wrapping** — the scanner no longer flags its own source code. Scanning `supply-chain-guard` itself drops from 100/critical (243 critical + 137 high) to clean.\n\n**Scanner source exclusion** (`src/scanner.ts`):\n- New shared `SCANNER_SOURCE_FILE` and `TEST_FILE_REGEX` constants replace duplicated inline regexes\n- `checkIOCBlocklist()` and `checkThreatIntel()` now skip scanner definition files and test files — eliminates ~50 IOC/threat-intel self-matches\n- `checkMultiLineProtestware()` skips scanner source and test files — eliminates proximity false positives\n\n**Pattern-level guards** (`src/patterns.ts`):\n- `notTestFile: true` added to all ~120 pattern rules (was only on 1). Test files with malware samples are no longer flagged\n- New `SCANNER_SRC` regex excludes scanner definition files from 35 rules across CAMPAIGN_PATTERNS, INFOSTEALER_PATTERNS, SECRETS_PATTERNS, LURE_PATTERNS, BEACON_MINER_PATTERNS, and CAMPAIGN_PATTERNS_V2\n- Existing `notFilePattern` regexes merged for rules that already had one (VIDAR_BROWSER_THEFT, PROXY_BACKCONNECT, DROPPER_TEMP_EXEC)\n\n**Text wrapping** (`src/reporter.ts`):\n- New `wrapText()` helper replaces `trunc()` for description, match, and fix fields in findings output\n- Long text now word-wraps across multiple lines within box borders instead of being cut off with `…`\n\n### v5.1.1 (2026-04-07)\n**CI and test fixes**\n- CI workflow: add GitHub Release creation step — after npm publish, automatically creates a GitHub Release with changelog notes extracted from README.md\n- `reporter.test.ts`: fix 3 text-format assertions that checked old output patterns (`\"scan report\"`, `\"52/100\"`, `\"None\"`) broken by the v5.1.0 ASCII output redesign\n\n### v5.1.0 (2026-04-07)\n**Comprehensive ASCII CLI output** — complete redesign of the default text reporter.\n- Double-line banner header (`╔╗`) with tool name and version\n- Risk score with 36-char visual gauge bar, color-coded by severity level\n- Findings summary as a severity histogram with proportional `█░` bars scaled to highest count\n- Finding cards with structured `match` / `fix` label indenting and `···` dot-line separators\n- Trust breakdown and risk dimensions with 32-char bar gauges and divider before Overall\n- All sections framed in `┌─┐ / └─┘` box-drawing borders at 80-char terminal width\n- Fixed stale hardcoded `4.8.0`/`4.9.0` version strings in SARIF, SBOM metadata, and HTML footer\n\n### v5.0.1 (2026-04-07)\n**False positive fixes — second pass** after live workspace testing revealed additional FPs.\n- `PROXY_HANDLER_TRAP`: `notFilePattern` extended to cover non-minified vendor files in `/static/js/`, `/vendor/`, `/public/js/`, `/assets/js/` directories (e.g. `tailwindcss.js`)\n- `SHAI_HULUD_WORM` / `SHAI_HULUD_CRED_STEAL`: switched from `notFilePattern(yml)` to `onlyExtensions` for source code only — eliminates FPs on `.md`, `.json`, and other doc/config files\n- `README_LURE` rules: `onlyFilePattern` tightened to filename-based match (README/CHANGELOG/DESCRIPTION/CONTRIBUTING) instead of any `*.md` file — eliminates FPs on `docs/*.md`\n- `DROPPER_TEMP_EXEC`: pattern tightened from `save.*\\.exe` to `saveFile\\(` to avoid matching variable names\n- `PROTESTWARE_PROXIMITY`: destructive token detection now requires actual function calls (`fs.rm*\\s*\\(`) rather than any line containing `child_process`\n\n### v5.0.0 (2026-04-07)\n**Context-Aware False Positive Elimination** — workspace-wide scan of 100k+ LOC across 15 projects identified 14 systematic FP categories. v5.0.0 eliminates all of them without weakening real detection.\n\n**New PatternEntry context fields** (`src/types.ts`):\n- `onlyFilePattern?: RegExp` — only apply pattern to files whose path matches (e.g. README/docs only)\n- `notFilePattern?: RegExp` — skip files whose path matches (e.g. `.min.js`, `.yml`)\n- `notTestFile?: boolean` — skip test/spec/fixture/conftest files\n\n**Rule-level fixes** (`src/patterns.ts`):\n- `README_LURE_CRACK` / `README_LURE_LEAKED` / `README_LURE_URGENCY`: `onlyFilePattern` → README/CHANGELOG/`.md` files only. Source files like `.ts` no longer trigger these\n- `SHAI_HULUD_WORM` / `SHAI_HULUD_CRED_STEAL`: `notFilePattern: /\\.ya?ml$/` → `npm publish` in CI workflow YAML is standard; worm runs it from JS/TS code\n- `PROXY_HANDLER_TRAP` / `BEACON_INTERVAL_FETCH` / `VIDAR_BROWSER_THEFT` / `PROXY_BACKCONNECT`: `notFilePattern: /\\.min\\.(js|css)$/` → minified files put everything on one line, making unrelated patterns appear co-located\n- `DROPPER_TEMP_EXEC` / `MINER_CONFIG_KEYS`: `notFilePattern: /\\.json$/` → Bootstrap icon JSON files won't trigger mining config detection\n- `IAC_HARDCODED_SECRET`: `notTestFile: true` + pattern excludes dummy values (`test-key`, `your_*`, `example`, `placeholder`, `changeme`)\n- `VIDAR_BROWSER_THEFT`: pattern tightened to require OS-specific browser data paths (Windows AppData, macOS Library, Linux .mozilla)\n- `PROXY_BACKCONNECT`: pattern tightened to require SOCKS proxy protocol indicators or IP:port format\n\n**Scanner fixes** (`src/scanner.ts`):\n- `.claude/` directory excluded from scanning (eliminates 7× duplicate findings from Claude Code worktrees)\n- `CRITICAL_FINDING_NO_OWNER` and `RISK_STAGNATION_HIGH` excluded from risk score calculation (meta-governance findings caused circular score inflation)\n- `relativePath` normalized to forward slashes — cross-platform consistency in all finding `file` fields\n- `checkBeaconMinerPatterns` now respects `notFilePattern`/`onlyFilePattern`/`notTestFile` like `checkFilePatterns`\n- Binary detection path splitting fixed for cross-platform compatibility\n\n**Continuous monitor fix** (`src/continuous-monitor.ts`):\n- `RISK_STAGNATION_HIGH` requires ≥5 history entries before firing (avoids false alarms on new projects)\n\n**SCANNABLE_EXTENSIONS**: `.md` added — README/CHANGELOG files now scanned for lure patterns via `checkFilePatterns`\n\n- 22 new context-aware tests (629 total)\n- Expected score reduction: projects scoring 100/critical due to FPs → ≤20/low with no actual malware\n\n### v4.9.0 (2026-04-07)\n- **New: SBOM Generator** — reads `package-lock.json` (v2+) to generate CycloneDX 1.6 SBOMs with real `components[]` (name, version, PURL, hashes, licenses). Falls back to `package.json` direct deps. VEX statements for suppressed findings. Use `--sbom-output \u003cfile\u003e` to write separately.\n- **New: SLSA Verifier** — detects SLSA provenance level (0–3) per project. Checks for sigstore/cosign signing, `slsa-github-generator` usage, hermetic build evidence, provenance attestation files. New rules: `SLSA_LEVEL_0`, `SLSA_NO_PROVENANCE`, `SLSA_UNSIGNED_ARTIFACTS`.\n- **New: GitHub Actions PPE Patterns** — `GHA_PPE_PULL_TARGET` (critical), `GHA_SCRIPT_INJECTION` (critical), `GHA_OIDC_WRITE_PERM`, `GHA_CACHE_POISONING`, `GHA_ARTIFACT_DOWNLOAD`, `GHA_SELF_MODIFY`. Known malicious SHA blocklist (tj-actions Sep 2025, reviewdog).\n- **New: Dependency Confusion Enhancements** — `DEP_HALLUCINATED_PACKAGE` (AI-hallucinated npm/PyPI names), `DEP_FRESH_PUBLISH` (version \u003c 24h old), `DEP_SCOPED_PUBLIC` (internal-looking scoped package on public registry), `scanPypiDependencyConfusion()` for `requirements.txt`/`pyproject.toml`.\n- **False Positive Reduction** — scanning a 100k+ LOC production codebase went from 819 findings/critical to 17 findings/high:\n  - `LOCKFILE_ORPHANED_DEPENDENCY`: 794 individual findings → 1 aggregated summary (npm v7 flat lockfile fix)\n  - `TYPOSQUAT_LEVENSHTEIN`: pre-check against popular-packages set; min name length ≥4; short popular packages (ws/pg/nx) excluded from comparison; bcryptjs/swr/tsx/zod added to whitelist\n  - `SVG_SCRIPT_INJECTION`: restricted to `.svg` files only (new `onlyExtensions` field on PatternEntry)\n  - `IMPORT_EXPRESSION`: backtick without `${...}` expression no longer triggers; severity high→medium\n  - `BEACON_INTERVAL_FETCH`: severity high→medium (React polling false positive)\n  - `DEAD_DROP_DNS_TXT` / `C2_DOH_RESOLVER`: severity high→medium (false positives in security tooling)\n  - `GHA_ENV_EXFIL`: pattern tightened — only fires when secrets/env passed as curl data/header\n  - `WORKFLOW_SECRET_TO_UPLOAD_PATH`: severity high→medium, confidence 0.7→0.6\n  - `SECRETS_SSH_KEY_READ`: pattern requires specific key filenames (`id_rsa`, `id_ed25519` etc.) — no longer fires on `cat \u003e\u003e ~/.ssh/known_hosts` CI setup\n- **Score Calculation**: per-rule deduplication (each unique rule contributes once to score) + weights medium 8→5, low 3→2\n- 45 new tests (607 total)\n\n### v4.8.0 (2026-04-04)\n- **New: Continuous Risk Monitor** -- persistent risk history, trend detection (spikes, stagnation, increasing)\n- **New: Triage Engine** -- finding ownership, status tracking, governance checks (unowned critical, expired acceptances)\n- **New: SLA Engine** -- remediation deadline tracking with breach and at-risk detection\n- **New: Risk Forecasting** -- linear regression-based trajectory prediction\n- **New: Security Metrics** -- open critical/high, SLA compliance rate, risk trend, top contributors\n- 18 new tests (562 total)\n\n### v4.7.0 (2026-04-04)\n- **New: Attack Graph Engine** -- models relationships between repos, packages, workflows, secrets, IOCs as directed graphs with exploitable attack paths\n- **New: Active Validation Framework** -- confidence tiers (heuristic/correlated/validated/confirmed), rationale and evidence per finding\n- **New: Workflow Modeler** -- models GitHub Actions as executable chains, detects secret-to-egress and untrusted-action-in-release paths\n- **New: Secret Simulator** -- honeytoken system for sandboxed analysis (fake .npmrc, .env, SSH keys, AWS creds)\n- **New: Org Posture Engine** -- portfolio-wide risk posture with systemic drift detection, recurring risky packages/actions\n- **New:** `--export-graph json|mermaid` for attack graph visualization\n- **New:** Mermaid diagram export for attack paths\n- 19 new tests (544 total)\n\n### v4.6.0 (2026-04-04)\n- **New: Remediation Engine** -- concrete, prioritized fix steps for every finding\n- **New: Fix Suggestions** -- machine-readable patches (pin actions, fix registries)\n- **New: Incident Playbooks** -- full response playbooks for GlassWorm, Vidar, npm takeover, fake repos, CI/CD poisoning\n- **New: SOC Exporter** -- JSON incident bundles, markdown incident reports, CSV summaries\n- **New: Dependency Governance** -- untrusted source detection in lockfiles\n- **New:** `--export-incident-md` for ticket-ready incident reports\n- **New:** `--export-fixes` for automatable fix suggestions\n- **New:** Remediation plan section in text/HTML reports\n- 24 new tests (525 total)\n\n### v4.5.0 (2026-04-04)\n- **New: Threat Intelligence** -- real-time IOC feed integration with confidence scoring and decay\n- **New: Adaptive Risk Engine** -- multi-dimensional scoring (code/deps/repo/CI + confidence)\n- **New: Diff-Based Scanning** -- `--since \u003ccommit\u003e` scans only changed files\n- **New: Org Scanning** -- `supply-chain-guard org \u003cgithub-org\u003e` scans entire organizations\n- **New:** Advanced obfuscation v2 (split strings, multi-layer encoding, runtime deobfuscation)\n- **New:** Risk dimensions in text/JSON output (code risk, dep risk, CI/CD risk, threat intel)\n- 19 new tests (501 total)\n\n### v4.4.0 (2026-04-04)\n- **New: Policy Engine** -- `.supply-chain-guard.yml` config for rule disable, severity overrides, allowlists, suppressions\n- **New: Baseline System** -- `--save-baseline` / `--baseline` for diff-only CI scanning (only new findings)\n- **New: Trust Signals** -- positive indicators (SECURITY.md, CODEOWNERS, LICENSE, lockfile, repository link)\n- **New:** Secret exfiltration chain correlations (install hook + network + obfuscation)\n- **New:** Suppression count in reports\n- 18 new tests (482 total)\n\n### v4.3.0 (2026-04-04)\n- Documentation overhaul: complete README rewrite covering all features through v4.2\n- Updated all version references, examples, and detection rule tables\n\n### v4.2.0 (2026-04-04)\n- **New: Correlation Engine** -- links findings into incident-level attack chains (15+ rules)\n- **New: Trust Breakdown** -- 4-dimension scoring (publisher/code/dependency/release)\n- **New: Install Hook Scanner** -- deep analysis (secret harvesting, download-exec, binary blobs)\n- **New: Dependency Risk Analyzer** -- Levenshtein typosquat detection\n- **New: Publishing Anomaly Detector** -- maintainer changes, version gaps\n- **New: Release Scanner** -- double extensions, LNK, PE magic, password hints\n- **New:** C2 patterns (DoH, Gist dead-drops, dynamic WebSocket)\n- **New:** Secrets detection (AWS, GitHub, SSH, npm tokens, private keys)\n- 59 new tests (464 total), ~174 detection rules\n\n### v4.1.0 (2026-04-04)\n- **New: GitHub Trust Scanner** -- repo metadata, star-farming, release artifacts, README lures\n- **New: IOC Blocklist** -- known C2 domains/IPs, malware hashes, bad npm versions, malicious accounts\n- **New:** Vidar/GhostSocks/dropper patterns, dead-drop resolver detection\n- **New:** Claude Code leak campaign signatures, fake AI tool lure detection\n- 42 new tests (405 total), ~143 detection rules\n\n### v4.0.0 (2026-04-04)\n- **New:** Dockerfile, package config, git security, Cargo/Rust, Go module, entropy scanners\n- **New:** Build-tool, monorepo, IaC/Terraform patterns\n- **New:** HTML report format with severity filtering\n- **New:** Shai-Hulud worm, advanced obfuscation, campaign signatures\n- 94 new tests (363 total), 110+ detection rules\n\n### v3.1.0 (2026-03-26)\n- SBOM export (CycloneDX 1.5), `--fail-on` flag, full test coverage (269 tests)\n\n### v3.0.0 (2026-03-26)\n- PyPI scanner, GitHub Actions scanner, SARIF output, Solana watchlist\n\n### v2.0.0\n- Multi-platform scanner (npm, PyPI, VS Code), dependency confusion, lockfile checks\n\n### v1.0.0\n- Initial release: GlassWorm detection, npm scanning, Solana C2 monitoring\n\n## License\n\n[Apache-2.0](LICENSE) - Copyright 2026 Elvatis - Emre Kohler\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhomeofe%2Fsupply-chain-guard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhomeofe%2Fsupply-chain-guard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhomeofe%2Fsupply-chain-guard/lists"}