[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-81479":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":15,"stars7d":15,"stars30d":13,"stars90d":15,"forks30d":15,"starsTrendScore":15,"compositeScore":16,"rankGlobal":10,"rankLanguage":10,"license":17,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":20,"hasPages":18,"topics":21,"createdAt":10,"pushedAt":10,"updatedAt":27,"readmeContent":28,"aiSummary":29,"trendingCount":15,"starSnapshotCount":15,"syncStatus":30,"lastSyncTime":31,"discoverSource":32},81479,"supply-chain-guard","pc-style\u002Fsupply-chain-guard","pc-style","Local supply-chain install gate for npm packages and VS Code extensions with Socket, Codex, and PI review support.","https:\u002F\u002Fscguard.pcstyle.dev",null,"TypeScript",31,1,30,0,0.9,"MIT License",false,"main",true,[22,23,24,25,26],"npm","security","socket","supply-chain","vscode","2026-06-12 02:04:15","# Supply Chain Guard\n\nA local review step for npm packages and VS Code extensions — inspect the artifact before it touches your project.\n\n> [!WARNING]\n> Supply Chain Guard is **VERY VERY EARLY STAGE** software. It can miss malicious packages, flag safe packages, and break package-manager flows. Treat it as a local warning layer, not proof that a dependency is safe.\n\nWebsite: [scguard.pcstyle.dev](https:\u002F\u002Fscguard.pcstyle.dev\u002F)\n\nContributing: [CONTRIBUTING.md](.\u002FCONTRIBUTING.md) · [CHANGELOG.md](.\u002FCHANGELOG.md) · [CODE_OF_CONDUCT.md](.\u002FCODE_OF_CONDUCT.md) · [ACCESSIBILITY.md](.\u002FACCESSIBILITY.md) · [SECURITY.md](.\u002FSECURITY.md)\n\n## Quick Start\n\n**1. Install**\n\n```sh\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fpc-style\u002Fsupply-chain-guard\u002Fmain\u002Finstall.sh | bash\n```\n\n**2. Activate the guard in your shell**\n\n```sh\neval \"$(scguard shell-hook)\"\n```\n\n**3. Scan a package before installing**\n\n```sh\nscguard review axios\n```\n\n---\n\n## What It Does\n\nSupply Chain Guard puts a local review step in front of npm packages and VS Code extensions. It downloads the artifact first, checks the files that usually matter during an install, writes JSON and Markdown reports, and can ask Codex or PI for a second review before anything lands in your project.\n\nIt is meant for the moment right before you run `bun add`, `npm install`, or `code --install-extension`. It is not a malware sandbox, and an approval is not proof that a package is safe. It is a local tripwire for suspicious install behavior.\n\n## Install Or Update\n\n```sh\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002Fpc-style\u002Fsupply-chain-guard\u002Fmain\u002Finstall.sh | bash\n```\n\nThe installer is also the updater. It clones or pulls this repo into `~\u002F.local\u002Fshare\u002Fsupply-chain-guard`, runs `bun install`, builds a compiled Bun executable, and creates `~\u002F.local\u002Fbin\u002Fscguard`. First install opens token\u002Fconfig\u002Fshell-hook prompts when a TTY is available; updates skip those prompts if an existing install or config is detected.\n\n## Demo\n\nScan a package before it is installed:\n\n![Supply Chain Guard scanning an npm package](docs\u002Fscreenshots\u002Fscan-npm.png)\n\nStage a package without installing it, then approve it when the report looks clean:\n\n![Supply Chain Guard withholding an install until approval](docs\u002Fscreenshots\u002Fadd-withheld.png)\n\n![Supply Chain Guard installing after approval](docs\u002Fscreenshots\u002Fadd-approved.png)\n\nBroad updates are blocked unless you name the packages to review:\n\n![Supply Chain Guard blocking a broad update](docs\u002Fscreenshots\u002Fblock-broad-update.png)\n\nVS Code extensions can be scanned from a local `.vsix` file:\n\n![Supply Chain Guard scanning a VS Code extension artifact](docs\u002Fscreenshots\u002Fscan-vsix.png)\n\nEvery run leaves JSON, Markdown, and agent-review prompts under `.scguard\u002Freports`:\n\n![Supply Chain Guard generated reports](docs\u002Fscreenshots\u002Fgenerated-reports.png)\n\nDemo captures are generated from real CLI runs:\n\n```sh\nbun run demo-screenshots   # capture JSON + regenerate PNGs\nbun run capture-demos      # JSON only (site live terminal)\n```\n\n## Requirements\n\n- Bun\n- Git, `tar`, and `unzip`\n- Optional: Socket API token with `packages:list`\n- Optional: `codex` and\u002For `pi` CLIs for agent review\n- Optional for npm staged publishing: npm CLI `11.15.0+` and Node `22.14.0+`\n\n## Commands\n\n```sh\nscguard review \u003Cpackage[@version]> [--agent codex|pi|both]\nscguard install \u003Cpackage[@version]> [--dev] [--agent codex|pi|both]\nscguard scan-vsix \u003Cpath-to-extension.vsix> [--json]\nscguard doctor\nscguard clean [--reports] [--cache] [--work] [--all]\nscguard config [--show] [--preset quiet|default|strict-ci|enterprise|advisory] [--safe-resolver off|suggest] [--agent none|codex|pi|both]\nscguard shell-hook\nscguard skill install         # npx skills add pc-style\u002Fsupply-chain-guard\n```\n\n`scguard skill install` runs `npx skills add pc-style\u002Fsupply-chain-guard -y --skill supply-chain-guard` so Codex, Cursor, Pi, and other agents pick up the skill. Run `scguard skill` for help.\n\nAdvanced commands: `scguard scan-lockfile`, `scguard scan-npm`, `scguard scan-stage`, `scguard guard`, `scguard agent-prompt`, `scguard agent-review`, `scguard self-test`.\n\n`review` resolves the package tarball, downloads it to `.scguard\u002Fcache`, extracts it to `.scguard\u002Fwork`, analyzes it, writes reports to `.scguard\u002Freports`, and stops. Use `install` instead when you want the install to continue after the gate passes. `scguard add` is kept as a deprecated alias for `review`.\n\nAdd `--agent codex`, `--agent pi`, or `--agent both` when you want a required agent review before install. The agent must end with `SCGUARD_DECISION: approve`. A rejection, manual-review decision, missing decision, non-zero exit, or missing agent binary blocks the install.\n\nRun `scguard config` to choose the default preset, safe resolver mode, and agent review for future scans and install gates. PI runs with `--no-tools --no-context-files`. Codex runs through `codex exec` in a read-only sandbox.\n\n`scguard doctor` checks Bun, Git, tar, unzip, `~\u002F.local\u002Fbin` on PATH, the shell hook, the Socket token, the active preset, and the optional Codex\u002FPI CLIs. Run it first if something looks wrong.\n\n`scguard clean` removes generated state under `.scguard\u002F`. Use `--reports`, `--cache`, `--work`, or `--all` to choose what to clear.\n\nRecommended shell hook:\n\n```sh\neval \"$(scguard shell-hook)\"\n```\n\nAfter that, normal commands such as `bun add lodash`, `pnpm add react`, `yarn add zod`, and `code --install-extension .\u002Fextension.vsix` go through the guard first. Bare `npm install`, `npm ci`, and `bun install` are routed through `scguard scan-lockfile`, which follows the active preset instead of deep-scanning every locked package by default. The `default` preset scans fresh versions under 7 days plus packages changed from the saved `.scguard\u002Flockfile-baseline.json`; `quiet`, `strict-ci`, `enterprise`, and `advisory` adjust that scope. Use `SCGUARD_BYPASS=1` for a single command if you need to skip the guard.\n\nYou can also run it directly:\n\n```sh\nscguard scan-lockfile           # scans the lockfile in the current directory using the active preset\nscguard scan-lockfile path\u002Fto\u002Fproject\n```\n\nEvery successful bare-lockfile scan writes or refreshes `.scguard\u002Flockfile-baseline.json` so future installs can detect changed packages without relying only on Git state.\n\nTune parallelism with `SCGUARD_LOCKFILE_CONCURRENCY` (default `8`).\n\nFor now, `code --install-extension publisher.name` is blocked because the VS Code CLI would download the extension before this tool can inspect it. Download the `.vsix`, scan it, then install the reviewed artifact.\n\n## Socket API Token\n\nDuring install, you can paste a Socket API token. The installer stores it in `~\u002F.config\u002Fsupply-chain-guard\u002Fenv` so scans can include Socket's package score. Create a token here:\n\nhttps:\u002F\u002Fsocket.dev\u002Fdashboard\u002Fsettings\u002Fapi-tokens\n\nRecommended Socket scopes:\n\n- `packages:list` for current package score lookup\n- `threat-feed:list` later if you want Socket-backed active attack warnings\n\n## Socket Intelligence\n\nSet `SOCKET_API_KEY` to query Socket.dev during npm scans:\n\n```sh\nexport SOCKET_API_KEY=\"...\"\n```\n\nReports say whether Socket was checked, skipped, or errored. If Socket returns a low supply-chain score, the guard raises the risk and can block the install.\n\n## Policy Presets\n\n- `quiet`: only scan versions published in the last 24 hours\n- `default`: scan fresh versions under 7 days plus packages changed from the last saved baseline\n- `strict-ci`: scan changed lockfile entries plus fresh\u002Frisky versions under 30 days\n- `enterprise`: scan broadly and keep online intelligence enabled when available\n- `advisory`: same scope as `default`, but findings never block a bare install\n\nSafe Resolver is suggest-only in this release. When a direct package review resolves to a version that is newer than the preset freshness window, the report can suggest an older stable version that still satisfies the requested spec. It never rewrites the install command.\n\n## npm Staged Publishing\n\nnpm staged publishing lets maintainers review a package before it goes live. `scguard scan-stage \u003Cstage-id>` runs `npm stage download \u003Cstage-id>`, analyzes the downloaded tarball, and applies the same agent review policy.\n\nWith the shell hook active, `npm stage approve \u003Cstage-id>` is guarded. The staged package is downloaded, scanned, optionally reviewed by Codex or PI, and only then approved.\n\n## Active Supply Chain Incident Mode\n\nSet an advisory when Socket, npm, Microsoft, GitHub, or your own security source reports an active attack:\n\n```sh\nexport SCGUARD_ACTIVE_INCIDENT=\"Socket reports active npm supply-chain campaign\"\nexport SCGUARD_ACTIVE_INCIDENT_UNTIL=\"2026-05-22T12:00:00Z\"\n```\n\nWhile the advisory is active, package operations are staged and analyzed. To continue, you must type:\n\n```text\nI accept the active supply-chain risk\n```\n\nIf the text does not match exactly, the install or update is cancelled.\n\n## What It Checks\n\n- install lifecycle scripts such as `preinstall`, `install`, and `postinstall`\n- suspicious script text such as `curl | sh`, shell execution, encoded payloads, credential paths, and network fetches\n- dependency volume and package metadata signals\n- executable `bin` entries\n- large files and unusual packed contents\n- VS Code extension activation events, main\u002Fbrowser entry points, scripts, and dependency metadata\n- Socket.dev package score when `SOCKET_API_KEY` is configured\n\nThis first version is conservative. It blocks `high` risk installs, warns at `medium`, and always leaves report artifacts behind for human or agent review.\n\n## Staging And Takedown Flow\n\nThe local staging flow is the `.scguard\u002Fcache`, `.scguard\u002Fwork`, and `.scguard\u002Freports` pipeline. Nothing is installed until analysis finishes and approval is explicit.\n\nThe takedown flow is intentionally simple in this first version:\n\n- set `SCGUARD_ACTIVE_INCIDENT` to force explicit acknowledgement on every package operation\n- remove the shell hook or unset the advisory after the incident ends\n- inspect `.scguard\u002Freports` for the packages and artifacts staged during the incident\n\n## Development\n\nClone the repo and run the pre-PR gate locally:\n\n```sh\ngit clone https:\u002F\u002Fgithub.com\u002Fpc-style\u002Fsupply-chain-guard.git\ncd supply-chain-guard\nbun install\nbun run check\n```\n\nRun the CLI from source without a global install:\n\n```sh\nbun run scguard -- --help\nbun run scguard -- review left-pad --offline\n```\n\nUse `--offline` for local reviews when you want to skip registry and signature checks. See [CONTRIBUTING.md](.\u002FCONTRIBUTING.md) and [AGENTS.md](.\u002FAGENTS.md) for the full contributor and agent workflow.\n\nGenerated cache, reports, tarballs, `node_modules`, and env files are ignored by git.\n","Supply Chain Guard 是一个用于npm包和VS Code扩展的本地审查工具，旨在在安装前检查软件包的安全性。其核心功能包括下载待安装的软件包或扩展，分析关键文件，并生成JSON和Markdown格式的报告，同时支持通过Codex或PI进行二次审查。该工具使用TypeScript编写，适合于开发者在执行`bun add`、`npm install`或`code --install-extension`命令之前，对即将引入项目的依赖项进行初步安全检查。需要注意的是，尽管它能提供一定的预警作用，但并不能完全保证检测出所有恶意包或确保被批准的包绝对安全。",2,"2026-06-11 04:05:13","CREATED_QUERY"]