Created
March 23, 2016 17:39
-
-
Save trumbitta/b8c6f86e9c4855b42fda to your computer and use it in GitHub Desktop.
Find out if a module involved in the "kik npm incident" is in your dependency list
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| NPM_DEPS_FILE=".npm-deps-parseable.txt" | |
| KIK_MODULES_FILE=".kik-modules.txt" | |
| echo "Downloading kik incident modules list..." | |
| wget https://gist.githubusercontent.com/azer/db27417ee84b5f34a6ea/raw/50ab7ef26dbde2d4ea52318a3590af78b2a21162/gistfile1.txt -O $KIK_MODULES_FILE | |
| wait $! | |
| echo "Building dependency list..." | |
| npm ls --parseable > $NPM_DEPS_FILE | |
| wait $! | |
| # TODO ignore false positives or do a second-pass cleaning | |
| while IFS= read -r row | |
| do | |
| echo "Checking: $row" | |
| GREP_RESULT=`grep $row $NPM_DEPS_FILE` | |
| [ $? == 0 ] && echo "Found: $row" && echo $GREP_RESULT | |
| done < $KIK_MODULES_FILE | |
| rm $NPM_DEPS_FILE $KIK_MODULES_FILE |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment