(www.aikido.dev)

1369 points universesquid | 2 comments | 08 Sep 25 15:37 UTC | HN request time: 0s | source

Show context

joaomoreno ◴[08 Sep 25 16:49 UTC] No.45170585[source]▶

From sindresorhus:

You can run the following to check if you have the malware in your dependency tree:

`rg -u --max-columns=80 _0x112fa8`

Requires ripgrep:

`brew install rg`

cgijoe ◴[08 Sep 25 17:38 UTC] No.45171275[source]▶

Sorry, I am unfamiliar with ripgrep. Is this simply scanning for the string `_0x112fa8`? Could we do the same thing with normal grep -r?

skrebbel ◴[08 Sep 25 17:41 UTC] No.45171316[source]▶

yes. ripgrep just does it faster, is all.

1. hinkley ◴[08 Sep 25 19:58 UTC] No.45173163[source]▶

Make it work, make it right, make it fast.

For security checks, the first 2 out of 3 is just fine.

replies(1): >>45174327 #

2. Aeolun ◴[08 Sep 25 21:35 UTC] No.45174327[source]▶

Sure, but if you can get the last for free, why not?

NPM debug and chalk packages compromised