←back to thread

NPM debug and chalk packages compromised

(www.aikido.dev)
1369 points universesquid | 2 comments | 08 Sep 25 15:37 UTC | HN request time: 0.02s | source
Show context
joaomoreno ◴[08 Sep 25 16:49 UTC] No.45170585[source]
From sindresorhus:

You can run the following to check if you have the malware in your dependency tree:

`rg -u --max-columns=80 _0x112fa8`

Requires ripgrep:

`brew install rg`

https://github.com/chalk/chalk/issues/656#issuecomment-32668...

replies(8): >>45171142 #>>45171275 #>>45171304 #>>45171841 #>>45172110 #>>45172189 #>>45174730 #>>45175821 #
cgijoe ◴[08 Sep 25 17:38 UTC] No.45171275[source]
Sorry, I am unfamiliar with ripgrep. Is this simply scanning for the string `_0x112fa8`? Could we do the same thing with normal grep -r?
replies(2): >>45171316 #>>45171334 #
skrebbel ◴[08 Sep 25 17:41 UTC] No.45171316[source]
yes. ripgrep just does it faster, is all.
replies(2): >>45173163 #>>45173857 #
nothrabannosir ◴[08 Sep 25 20:56 UTC] No.45173857[source]
But also respects .gitignore by default so I’m not sure you want to use ripgrep to scan your node_modules
replies(2): >>45174032 #>>45174067 #
1. Fishkins ◴[08 Sep 25 21:09 UTC] No.45174032{3}[source]
For others who didn't know, the -u flag in the OP's command makes it so ripgrep _will_ search files even if they're gitignored
replies(1): >>45177926 #
2. postalcoder ◴[09 Sep 25 05:54 UTC] No.45177926[source]
-u searches through ignored files

-uu searches through ignored and hidden files (eg dotfiles)

-uuu searches through ignored, hidden, and binary files (ie everything)