ecmendenhall/check_for_hijacked_modules.sh

## check_for_hijacked_modules.sh
#!/usr/bin/env bash

MATCHES=$(npm ls | grep -e " andthen@" \
-e " anglicize@" \
-e " ansi-codes@" \
-e " atbash@" \
-e " attr@" \
-e " attrs@" \
-e " available-slug@" \
-e " background-image@" \
-e " ballet@" \
-e " binding@" \
-e " bind-key@" \
-e " blending-modes@" \
-e " boxcars@" \
-e " brick-browser@" \
-e " brick-browserify-plugin@" \
-e " brick-node@" \
-e " browserify-length@" \
-e " bud@" \
-e " bud-babelify@" \
-e " bud-browserify@" \
-e " bud-concat@" \
-e " bud-indexhtml@" \
-e " bud-live-server@" \
-e " call-all@" \
-e " categorize-files@" \
-e " center-box@" \
-e " centered@" \
-e " centered-cover-background@" \
-e " change-object@" \
-e " change-object-path@" \
-e " checkfor@" \
-e " cli-form@" \
-e " cli-qa@" \
-e " comma-list@" \
-e " comp@" \
-e " concat@" \
-e " config-doc@" \
-e " core-modules@" \
-e " cover-background@" \
-e " create-temp-dir@" \
-e " debounce-fn@" \
-e " declarative-js@" \
-e " default-debug@" \
-e " delegate-dom@" \
-e " dom-children@" \
-e " dom-classes@" \
-e " dom-event@" \
-e " domquery@" \
-e " dom-select@" \
-e " dom-style@" \
-e " dom-tree@" \
-e " dom-value@" \
-e " door@" \
-e " duba@" \
-e " eksi-server@" \
-e " eksi-sozluk@" \
-e " english-time@" \
-e " environ@" \
-e " every-time@" \
-e " expand-home-dir@" \
-e " failing-code@" \
-e " failing-line@" \
-e " filename-id@" \
-e " filter-stack@" \
-e " findall@" \
-e " first-val@" \
-e " flat-glob@" \
-e " flatten-array@" \
-e " flickr-client@" \
-e " flickr-favorites@" \
-e " flickr-following@" \
-e " flickr-generate-urls@" \
-e " flickr-photo-brick@" \
-e " flickr-photo-info@" \
-e " flickr-photo-urls@" \
-e " flickr-recent@" \
-e " flickr-user@" \
-e " flickr-user-feed@" \
-e " format-date@" \
-e " format-text@" \
-e " fs-wrapd - v1.0.0@" \
-e " functools@" \
-e " genpkg@" \
-e " get-json@" \
-e " gezi@" \
-e " gezi-core@" \
-e " go-api-starter@" \
-e " goodeggs-list@" \
-e " goodeggs-login@" \
-e " hide@" \
-e " highkick@" \
-e " htmlglue@" \
-e " html-patcher@" \
-e " iframe@" \
-e " ignore-doc@" \
-e " indexhtml@" \
-e " indexhtml-cli@" \
-e " infinite-scroll@" \
-e " install-module@" \
-e " is-node@" \
-e " iter@" \
-e " join-params@" \
-e " jsify@" \
-e " json-resources@" \
-e " just-a-browserify-server@" \
-e " just-a-server@" \
-e " just-next-tick@" \
-e " juxt@" \
-e " key-event@" \
-e " keyname-of@" \
-e " keynames@" \
-e " kurdish-time@" \
-e " less-common-words@" \
-e " level-client@" \
-e " level-flush@" \
-e " level-json@" \
-e " level-json-cache@" \
-e " level-json-wrapper@" \
-e " limited-parallel-loop@" \
-e " local-debug@" \
-e " lowkick@" \
-e " make-editable@" \
-e " matches-dom-selector@" \
-e " measure-time@" \
-e " media@" \
-e " medium-author@" \
-e " medium-post@" \
-e " memdiff@" \
-e " memoize-async@" \
-e " memoize-sync@" \
-e " memoize-with-leveldb@" \
-e " meta-tags@" \
-e " methodify@" \
-e " midibin-api@" \
-e " midi-instrument@" \
-e " midi-sdk@" \
-e " mime-of@" \
-e " mix-objects@" \
-e " most-common-turkish-words@" \
-e " most-common-words@" \
-e " mp3s@" \
-e " new-chain@" \
-e " new-command@" \
-e " new-element@" \
-e " new-empty-array@" \
-e " new-error@" \
-e " new-format@" \
-e " new-list@" \
-e " new-object@" \
-e " new-partial@" \
-e " new-prop@" \
-e " new-pubsub@" \
-e " new-range@" \
-e " new-reactive@" \
-e " new-struct@" \
-e " observer@" \
-e " on-key-press@" \
-e " on-off@" \
-e " ourtunes@" \
-e " outer-html@" \
-e " package-path@" \
-e " parallel-loop@" \
-e " parallelly@" \
-e " parse-path@" \
-e " pause-function@" \
-e " personal-api@" \
-e " play-audio@" \
-e " playfair-display@" \
-e " play-url@" \
-e " post-data@" \
-e " pref@" \
-e " prettify-error@" \
-e " prompt-input@" \
-e " propertify@" \
-e " property@" \
-e " prova@" \
-e " provinces@" \
-e " pt-mono@" \
-e " pt-serif@" \
-e " radio-paradise-api@" \
-e " random-color@" \
-e " rdio-js-api@" \
-e " read-cli-input@" \
-e " read-json@" \
-e " refine-object@" \
-e " relative-date@" \
-e " remotely@" \
-e " render-loop@" \
-e " require-sdk@" \
-e " right-pad@" \
-e " route-map@" \
-e " run-after@" \
-e " run-paralelly@" \
-e " run-serially@" \
-e " sanitize-object@" \
-e " scrape-eksi@" \
-e " scrape-pages@" \
-e " scrape-url@" \
-e " scraping-eksi@" \
-e " scroll-bottom@" \
-e " select-dom@" \
-e " serial-loop@" \
-e " serially@" \
-e " set-content-type@" \
-e " setup-docker@" \
-e " shell-jobs@" \
-e " show-help@" \
-e " show-version@" \
-e " shuffle-array@" \
-e " simple.io@" \
-e " simulate-touch@" \
-e " slug-to-title@" \
-e " socks-browser@" \
-e " soundcloud-stream@" \
-e " stream-format@" \
-e " strip@" \
-e " style-dom@" \
-e " style-format@" \
-e " subscribe@" \
-e " subscription@" \
-e " title-from-url@" \
-e " toba-batak-dictionary@" \
-e " to-class-name@" \
-e " toledo-chess@" \
-e " to-slug@" \
-e " to-title@" \
-e " try-call@" \
-e " turkish-alphabet@" \
-e " turkish-synonyms-api@" \
-e " turkish-time@" \
-e " unique-now@" \
-e " uniques@" \
-e " uzo@" \
-e " validate-value@" \
-e " variable-name@" \
-e " video-canvas@" \
-e " video-dimensions@" \
-e " virtual-glue@");

if [ -z "${MATCHES// }" ]; then
  echo "👍  No hijacked dependencies found.";
else
  echo "🚫  Found hijacked dependencies:";
  echo "$MATCHES";
fi
	#!/usr/bin/env bash

	MATCHES=$(npm ls \| grep -e " andthen@" \
	-e " anglicize@" \
	-e " ansi-codes@" \
	-e " atbash@" \
	-e " attr@" \
	-e " attrs@" \
	-e " available-slug@" \
	-e " background-image@" \
	-e " ballet@" \
	-e " binding@" \
	-e " bind-key@" \
	-e " blending-modes@" \
	-e " boxcars@" \
	-e " brick-browser@" \
	-e " brick-browserify-plugin@" \
	-e " brick-node@" \
	-e " browserify-length@" \
	-e " bud@" \
	-e " bud-babelify@" \
	-e " bud-browserify@" \
	-e " bud-concat@" \
	-e " bud-indexhtml@" \
	-e " bud-live-server@" \
	-e " call-all@" \
	-e " categorize-files@" \
	-e " center-box@" \
	-e " centered@" \
	-e " centered-cover-background@" \
	-e " change-object@" \
	-e " change-object-path@" \
	-e " checkfor@" \
	-e " cli-form@" \
	-e " cli-qa@" \
	-e " comma-list@" \
	-e " comp@" \
	-e " concat@" \
	-e " config-doc@" \
	-e " core-modules@" \
	-e " cover-background@" \
	-e " create-temp-dir@" \
	-e " debounce-fn@" \
	-e " declarative-js@" \
	-e " default-debug@" \
	-e " delegate-dom@" \
	-e " dom-children@" \
	-e " dom-classes@" \
	-e " dom-event@" \
	-e " domquery@" \
	-e " dom-select@" \
	-e " dom-style@" \
	-e " dom-tree@" \
	-e " dom-value@" \
	-e " door@" \
	-e " duba@" \
	-e " eksi-server@" \
	-e " eksi-sozluk@" \
	-e " english-time@" \
	-e " environ@" \
	-e " every-time@" \
	-e " expand-home-dir@" \
	-e " failing-code@" \
	-e " failing-line@" \
	-e " filename-id@" \
	-e " filter-stack@" \
	-e " findall@" \
	-e " first-val@" \
	-e " flat-glob@" \
	-e " flatten-array@" \
	-e " flickr-client@" \
	-e " flickr-favorites@" \
	-e " flickr-following@" \
	-e " flickr-generate-urls@" \
	-e " flickr-photo-brick@" \
	-e " flickr-photo-info@" \
	-e " flickr-photo-urls@" \
	-e " flickr-recent@" \
	-e " flickr-user@" \
	-e " flickr-user-feed@" \
	-e " format-date@" \
	-e " format-text@" \
	-e " fs-wrapd - v1.0.0@" \
	-e " functools@" \
	-e " genpkg@" \
	-e " get-json@" \
	-e " gezi@" \
	-e " gezi-core@" \
	-e " go-api-starter@" \
	-e " goodeggs-list@" \
	-e " goodeggs-login@" \
	-e " hide@" \
	-e " highkick@" \
	-e " htmlglue@" \
	-e " html-patcher@" \
	-e " iframe@" \
	-e " ignore-doc@" \
	-e " indexhtml@" \
	-e " indexhtml-cli@" \
	-e " infinite-scroll@" \
	-e " install-module@" \
	-e " is-node@" \
	-e " iter@" \
	-e " join-params@" \
	-e " jsify@" \
	-e " json-resources@" \
	-e " just-a-browserify-server@" \
	-e " just-a-server@" \
	-e " just-next-tick@" \
	-e " juxt@" \
	-e " key-event@" \
	-e " keyname-of@" \
	-e " keynames@" \
	-e " kurdish-time@" \
	-e " less-common-words@" \
	-e " level-client@" \
	-e " level-flush@" \
	-e " level-json@" \
	-e " level-json-cache@" \
	-e " level-json-wrapper@" \
	-e " limited-parallel-loop@" \
	-e " local-debug@" \
	-e " lowkick@" \
	-e " make-editable@" \
	-e " matches-dom-selector@" \
	-e " measure-time@" \
	-e " media@" \
	-e " medium-author@" \
	-e " medium-post@" \
	-e " memdiff@" \
	-e " memoize-async@" \
	-e " memoize-sync@" \
	-e " memoize-with-leveldb@" \
	-e " meta-tags@" \
	-e " methodify@" \
	-e " midibin-api@" \
	-e " midi-instrument@" \
	-e " midi-sdk@" \
	-e " mime-of@" \
	-e " mix-objects@" \
	-e " most-common-turkish-words@" \
	-e " most-common-words@" \
	-e " mp3s@" \
	-e " new-chain@" \
	-e " new-command@" \
	-e " new-element@" \
	-e " new-empty-array@" \
	-e " new-error@" \
	-e " new-format@" \
	-e " new-list@" \
	-e " new-object@" \
	-e " new-partial@" \
	-e " new-prop@" \
	-e " new-pubsub@" \
	-e " new-range@" \
	-e " new-reactive@" \
	-e " new-struct@" \
	-e " observer@" \
	-e " on-key-press@" \
	-e " on-off@" \
	-e " ourtunes@" \
	-e " outer-html@" \
	-e " package-path@" \
	-e " parallel-loop@" \
	-e " parallelly@" \
	-e " parse-path@" \
	-e " pause-function@" \
	-e " personal-api@" \
	-e " play-audio@" \
	-e " playfair-display@" \
	-e " play-url@" \
	-e " post-data@" \
	-e " pref@" \
	-e " prettify-error@" \
	-e " prompt-input@" \
	-e " propertify@" \
	-e " property@" \
	-e " prova@" \
	-e " provinces@" \
	-e " pt-mono@" \
	-e " pt-serif@" \
	-e " radio-paradise-api@" \
	-e " random-color@" \
	-e " rdio-js-api@" \
	-e " read-cli-input@" \
	-e " read-json@" \
	-e " refine-object@" \
	-e " relative-date@" \
	-e " remotely@" \
	-e " render-loop@" \
	-e " require-sdk@" \
	-e " right-pad@" \
	-e " route-map@" \
	-e " run-after@" \
	-e " run-paralelly@" \
	-e " run-serially@" \
	-e " sanitize-object@" \
	-e " scrape-eksi@" \
	-e " scrape-pages@" \
	-e " scrape-url@" \
	-e " scraping-eksi@" \
	-e " scroll-bottom@" \
	-e " select-dom@" \
	-e " serial-loop@" \
	-e " serially@" \
	-e " set-content-type@" \
	-e " setup-docker@" \
	-e " shell-jobs@" \
	-e " show-help@" \
	-e " show-version@" \
	-e " shuffle-array@" \
	-e " simple.io@" \
	-e " simulate-touch@" \
	-e " slug-to-title@" \
	-e " socks-browser@" \
	-e " soundcloud-stream@" \
	-e " stream-format@" \
	-e " strip@" \
	-e " style-dom@" \
	-e " style-format@" \
	-e " subscribe@" \
	-e " subscription@" \
	-e " title-from-url@" \
	-e " toba-batak-dictionary@" \
	-e " to-class-name@" \
	-e " toledo-chess@" \
	-e " to-slug@" \
	-e " to-title@" \
	-e " try-call@" \
	-e " turkish-alphabet@" \
	-e " turkish-synonyms-api@" \
	-e " turkish-time@" \
	-e " unique-now@" \
	-e " uniques@" \
	-e " uzo@" \
	-e " validate-value@" \
	-e " variable-name@" \
	-e " video-canvas@" \
	-e " video-dimensions@" \
	-e " virtual-glue@");

	if [ -z "${MATCHES// }" ]; then
	echo "👍 No hijacked dependencies found.";
	else
	echo "🚫 Found hijacked dependencies:";
	echo "$MATCHES";
	fi