Watchmaker gugol2
gugol2
/ check-qix-duckdb-attack.js
Created
September 10, 2025 12:02
bash file to check if your project has been affected by the latest npm attack https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env node | |
| /** | |
| * NPM Qix and DuckDB Attack Dependency Checker | |
| * Checks if your project contains any packages compromised in the September 8, 2025 Qix attack | |
| * | |
| * Usage: | |
| * node check-qix-duckdb-attack.js [path-to-project] | |
| * | |
| * If no path is provided, it will check the current directory |