// npm 패키지
@aztec/foundation
버전
1175
메인테이너
6
최초 publish
2023-07-07
publisher
charlielye
tarball
1,653,901 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-06-04
// exfil path
what is read → where it shipssteals
- ● Seed phrase
sends to
(no destination string extracted — payload may be dynamic / obfuscated)
→ view full payload// publisher 캠페인by charlielye
이 계정에서 catch된 패키지 9건고립된 catch가 아닙니다. 동일 publisher가 8개의 다른 패키지를 추가로 발행했고, 모두 파이프라인이 catch했습니다 — 일회성이 아닌 조직적 캠페인의 형태. 아래 링크는 각 형제 catch의 분석으로 이동합니다.
// offending code· @4.3.1· 3 files flagged
- @4.3.1··AUTO-PUBLISHED·publisher: charlielyeheuristic 64/100static flags 5llm skippednew-publisher:15dmature-packagepublisher-multi-name-burst:17publisher-version-pump:18child-process-spawnreads-env-varshex-decodebase64-decodereads-seed-phrase
// offending code· 3 files flaggedpatterns: 5
--- package/src/timer/timeout.ts (excerpt) --- import { TimeoutError } from '../error/index.js'; import { promiseWithResolvers } from '../promise/utils.js'; /** * TimeoutTask class creates an instance for managing and executing a given asynchronous function with a specified timeout duration. * The task will be automatically interrupted if it exceeds the given timeout duration, and will throw a custom error message. * Additional information such as execution time can be retrieved using getTime method after the task has been executed. * * @typeparam T - The return type of the asynchronous function to be executed. */ export class TimeoutTask<T> { private totalTime = 0; private timeoutPromise: Promise<never> | undefined; constructor( private fn: (signal: AbortSignal) => Promise<T>, private timeout: number, private errorFn: () => Error, private onAbort?: () => void, ) {} /** * Executes the given function with a specified timeout. * If the function takes longer than the timeout, it will be interrupted and an error will be thrown. * The total execution time of the function will be stored in the totalTime property. * * @returns The result of the executed function if completed within the timeout. * @throws An error with a message indicating the function was interrupted due to exceeding the specified timeout. */ public async exec() { const signal = AbortSignal.timeout(this.timeout); this.timeoutPromise = new Promise<never>((_, reject) => { signal!.addEventListe --- package/src/testing/test_data.ts (excerpt) --- const testData: { [key: string]: unknown[] } = {}; /** Returns whether test data generation is enabled */ export function isGenerateTestDataEnabled() { return ['1', 'true'].includes(process.env.AZTEC_GENERATE_TEST_DATA ?? '') && typeof expect !== 'undefined'; } /** Pushes test data with the given name, only if test data generation is enabled. */ export function pushTestData<T>(itemName: string, data: T) { if (!isGenerateTestDataEnabled()) { return; } if (typeof expect === 'undefined') { return; } const testName = expect.getState().currentTestName; const fullItemName = `${testName} ${itemName}`; if (!testData[fullItemName]) { testData[fullItemName] = []; } testData[fullItemName].push(data); } /** Returns all instances of pushed test data with the given name, or empty if test data generation is not enabled. */ export function getTestData(itemName: string): unknown[] { if (!isGenerateTestDataEnabled()) { return []; } const testName = expect.getState().currentTestName; const fullItemName = `${testName} ${itemName}`; return testData[fullItemName]; } --- package/src/testing/files/index.ts (excerpt) --- import { existsSync, readFileSync, writeFileSync } from 'fs'; import { dirname, join, resolve } from 'path'; import { createConsoleLogger } from '../../log/console.js'; import { fileURLToPath } from '../../url/index.js'; import { isGenerateTestDataEnabled } from '../test_data.js'; /** Writes the contents specified to the target file if test data generation is enabled. */ export function writeTestData(targetFileFromRepoRoot: string, contents: string | Buffer, raw: boolean = false) { if (!isGenerateTestDataEnabled()) { return; } const targetFile = getPathToFile(targetFileFromRepoRoot); const toWrite = raw ? contents : typeof contents === 'string' ? contents : contents.toString('hex'); writeFileSync(targetFile, toWrite); const logger = createConsoleLogger('aztec:testing:test_data'); logger(`Wrote test data to ${targetFile}`); } export function readTestData(repoPath: string): Buffer { const targetFile = getPathToFile(repoPath); return readFileSync(targetFile); } /** * Looks for a variable assignment in the target file and updates the value, only if test data generation is enabled. * Note that a magic inline comment would be a cleaner approach, like `/* TEST-DATA-START *\/` and `/* TEST-DATA-END *\/`, * but running nargo fmt on it panics since the comment would be erased, so we roll with this for now. * @remarks Requires AZTEC_GENERATE_TEST_DATA=1 to be set */ export function updateInlineTestData(targetFileFromRepoRoot: string, itemName: string, valu
