Script to check for npm packages affected by the Shai-Halud vulnerability. Once you've read the code, run it from the root of an npm or pnpm project.

shai-halud-scanner.sh

#!/bin/bash

echo "Find npm packages that are affected by the Shai Halud vulnerability."

# Source: https://socket.dev/blog/ongoing-supply-chain-attack-targets-crowdstrike-npm-packages
dependencies=(
  "@ahmedhfarag/[email protected]"
  "@ahmedhfarag/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@art-ws/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@crowdstrike/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@ctrl/[email protected]"
  "@hestjs/[email protected]"
  "@hestjs/[email protected]"
  "@hestjs/[email protected]"
  "@hestjs/[email protected]"
  "@hestjs/[email protected]"
  "@hestjs/[email protected]"
  "@hestjs/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nativescript-community/[email protected]"
  "@nexe/[email protected]"
  "@nexe/[email protected]"
  "@nexe/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@nstudio/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@operato/[email protected]"
  "@rxap/[email protected]"
  "@rxap/[email protected]"
  "@teriyakibomb/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@teselagen/[email protected]"
  "@thangved/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@things-factory/[email protected]"
  "@tnf-dev/[email protected]"
  "@tnf-dev/[email protected]"
  "@tnf-dev/[email protected]"
  "@tnf-dev/[email protected]"
  "@tnf-dev/[email protected]"
  "@ui-ux-gang/[email protected]"
  "@yoobic/[email protected]"
  "@yoobic/[email protected]"
  "@yoobic/[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
  "[email protected]"
)

if [ -f "package-lock.json" ]; then
  package_manager="npm"
elif [ -f "pnpm-lock.yaml" ]; then
  package_manager="pnpm"
else
  echo "No package-lock.json or pnpm-lock.yaml found. Exiting."
  exit 1
fi

found_dependencies=()
echo "Checking for ${#dependencies[@]} affected versions using $package_manager..."
for dep in "${dependencies[@]}"; do
  echo "  $((++i)): $dep"
  package_name=$(echo "$dep" | cut -d '@' -f 1-2)
  if [ "$package_manager" = "npm" ]; then
    if npm ls "$dep" | grep -q "$package_name"; then
      found_dependencies+=("$dep")
    fi
  elif [ "$package_manager" = "pnpm" ]; then
    if pnpm ls "$dep" | grep -q "$package_name"; then
      found_dependencies+=("$dep")
    fi
  fi
done

echo ""

if [ ${#found_dependencies[@]} -eq 0 ]; then
  echo "No vulnerable dependencies found."
else
  echo "Found ${#found_dependencies[@]} vulnerable dependencies:"
  for found in "${found_dependencies[@]}"; do
    echo " - $found"
  done
fi