Support for PDM package manager (Python)

README.md

@@ -35,6 +35,7 @@ Aikido Safe Chain supports the following package managers:
 - 📦 **poetry**
 - 📦 **uvx**
 - 📦 **pipx**
+- 📦 **pdm**
 
 # Usage
 
@@ -77,7 +78,7 @@ You can find all available versions on the [releases page](https://github.com/Ai
 ### Verify the installation
 
 1. **❗Restart your terminal** to start using the Aikido Safe Chain.
-   - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, pip, pip3, poetry, uv, uvx and pipx are loaded correctly. If you do not restart your terminal, the aliases will not be available.
+   - This step is crucial as it ensures that the shell aliases for npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, pip, pip3, poetry, uv, uvx, pipx and pdm are loaded correctly. If you do not restart your terminal, the aliases will not be available.
 
 2. **Verify the installation** by running the verification command:
 
@@ -108,7 +109,7 @@ You can find all available versions on the [releases page](https://github.com/Ai
 
    - The output should show that Aikido Safe Chain is blocking the installation of these test packages as they are flagged as malware.
 
-When running `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `rush`, `rushx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `uvx`, `poetry` and `pipx` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. It also intercepts Python module invocations for pip when available (e.g., `python -m pip install ...`, `python3 -m pip download ...`). If any malware is detected, it will prompt you to exit the command.
+When running `npm`, `npx`, `yarn`, `pnpm`, `pnpx`, `rush`, `rushx`, `bun`, `bunx`, `pip`, `pip3`, `uv`, `uvx`, `poetry`, `pipx` and `pdm` commands, the Aikido Safe Chain will automatically check for malware in the packages you are trying to install. It also intercepts Python module invocations for pip when available (e.g., `python -m pip install ...`, `python3 -m pip download ...`). If any malware is detected, it will prompt you to exit the command.
 
 You can check the installed version by running:
 
@@ -120,7 +121,7 @@ safe-chain --version
 
 ### Malware Blocking
 
-The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry and PyPI. When you run npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, pip, pip3, uv, uvx, poetry or pipx commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
+The Aikido Safe Chain works by running a lightweight proxy server that intercepts package downloads from the npm registry and PyPI. When you run npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, pip, pip3, uv, uvx, poetry, pipx or pdm commands, all package downloads are routed through this local proxy, which verifies packages in real-time against **[Aikido Intel - Open Sources Threat Intelligence](https://intel.aikido.dev/?tab=malware)**. If malware is detected in any package (including deep dependencies), the proxy blocks the download before the malicious code reaches your machine.
 
 ### Minimum package age
 
@@ -139,7 +140,7 @@ By default, the minimum package age is 48 hours. This provides an additional sec
 
 ### Shell Integration
 
-The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, and Python package managers (pip, uv, uvx, poetry, pipx). It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which manage the proxy server before executing the original commands. We currently support:
+The Aikido Safe Chain integrates with your shell to provide a seamless experience when using npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, and Python package managers (pip, uv, uvx, poetry, pipx, pdm). It sets up aliases for these commands so that they are wrapped by the Aikido Safe Chain commands, which manage the proxy server before executing the original commands. We currently support:
 
 - ✅ **Bash**
 - ✅ **Zsh**

packages/safe-chain/bin/aikido-pdm.js

@@ -0,0 +1,13 @@
+#!/usr/bin/env node
+
+import { main } from "../src/main.js";
+import { initializePackageManager } from "../src/packagemanager/currentPackageManager.js";
+import { setEcoSystem, ECOSYSTEM_PY } from "../src/config/settings.js";
+
+setEcoSystem(ECOSYSTEM_PY);
+initializePackageManager("pdm");
+
+(async () => {
+  var exitCode = await main(process.argv.slice(2));
+  process.exit(exitCode);
+})();

packages/safe-chain/bin/safe-chain.js

@@ -21,7 +21,7 @@ import { main } from "../src/main.js";
 import path from "path";
 import { fileURLToPath } from "url";
 import fs from "fs";
-import { knownAikidoTools } from "../src/shell-integration/helpers.js";
+import { knownAikidoTools, getPackageManagerList } from "../src/shell-integration/helpers.js";
 import { getInstalledSafeChainDir } from "../src/installLocation.js";
 
 /** @type {string} */
@@ -114,7 +114,7 @@ function writeHelp() {
   ui.writeInformation(
     `- ${chalk.cyan(
       "safe-chain setup",
-    )}: This will setup your shell to wrap safe-chain around npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, pip and pip3.`,
+    )}: This will setup your shell to wrap safe-chain around ${getPackageManagerList()}.`,
   );
   ui.writeInformation(
     `- ${chalk.cyan(

packages/safe-chain/package.json

@@ -25,6 +25,7 @@
     "aikido-python3": "bin/aikido-python3.js",
     "aikido-poetry": "bin/aikido-poetry.js",
     "aikido-pipx": "bin/aikido-pipx.js",
+    "aikido-pdm": "bin/aikido-pdm.js",
     "safe-chain": "bin/safe-chain.js"
   },
   "type": "module",
@@ -39,7 +40,7 @@
   "keywords": [],
   "author": "Aikido Security",
   "license": "AGPL-3.0-or-later",
-  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [rush](https://rushjs.io/), [rushx](https://rushjs.io/pages/commands/rushx/), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), and [pip](https://pip.pypa.io/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, uv, uvx, or pip/pip3 from downloading or running the malware.",
+  "description": "The Aikido Safe Chain wraps around the [npm cli](https://github.com/npm/cli), [npx](https://github.com/npm/cli/blob/latest/docs/content/commands/npx.md), [yarn](https://yarnpkg.com/), [pnpm](https://pnpm.io/), [pnpx](https://pnpm.io/cli/dlx), [rush](https://rushjs.io/), [rushx](https://rushjs.io/pages/commands/rushx/), [bun](https://bun.sh/), [bunx](https://bun.sh/docs/cli/bunx), [uv](https://docs.astral.sh/uv/) (Python), [pip](https://pip.pypa.io/), and [pdm](https://pdm-project.org/) to provide extra checks before installing new packages. This tool will detect when a package contains malware and prompt you to exit, preventing npm, npx, yarn, pnpm, pnpx, rush, rushx, bun, bunx, uv, uvx, pip/pip3, or pdm from downloading or running the malware.",
   "dependencies": {
     "certifi": "14.5.15",
     "chalk": "5.4.1",

packages/safe-chain/src/packagemanager/currentPackageManager.js

@@ -13,6 +13,7 @@ import { createPipPackageManager } from "./pip/createPackageManager.js";
 import { createUvPackageManager } from "./uv/createUvPackageManager.js";
 import { createPoetryPackageManager } from "./poetry/createPoetryPackageManager.js";
 import { createPipXPackageManager } from "./pipx/createPipXPackageManager.js";
+import { createPdmPackageManager } from "./pdm/createPdmPackageManager.js";
 import { createRushPackageManager } from "./rush/createRushPackageManager.js";
 import { createRushxPackageManager } from "./rushx/createRushxPackageManager.js";
 import { createUvxPackageManager } from "./uvx/createUvxPackageManager.js";
@@ -69,6 +70,8 @@ export function initializePackageManager(packageManagerName, context) {
     state.packageManagerName = createPoetryPackageManager();
   } else if (packageManagerName === "pipx") {
     state.packageManagerName = createPipXPackageManager();
+  } else if (packageManagerName === "pdm") {
+    state.packageManagerName = createPdmPackageManager();
   } else if (packageManagerName === "rush") {
     state.packageManagerName = createRushPackageManager();
   } else if (packageManagerName === "rushx") {

packages/safe-chain/src/packagemanager/pdm/createPdmPackageManager.js

@@ -0,0 +1,72 @@
+import { ui } from "../../environment/userInteraction.js";
+import { safeSpawn } from "../../utils/safeSpawn.js";
+import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
+import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
+import { reportCommandExecutionFailure } from "../_shared/commandErrors.js";
+
+/**
+ * @returns {import("../currentPackageManager.js").PackageManager}
+ */
+export function createPdmPackageManager() {
+  return {
+    runCommand: (args) => runPdmCommand(args),
+
+    // MITM only approach for PDM
+    isSupportedCommand: () => false,
+    getDependencyUpdatesForCommand: () => [],
+  };
+}
+
+/**
+ * Sets CA bundle environment variables used by PDM and Python libraries.
+ * PDM uses httpx (via unearth) which respects SSL_CERT_FILE through Python's ssl module.
+ *
+ * @param {NodeJS.ProcessEnv} env - Environment object to modify
+ * @param {string} combinedCaPath - Path to the combined CA bundle
+ */
+function setPdmCaBundleEnvironmentVariables(env, combinedCaPath) {
+  // SSL_CERT_FILE: Used by Python SSL libraries and httpx (which PDM uses)
+  if (env.SSL_CERT_FILE) {
+    ui.writeWarning("Safe-chain: User defined SSL_CERT_FILE found in environment. It will be overwritten.");
+  }
+  env.SSL_CERT_FILE = combinedCaPath;
+
+  // REQUESTS_CA_BUNDLE: Used by the requests library (PDM plugins may use it)
+  if (env.REQUESTS_CA_BUNDLE) {
+    ui.writeWarning("Safe-chain: User defined REQUESTS_CA_BUNDLE found in environment. It will be overwritten.");
+  }
+  env.REQUESTS_CA_BUNDLE = combinedCaPath;
+
+  // PIP_CERT: PDM may use pip internally
+  if (env.PIP_CERT) {
+    ui.writeWarning("Safe-chain: User defined PIP_CERT found in environment. It will be overwritten.");
+  }
+  env.PIP_CERT = combinedCaPath;
+}
+
+/**
+ * Runs a pdm command with safe-chain's certificate bundle and proxy configuration.
+ *
+ * PDM respects standard HTTP_PROXY/HTTPS_PROXY environment variables through
+ * httpx which it uses for package downloads.
+ *
+ * @param {string[]} args - Command line arguments to pass to pdm
+ * @returns {Promise<{status: number}>} Exit status of the pdm command
+ */
+async function runPdmCommand(args) {
+  try {
+    const env = mergeSafeChainProxyEnvironmentVariables(process.env);
+
+    const combinedCaPath = getCombinedCaBundlePath();
+    setPdmCaBundleEnvironmentVariables(env, combinedCaPath);
+
+    const result = await safeSpawn("pdm", args, {
+      stdio: "inherit",
+      env,
+    });
+
+    return { status: result.status };
+  } catch (/** @type any */ error) {
+    return reportCommandExecutionFailure(error, "pdm");
+  }
+}

packages/safe-chain/src/packagemanager/pdm/createPdmPackageManager.spec.js

@@ -0,0 +1,14 @@
+import { test } from "node:test";
+import assert from "node:assert";
+import { createPdmPackageManager } from "./createPdmPackageManager.js";
+
+test("createPdmPackageManager", async (t) => {
+  await t.test("should create package manager with required interface", () => {
+    const pm = createPdmPackageManager();
+
+    assert.ok(pm);
+    assert.strictEqual(typeof pm.runCommand, "function");
+    assert.strictEqual(typeof pm.isSupportedCommand, "function");
+    assert.strictEqual(typeof pm.getDependencyUpdatesForCommand, "function");
+  });
+});

packages/safe-chain/src/shell-integration/helpers.js

@@ -120,6 +120,12 @@ export const knownAikidoTools = [
     ecoSystem: ECOSYSTEM_PY,
     internalPackageManagerName: "pipx",
   },
+  {
+    tool: "pdm",
+    aikidoCommand: "aikido-pdm",
+    ecoSystem: ECOSYSTEM_PY,
+    internalPackageManagerName: "pdm",
+  },
   // When adding a new tool here, also update the documentation for the new tool in the README.md
 ];
 

packages/safe-chain/src/shell-integration/startup-scripts/init-fish.fish

@@ -84,6 +84,10 @@ function pipx
     wrapSafeChainCommand "pipx" $argv
 end
 
+function pdm
+    wrapSafeChainCommand "pdm" $argv
+end
+
 function printSafeChainWarning
     set original_cmd $argv[1]
 

packages/safe-chain/src/shell-integration/startup-scripts/init-posix.sh

@@ -89,6 +89,10 @@ function pipx() {
   wrapSafeChainCommand "pipx" "$@"
 }
 
+function pdm() {
+  wrapSafeChainCommand "pdm" "$@"
+}
+
 function printSafeChainWarning() {
   # \033[43;30m is used to set the background color to yellow and text color to black
   # \033[0m is used to reset the text formatting

packages/safe-chain/src/shell-integration/startup-scripts/init-pwsh.ps1

@@ -83,6 +83,10 @@ function pipx {
     Invoke-WrappedCommand "pipx" $args $MyInvocation.Line $MyInvocation.OffsetInLine
 }
 
+function pdm {
+    Invoke-WrappedCommand "pdm" $args $MyInvocation.Line $MyInvocation.OffsetInLine
+}
+
 function Write-SafeChainWarning {
     param([string]$Command)
 

test/e2e/Dockerfile

@@ -79,6 +79,10 @@ RUN apt-get update && apt-get install -y pipx && \
         pipx install poetry && \
         ln -sf /root/.local/bin/poetry /usr/local/bin/poetry
 
+# Install PDM
+RUN pipx install pdm && \
+    ln -sf /root/.local/bin/pdm /usr/local/bin/pdm
+
 # Copy and install Safe chain
 COPY --from=builder /app/*.tgz /pkgs/
 RUN npm install -g /pkgs/*.tgz