Skip to content

Add support for Bun's package manager#257

Open
lohmander wants to merge 18 commits intoDataDog:mainfrom
lohmander:lohmander/add-bun-support
Open

Add support for Bun's package manager#257
lohmander wants to merge 18 commits intoDataDog:mainfrom
lohmander:lohmander/add-bun-support

Conversation

@lohmander
Copy link
Copy Markdown

@lohmander lohmander commented Apr 10, 2026

Implements support for Bun's package manager. Issue #256

lohmander added 18 commits April 2, 2026 12:43
@lohmander
feat: add support for bun's package manager
a84c61a
@lohmander
fix: add Bun ecosystem support to all verifiers
0e77719 
- Add ECOSYSTEM.Bun to PackageAgeVerifier supported ecosystems
- Add ECOSYSTEM.Bun to OsvVerifier supported ecosystems
- Add case for ECOSYSTEM.Bun in ecosystem match statements
- Map Bun packages to 'npm' ecosystem for OSV API queries (Bun uses npm registry)
- Add ECOSYSTEM.Bun to DatadogMaliciousPackagesVerifier supported ecosystems
- Add graceful error handling for missing Bun manifest in DD verifier

This ensures Bun packages are properly verified and blocked when malicious.
@lohmander
fix: Bun aliases
5496dcf
@lohmander
chore: refactor and remove unnused fn
4749a54
@lohmander
test: update Bun tests
cbd3f36
@lohmander
fix: harden bun package manager support
49cd819
@lohmander
fix: tighten bun support integration
261a363
@lohmander
fix: handle bun prerelease versions
1efcc30
@lohmander
fix: remove unnecessary whitespace in slice operations
d014ff1
@lohmander
chore: revert formatting
aab98fb
@lohmander
chort: revert more formatting, and the added timeout for querying the
f8b46d1 
npm registry
@lohmander
chore: undo some auto formatting
de8847c
@lohmander
fix: re-use npm age verifier for bun
9a09ab5
@lohmander
fix: improve package parsing in Bun package manager
90da3c2
@lohmander
fix: set minimum Bun version to 1.3.0
1f947ea
@lohmander
fix: Update Bun versions in test workflow
f94c87d
@lohmander
fix: remove bun ecosystem and use npm instead
6d8726c
@lohmander
fix: revert formatting in scfw/verifiers/age_verifier/npm.py
65eb826
@lohmander lohmander requested a review from a team as a code owner April 10, 2026 11:35
@ikretz ikretz self-assigned this Apr 15, 2026
@ikretz
Copy link
Copy Markdown
Collaborator

ikretz commented Apr 21, 2026

Hi @lohmander ,

Thanks for the contribution to SCFW! This looks good on a first-pass review, and I'll have time to get into the details this week.

In the event that I see things to be added or changed, would you prefer to handle those items yourself or should I just go ahead and push to your branch?

@lohmander
Copy link
Copy Markdown
Author

lohmander commented Apr 21, 2026

Hi @lohmander ,

Thanks for the contribution to SCFW! This looks good on a first-pass review, and I'll have time to get into the details this week.

In the event that I see things to be added or changed, would you prefer to handle those items yourself or should I just go ahead and push to your branch?

Great!

Feel free to add/edit anything that needs to be changed, or ping me if you'd prefer I fix it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@ikretz ikretz

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lohmander @ikretz