this searches for packages in the recent npm attack - must have ripgrep installed

searchforbadpackages.sh

affected_packages=(
    "angulartics2"
    "@ahmedhfarag/ngx-perfect-scrollbar"
    "@ahmedhfarag/ngx-virtual-scroller"
    "@art-ws/common"
    "@art-ws/config-eslint"
    "@art-ws/config-ts"
    "@art-ws/db-context"
    "@art-ws/di"
    "@art-ws/di-node"
    "@art-ws/eslint"
    "@art-ws/fastify-http-server"
    "@art-ws/http-server"
    "@art-ws/openapi"
    "@art-ws/package-base"
    "@art-ws/prettier"
    "@art-ws/slf"
    "@art-ws/ssl-info"
    "@art-ws/web-app"
    "@crowdstrike/commitlint"
    "@crowdstrike/falcon-shoelace"
    "@crowdstrike/foundry-js"
    "@crowdstrike/glide-core"
    "@crowdstrike/logscale-dashboard"
    "@crowdstrike/logscale-file-editor"
    "@crowdstrike/logscale-parser-edit"
    "@crowdstrike/logscale-search"
    "@crowdstrike/tailwind-toucan-base"
    "@ctrl/deluge"
    "@ctrl/golang-template"
    "@ctrl/magnet-link"
    "@ctrl/ngx-codemirror"
    "@ctrl/ngx-csv"
    "@ctrl/ngx-emoji-mart"
    "@ctrl/ngx-rightclick"
    "@ctrl/qbittorrent"
    "@ctrl/react-adsense"
    "@ctrl/shared-torrent"
    "@ctrl/tinycolor"
    "@ctrl/torrent-file"
    "@ctrl/transmission"
    "@ctrl/ts-base32"
    "@hestjs/core"
    "@hestjs/cqrs"
    "@hestjs/demo"
    "@hestjs/eslint-config"
    "@hestjs/logger"
    "@hestjs/scalar"
    "@hestjs/validation"
    "@nativescript-community/arraybuffers"
    "@nativescript-community/gesturehandler"
    "@nativescript-community/perms"
    "@nativescript-community/sentry"
    "@nativescript-community/sqlite"
    "@nativescript-community/text"
    "@nativescript-community/typeorm"
    "@nativescript-community/ui-collectionview"
    "@nativescript-community/ui-document-picker"
    "@nativescript-community/ui-drawer"
    "@nativescript-community/ui-image"
    "@nativescript-community/ui-label"
    "@nativescript-community/ui-material-bottom-navigation"
    "@nativescript-community/ui-material-bottomsheet"
    "@nativescript-community/ui-material-core"
    "@nativescript-community/ui-material-core-tabs"
    "@nativescript-community/ui-material-ripple"
    "@nativescript-community/ui-material-tabs"
    "@nativescript-community/ui-pager"
    "@nativescript-community/ui-pulltorefresh"
    "@nexe/config-manager"
    "@nexe/eslint-config"
    "@nexe/logger"
    "@nstudio/angular"
    "@nstudio/focus"
    "@nstudio/nativescript-checkbox"
    "@nstudio/nativescript-loading-indicator"
    "@nstudio/ui-collectionview"
    "@nstudio/web"
    "@nstudio/web-angular"
    "@nstudio/xplat"
    "@nstudio/xplat-utils"
    "@operato/board"
    "@operato/data-grist"
    "@operato/graphql"
    "@operato/headroom"
    "@operato/help"
    "@operato/i18n"
    "@operato/input"
    "@operato/layout"
    "@operato/popup"
    "@operato/pull-to-refresh"
    "@operato/shell"
    "@operato/styles"
    "@operato/utils"
    "@teselagen/bio-parsers"
    "@teselagen/bounce-loader"
    "@teselagen/file-utils"
    "@teselagen/liquibase-tools"
    "@teselagen/ove"
    "@teselagen/range-utils"
    "@teselagen/react-list"
    "@teselagen/react-table"
    "@teselagen/sequence-utils"
    "@teselagen/ui"
    "@thangved/callback-window"
    "@things-factory/attachment-base"
    "@things-factory/auth-base"
    "@things-factory/email-base"
    "@things-factory/env"
    "@things-factory/integration-base"
    "@things-factory/integration-marketplace"
    "@things-factory/shell"
    "@tnf-dev/api"
    "@tnf-dev/core"
    "@tnf-dev/js"
    "@tnf-dev/mui"
    "@tnf-dev/react"
    "@ui-ux-gang/devextreme-angular-rpk"
    "@yoobic/design-system"
    "@yoobic/jpeg-camera-es6"
    "@yoobic/yobi"
    "airchief"
    "airpilot"
    "browser-webdriver-downloader"
    "capacitor-notificationhandler"
    "capacitor-plugin-healthapp"
    "ember-browser-services"
    "ember-headless-form"
    "ember-headless-form-yup"
    "ember-headless-table"
    "ember-url-hash-polyfill"
    "ember-velcro"
    "encounter-playground"
    "eslint-config-crowdstrike"
    "eslint-config-crowdstrike-node"
    "eslint-config-teselagen"
    "graphql-sequelize-teselagen"
    "json-rules-engine-simplified"
    "koa2-swagger-ui"
    "monorepo-next"
    "ng2-file-upload"
    "ngx-bootstrap"
    "ngx-color"
    "ngx-toastr"
    "ngx-trend"
    "oradm-to-gql"
    "oradm-to-sqlz"
    "ove-auto-annotate"
    "react-complaint-image"
    "react-jsonschema-form-conditionals"
    "react-jsonschema-form-extras"
    "react-jsonschema-rxnt-extras"
    "remark-preset-lint-crowdstrike"
    "rxnt-authentication"
    "rxnt-healthchecks-nestjs"
    "rxnt-kue"
    "swc-plugin-component-annotate"
    "tg-client-query-builder"
    "tg-redbird"
    "tg-seq-gen"
    "ts-gaussian"
    "ve-bamreader"
    "ve-editor"
    "verror-extra"
    "yargs-help-output"
)

#Build regex pattern like ("pkg1":|"pkg2":|...)
pattern=$(printf '"%s":|' "${affected_packages[@]}")
pattern="${pattern%|}"  # Remove trailing |

#Directory to search, default to current
dir="${1:-.}"

#Search with rg: show file:line:match
echo "Searching for affected packages in package.json files under $dir..."
results=$(rg --no-messages -H --glob '**/package.json' "$pattern" "$dir")

if [ -z "$results" ]; then
    echo "No affected packages found in any package.json files."
else
    echo "$results"
    echo
    echo "Found potential matches. Review the versions in these files against known malicious ones and update/remove if necessary."
fi