Research
Feross Aboukhadijeh
Mikola Lysenko
June 27, 2023
A potential security risk in the npm ecosystem known as "manifest confusion" has recently been spotlighted by Darcy Clarke, former Staff Engineering Manager at GitHub.
Manifest confusion – a disparity between a package's manifest and its tarball contents – allows an attacker to include hidden install scripts and even entire hidden dependencies within a package. These hidden scripts and dependencies won’t show up on the npm website or in most security tools, even though they will be installed by the npm CLI. But don't worry – Socket has got you covered!
"Manifest confusion" refers to the fact that in the npm ecosystem, a package's manifest and its tarball are published independently. They are never fully validated against each other, making it possible for bad actors to hide malicious code and scripts. The npm registry has historically trusted the client for data validation, opening the door to potential misuse.
What's more, this issue isn't limited to the npm registry. It also affects various third-party organizations, package managers, and security tools - essentially, any tool or insight that uses the public registry.
As Darcy's original post puts it:
tldr;
No.
We're proud to share that Socket users can rest easy. We have been protecting you against "manifest confusion" since September 2022!
The Socket research team independently discovered this issue and implemented a fix promptly on September 5, 2022. Since then, all dependency analysis on Socket has been using the correct manifest file - the package.json inside the tarball - aligning perfectly with the installation behavior of every major package manager. This means any attempt to exploit the "manifest confusion" technique will not evade Socket’s analysis.
Additionally, we've made sure that our public package pages, such as this page for left-pad, now also use the correct data source.
In light of the publicity this technique is now receiving, we have deployed a new proactive detection. This means that if one of your dependencies attempts to use this technique, Socket will send you a critical security alert.
Existing Socket users can get protected by enabling the new "Manifest Confusion" detection in your Socket dashboard settings. We expect to enable this detection by default for all Socket users later this week.
If you're not using Socket, we encourage you to ensure that your security tooling use the package's contents for metadata. In all likelihood, your SCA tool does not handle this correctly. Without throwing any specific security vendors under the bus, we'll just share that literally none of the popular dependency security tools we have tested actually handle this issue correctly.
Darcy Clarke's discovery has emphasized the often-overlooked issue of data quality in software composition analysis (SCA) tooling. Many SCA tools take shortcuts, failing to understand the npm package installation process, which leads to missing entire dependencies.
While we won't point fingers, we want to stress the importance of rigorous, thorough tooling that evolves with the software landscape. At Socket, we strive for nothing less.
To immediately protect your projects, install Socket for free from the GitHub Marketplace. The install process takes 2-3 clicks and it starts working right away – no configuration necessary. Or, schedule a demo with an expert on our team.
We are committed to staying ahead of the curve, and our efforts to combat "manifest confusion" are testament to this commitment. We'll continue to work tirelessly to fight vulnerabilities and ensure supply chain protection for your JavaScript, Python, (and soon!) Go dependencies.
Our team appreciates the community's efforts in surfacing these potential threats. Together, we can ensure a secure, efficient, and transparent software ecosystem.
Stay Safe,
The Socket Security Team
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
