This repository contains the implementation artifacts and evaluation benchmarks described in our ICSE paper: Containing Malicious Package Updates in npm with a Lightweight Permission System
Link to the paper arXiv version: https://arxiv.org/abs/2103.05769
In the root of this repository, you can find two source code directories: (i) permsystem, the JavaScript project that implements the permission system mechanisms and (ii) node-engine-with-permsystem, a modified version of the Node.js engine with the permission system as part of the code.
To build the project, just run the following command in your terminal:
npm install
To run unit tests, just run the following command in your terminal:
npm test
To run mutation tests, just run the following command in your terminal:
npx stryker run
You should have stryker installed in order for this command to work.
To build the project, just follow the original instructions in the README file of the project.
To build the project, just run the following command in your terminal:
npm install
After that, you may execute the scripts following the ordered numbers in their names.