Expand Mini Shai-Hulud IOC coverage (#1921)

scripts/ci/scan-supply-chain-iocs.js

@@ -212,10 +212,20 @@ const MALICIOUS_PACKAGE_VERSIONS = {
 
 const CRITICAL_TEXT_INDICATORS = [
   '@tanstack/setup',
-  'github:tanstack/router#79ac49eedf774dd4b0cfa308722bc463cfe5885c',
+  [
+    'github:tanstack/router#79ac49eedf774dd4b0cf',
+    'a308722bc463cfe5885c',
+  ].join(''),
+  [
+    '79ac49eedf774dd4b0cf',
+    'a308722bc463cfe5885c',
+  ].join(''),
   'router_init.js',
   'router_runtime.js',
   'tanstack_runner.js',
+  'opensearch_init.js',
+  'vite_setup.mjs',
+  'bun run tanstack_runner.js',
   'execution.js',
   'transformers.pyz',
   'pgmonitor.py',
@@ -223,15 +233,34 @@ const CRITICAL_TEXT_INDICATORS = [
   'gh-token-monitor',
   'com.user.gh-token-monitor',
   'IfYouRevokeThisTokenItWillWipeTheComputerOfTheOwner',
+  [
+    'ab4fcadaec49c032',
+    '78063dd269ea5ee',
+    'f82d24f2124a8e15',
+    'd7b90f2fa8601266c',
+  ].join(''),
+  [
+    '2ec78d556d696e20',
+    '8927cc503d48e4b5e',
+    'b56b31abc2870c2e',
+    'd2e98d6be27fc96',
+  ].join(''),
+  'svksjrhjkcejg',
   'filev2.getsession.org',
   'seed1.getsession.org',
   'seed2.getsession.org',
   'seed3.getsession.org',
+  'signalservice',
+  'snode',
   'git-tanstack.com',
   'litter.catbox.moe/h8nc9u.js',
   'litter.catbox.moe/7rrc6l.mjs',
   '83.142.209.194',
   'api.masscan.cloud',
+  'claude@users.noreply.github.com',
+  'dependabout/',
+  'OhNoWhatsGoingOnWithGitHub',
+  'voicproducoes',
   'A Mini Shai-Hulud has Appeared',
   'Shai-Hulud: Here We Go Again',
   'PUSH UR T3MPRR',
@@ -268,6 +297,8 @@ const PAYLOAD_FILENAMES = new Set([
   'router_init.js',
   'router_runtime.js',
   'tanstack_runner.js',
+  'opensearch_init.js',
+  'vite_setup.mjs',
   'execution.js',
   'transformers.pyz',
   'pgmonitor.py',