From 9b35a0b338264508a69647ae5b49717830d997ca Mon Sep 17 00:00:00 2001
From: pdmarf <135653545+pdmarf@users.noreply.github.com>
Date: Fri, 17 Apr 2026 22:55:36 +0100
Subject: [PATCH] Ignore own process in root Node process check

---
 npm-security-check.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/npm-security-check.sh b/npm-security-check.sh
index f3b6e60..b778966 100755
--- a/npm-security-check.sh
+++ b/npm-security-check.sh
@@ -108,12 +108,18 @@ else
         # Check if each root process is inside a Docker cgroup (normal)
         while IFS= read -r proc; do
             PID=$(echo "$proc" | awk '{print $2}')
+            CMD=$(cat /proc/"$PID"/cmdline 2>/dev/null | tr '\0' ' ' || echo 'unreadable')
+            # Skip this script's own process
+            if echo "$CMD" | grep -qF "npm-security-check.sh"; then
+                ok "PID $PID is this script running — not a threat"
+                continue
+            fi
             CGROUP=$(cat /proc/"$PID"/cgroup 2>/dev/null | grep -c "docker" || true)
             if [[ "$CGROUP" -gt 0 ]]; then
                 ok "PID $PID runs as root but is inside a Docker container (normal)"
             else
                 warn "PID $PID is a root Node process outside Docker — review manually"
-                log "  Command: $(cat /proc/"$PID"/cmdline 2>/dev/null | tr '\0' ' ' || echo 'unreadable')"
+                log "  Command: $CMD"
             fi
         done <<< "$ROOT_PROCS"
     else