allowlist unrs-resolver:postinstall in supply-chain scanner

Author: stephanrauh

build-tools/search-for-shai-hulud.sh

@@ -66,7 +66,7 @@ SUSP_DOMAINS='(webhook\.site|requestbin|oast|ngrok|pastebin|transfer\.sh|bin\.st
 
 # Allowlist: bekannte legitime package+hook Kombinationen (Regex on "name:hook")
 # Note: These are known safe packages with legitimate install scripts
-ALLOW_HOOKS='^(esbuild:postinstall|nice-napi:install|mime:prepare|core-js:postinstall|@puppeteer/browsers:postinstall|lmdb:install|msgpackr-extract:install)$'
+ALLOW_HOOKS='^(esbuild:postinstall|nice-napi:install|mime:prepare|core-js:postinstall|@puppeteer/browsers:postinstall|lmdb:install|msgpackr-extract:install|unrs-resolver:postinstall)$'
 
 # Files that are safe to have download/install scripts (full paths relative to package)
 ALLOW_FILES='(node_modules/esbuild/install\.js|node_modules/nice-napi/.*|node_modules/@puppeteer/browsers/.*|node_modules/core-js/postinstall\.js|node_modules/piscina/scripts/run-tests\.js)'