Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@medic/audit-dependencies
Advanced tools
@medic/audit-dependencies - npm Package Compare versions
Comparing version 0.0.1 to 0.0.2
| { | ||
| "name": "@medic/audit-dependencies", | ||
| "version": "0.0.1", | ||
| "version": "0.0.2", | ||
| "description": "Caches the results of npm audit so it only runs if the package-lock.json changes.", | ||
| "bin": { | ||
| "audit": "src/bin/audit.js", | ||
| "check": "src/bin/check.js" | ||
| "audit-dependencies": "src/cli.js" | ||
| }, | ||
@@ -9,0 +8,0 @@ "scripts": { |
@@ -52,5 +52,3 @@ const { spawn } = require('child_process'); | ||
| if (error.length) { | ||
| console.error(`${error.length} unpermitted vulnerabilities found.`); | ||
| console.log(`Run 'npm audit' for more information then fix the issue or add the ID to the '.auditrc.json' 'permitted' array.`); | ||
| return callback(null, false); | ||
| return callback(new Error(`${error.length} unpermitted vulnerabilities found.`)); | ||
| } | ||
@@ -62,4 +60,3 @@ cache.permitted = warn; | ||
| } | ||
| console.warn(`${warn.length} permitted vulnerabilities found.`); | ||
| callback(null, true) | ||
| callback(); | ||
| }); | ||
@@ -69,3 +66,3 @@ }); | ||
| const run = callback => { | ||
| module.exports = callback => { | ||
| audit((err, audit) => { | ||
@@ -75,17 +72,10 @@ if (err) { | ||
| } | ||
| check(audit, callback); | ||
| check(audit, err => { | ||
| if (err) { | ||
| return callback(err); | ||
| } | ||
| console.log('No unpermitted vulnerabilities found.'); | ||
| return callback(); | ||
| }); | ||
| }); | ||
| }; | ||
| run((err, passed) => { | ||
| if (err) { | ||
| console.error(err); | ||
| process.exit(1); | ||
| return; | ||
| } | ||
| if (!passed) { | ||
| process.exit(1); | ||
| return; | ||
| } | ||
| console.log('✓ No unpermitted vulnerabilities found'); | ||
| }); |
@@ -5,7 +5,13 @@ const { getCache, getPackageLockHash } = require('../lib/utils'); | ||
| getPackageLockHash((err, current) => { | ||
| callback(err, cache.verified_hash === current); | ||
| if (err) { | ||
| return callback(err); | ||
| } | ||
| if (cache.verified_hash !== current) { | ||
| return callback(new Error('The "package-lock.json" has not been verified. Run `npx @medic/audit-dependencies audit` to verify your dependencies.')); | ||
| } | ||
| callback(); | ||
| }); | ||
| }; | ||
| const run = callback => { | ||
| module.exports = callback => { | ||
| getCache((err, cache) => { | ||
@@ -15,18 +21,10 @@ if (err) { | ||
| } | ||
| validatePackageLock(cache, callback); | ||
| validatePackageLock(cache, err => { | ||
| if (err) { | ||
| return callback(err); | ||
| } | ||
| console.log('The "package-lock.json" matches the previously verified version.'); | ||
| callback(); | ||
| }); | ||
| }); | ||
| }; | ||
| run((err, valid) => { | ||
| if (err) { | ||
| console.error(err); | ||
| process.exit(1); | ||
| return; | ||
| } | ||
| if (!valid) { | ||
| console.error('✗ The "package-lock.json" has not been verified. Run `npx @medic/audit-dependencies audit` to verify your dependencies.'); | ||
| process.exit(1); | ||
| return; | ||
| } | ||
| console.log('✓ The "package-lock.json" matches the previously verified version.'); | ||
| }); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.76%
4843
- Number of package files
- increased by20%
6
- Lines of code
- increased by7.48%
158
No dependency changes