better-npm-audit
Advanced tools
better-npm-audit - npm Package Compare versions
Comparing version 1.0.1 to 1.1.0
30
index.js
@@ -14,2 +14,3 @@ #!/usr/bin/env node | ||
| const DIGIT_REGEX = /^\d+$/; | ||
| const DEFAULT_MESSSAGE_LIMIT = 100000; // characters | ||
@@ -27,3 +28,3 @@ function isNumber(string) { | ||
| program | ||
| .version('0.1.0') | ||
| .version('1.1.0') | ||
@@ -33,3 +34,4 @@ program | ||
| .description('execute npm audit') | ||
| .option("-i, --ignore <ids>", "Vulnerabilities ID(s) to ignore") | ||
| .option("-i, --ignore <ids>", 'Vulnerabilities ID(s) to ignore') | ||
| .option("-f, --full", `Display the full audit logs. Default to ${DEFAULT_MESSSAGE_LIMIT} characters.`) | ||
| .action(function(options) { | ||
@@ -56,9 +58,27 @@ if (options && options.ignore) { | ||
| const vulnerabilities = uniqueIds.filter(id => (userExceptionIds.indexOf(id) === -1)); | ||
| // Throw error if found more exceptions | ||
| // Throw error if we found more exceptions | ||
| if (vulnerabilities.length > 0) { | ||
| const message = `${vulnerabilities.length} vulnerabilities found. Node security advisories: ${vulnerabilities}` | ||
| const message = `${vulnerabilities.length} vulnerabilities found. Node security advisories: ${vulnerabilities}`; | ||
| throw new Error(message); | ||
| } | ||
| else { | ||
| console.info(data); | ||
| // If the display-all flag is passed in, display full audit logs | ||
| if (options.full) { | ||
| console.info(data); | ||
| } | ||
| // Otherwise, trim audit logs within the maximum characters limit | ||
| else { | ||
| const toDisplay = data.substring(0, DEFAULT_MESSSAGE_LIMIT); | ||
| // Display into console | ||
| console.info(toDisplay); | ||
| // Display additional info if it is not the full message | ||
| if (toDisplay.length < data.length) { | ||
| console.info(''); | ||
| console.info('...'); | ||
| console.info(''); | ||
| console.info('[MAXIMUM EXCEEDED] Logs exceeded the maximum characters limit. Add the flag `-f` to see the full audit logs.'); | ||
| console.info(''); | ||
| } | ||
| } | ||
| // Happy happy, joy joy | ||
| console.info('🤝 All good!'); | ||
@@ -65,0 +85,0 @@ } |
| { | ||
| "name": "better-npm-audit", | ||
| "version": "1.0.1", | ||
| "version": "1.1.0", | ||
| "author": "Jee Mok <jee.ict@hotmail.com>", | ||
@@ -5,0 +5,0 @@ "description": "Made to allow skipping certain vulnerabilities, and any extra handling that are not supported by the default npm audit in the future.", |
@@ -34,2 +34,8 @@ # Better NPM Audit | ||
| To avoid waterflow logging on your console, there is a character limit set to the output. To view the full audit logs, you can use `-f` or verbose `--full` flags | ||
| ``` | ||
| node node_modules/better-npm-audit audit -f | ||
| ``` | ||
| ## Examples | ||
@@ -36,0 +42,0 @@ |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by15.58%
8682
- Lines of code
- increased by34.48%
78
- Number of lines in readme file
- increased by4.35%
144