better-npm-audit
Advanced tools
better-npm-audit - npm Package Compare versions
Comparing version 3.2.0-rc.3 to 3.2.0-rc.4
| { | ||
| "name": "better-npm-audit", | ||
| "version": "3.2.0-rc.3", | ||
| "version": "3.2.0-rc.4", | ||
| "author": "Jee Mok <jee.ict@hotmail.com>", | ||
@@ -5,0 +5,0 @@ "description": "Reshape npm audit into the way the community would like, by the community itself, to encourage more people to do security audits.", |
@@ -62,3 +62,3 @@ "use strict"; | ||
| // Using `.reduce` instead of `.every` to provide better overview details in the report | ||
| var trust = affectedModulePaths.reduce(function (_, affectedModule) { | ||
| var trust = affectedModulePaths.reduce(function (finalTrust, affectedModule) { | ||
| // Get all the dependencies that is using this reported module | ||
@@ -69,3 +69,3 @@ var dependencyPaths = mapModuleDependencies(affectedModule); | ||
| // Trust any of the dependency's decision if they say to ignore it | ||
| return dependencyPaths.some(function (path) { | ||
| var canTrust = dependencyPaths.some(function (path) { | ||
| var nsprcPath = path + ".nsprc"; | ||
@@ -94,3 +94,9 @@ // Try retrieving the `.nsprc` file | ||
| }); | ||
| }, false); | ||
| // We want every affected module paths to be validated `true`; | ||
| // so if trust is broken already (previous round returns `false`), we will continue to return `false` until the end | ||
| if (!finalTrust) { | ||
| return false; | ||
| } | ||
| return canTrust; | ||
| }, true); | ||
| return { | ||
@@ -97,0 +103,0 @@ scannedPaths: scannedPaths, |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.73%
41394
- Lines of code
- increased by0.85%
711