Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

lockfile-lint

Package Overview
Dependencies
Maintainers
1
Versions
74
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

lockfile-lint - npm Package Compare versions

Comparing version 4.0.0 to 4.1.0

src/config.js

20

bin/lockfile-lint.js

@@ -6,5 +6,13 @@ #!/usr/bin/env node

const main = require('../src/main')
const cli = require('../src/cli')
debug(`parsed the following CLI arguments: ${JSON.stringify(cli)}`)
let config
try {
config = require('../src/config')(process.argv)
debug(`parsed the following options: ${JSON.stringify(config)}`)
} catch (err) {
debug(`error loading options from CLI arguments/files: ${err}`)
process.exit(1)
}
let validators = []

@@ -17,3 +25,3 @@ const supportedValidators = new Map([

for (const [commandArgument, commandValue] of Object.entries(cli)) {
for (const [commandArgument, commandValue] of Object.entries(config)) {
if (supportedValidators.has(commandArgument)) {

@@ -25,3 +33,3 @@ const validatorItem = supportedValidators.get(commandArgument)

options: {
emptyHostname: cli['empty-hostname']
emptyHostname: config['empty-hostname']
}

@@ -35,4 +43,4 @@ })

result = main.runValidators({
path: cli['path'],
type: cli['type'],
path: config['path'],
type: config['type'],
validators

@@ -39,0 +47,0 @@ })

11

CHANGELOG.md

@@ -6,2 +6,13 @@ # Change Log

# [4.1.0](https://github.com/lirantal/lockfile-lint/compare/lockfile-lint@4.0.0...lockfile-lint@4.1.0) (2020-03-09)
### Features
* **cli:** add file-based configuration ([#75](https://github.com/lirantal/lockfile-lint/issues/75)) ([e183593](https://github.com/lirantal/lockfile-lint/commit/e183593))
# [4.0.0](https://github.com/lirantal/lockfile-lint/compare/lockfile-lint@3.0.18...lockfile-lint@4.0.0) (2020-02-20)

@@ -8,0 +19,0 @@

5

package.json
{
"name": "lockfile-lint",
"version": "4.0.0",
"version": "4.1.0",
"description": "A CLI to lint a lockfile for security policies",

@@ -55,2 +55,3 @@ "bin": {

"dependencies": {
"cosmiconfig": "^6.0.0",
"debug": "^4.1.1",

@@ -182,3 +183,3 @@ "lockfile-lint-api": "^5.0.12",

},
"gitHead": "3e894df6e50dc68745e916aca4545b7bc774d66b"
"gitHead": "b481e8046cc5b8736263c3ce130c9783677460c5"
}

13

README.md

@@ -81,2 +81,15 @@ <p align="center"><h1 align="center">

# File-Based Configuration
Lockfile-lint uses [cosmiconfig](https://github.com/davidtheclark/cosmiconfig) for configuration file support. This means you can configure the above options via (in order of precedence):
- A "lockfile-lint" key in your package.json file.
- A .lockfile-lintrc file, written in JSON or YAML, with optional extensions: .json/.yaml/.yml (without extension takes precedence).
- A .lockfile-lint.js or lockfilelint.config.js file that exports an object.
- A .lockfile-lint.toml file, written in TOML (the .toml extension is required).
The configuration file will be resolved starting from the current working directory, and searching up the file tree until a config file is (or isn't) found. Command-line options take precedence over any file-based configuration.
The options accepted in the configuration file are the same as the options above in camelcase (e.g. "path", "allowedHosts").
# Contributing

@@ -83,0 +96,0 @@ 

src/cli.js
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc