Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

lockfile-lint

Package Overview
Dependencies
Maintainers
2
Versions
74
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

lockfile-lint - npm Package Compare versions

Comparing version 4.7.7 to 4.8.0

51

bin/lockfile-lint.js

@@ -39,2 +39,4 @@ #!/usr/bin/env node

const isPrettyFormat = config['format'] === 'pretty'
let validators = []

@@ -84,11 +86,6 @@ const supportedValidators = new Map([

} catch (error) {
console.error(
YELLOW,
`${symbols.info} ABORTING lockfile lint process due to error exceptions`,
'\n',
RESET
)
warn('ABORTING lockfile lint process due to error exceptions')
console.error(error.message, '\n')
console.error(error.stack, '\n')
console.error(RED, `${symbols.error} Error: command failed with exit code 1`, '\n', RESET)
error('Error: command failed with exit code 1')
process.exit(1)

@@ -104,6 +101,42 @@ }

if (validatorFailures !== 0) {
console.error(RED, `${symbols.error} Error: security issues detected!`, '\n', RESET)
error('Error: security issues detected!')
process.exit(1)
} else {
console.info(GREEN, `${symbols.success} No issues detected`, '\n', RESET)
success('No issues detected')
}
function success (message) {
const m = [
isPrettyFormat ? GREEN : '',
isPrettyFormat ? symbols.success : '',
message,
'\n',
isPrettyFormat ? RESET : ''
].filter(e => !!e)
console.info(m.join(' '))
}
function warn (message) {
const m = [
isPrettyFormat ? YELLOW : '',
isPrettyFormat ? symbols.info : '',
message,
'\n',
isPrettyFormat ? RESET : ''
].filter(e => !!e)
console.error(m.join(' '))
}
function error (message) {
const m = [
isPrettyFormat ? RED : '',
isPrettyFormat ? symbols.error : '',
message,
'\n',
isPrettyFormat ? RESET : ''
].filter(e => !!e)
console.error(m.join(' '))
}

11

CHANGELOG.md

@@ -6,2 +6,13 @@ # Change Log

# 4.8.0 (2022-08-10)
### Features
* add format options for report output ([#134](https://github.com/lirantal/lockfile-lint/issues/134)) ([4667c3d](https://github.com/lirantal/lockfile-lint/commit/4667c3d))
## 4.7.7 (2022-07-22)

@@ -8,0 +19,0 @@

6

package.json
{
"name": "lockfile-lint",
"version": "4.7.7",
"version": "4.8.0",
"description": "A CLI to lint a lockfile for security policies",

@@ -57,3 +57,3 @@ "bin": {

"debug": "^4.1.1",
"lockfile-lint-api": "^5.2.7",
"lockfile-lint-api": "^5.3.0",
"yargs": "^16.0.0"

@@ -183,3 +183,3 @@ },

},
"gitHead": "a69c63cfe08af9b588f5cccae69be5e9c49e0584"
"gitHead": "af23496d9a1e94ec03441c25a27584edcc13b882"
}

1

README.md

@@ -83,2 +83,3 @@ <p align="center"><h1 align="center">

| `--type`, `-t` | lockfile type, options are `npm` or `yarn` | ✅ |
| `--format`, `-f` | sets what type of report output is desired, one of [ `pretty`, `plain` ] with `plain` removing colors & status symbols from output | ✅ |
| `--validate-https`, `-s` | validates the use of HTTPS as protocol schema for all resources in the lockfile | ✅ |

@@ -85,0 +86,0 @@ | `--allowed-hosts`, `-a` | validates a list of allowed hosts to be used for all resources in the lockfile. Supported short-hands aliases are `npm`, `yarn`, and `verdaccio` which will match URLs `https://registry.npmjs.org`, `https://registry.yarnpkg.com` and `https://registry.verdaccio.org` respectively | ✅ |

7

src/config.js

@@ -77,2 +77,9 @@ 'use strict'

describe: 'validates a whitelist of allowed URLs to be used for resources in the lockfile'
},
f: {
alias: ['format'],
type: 'string',
description: 'format of the report output',
choices: ['plain', 'pretty'],
default: 'pretty'
}

@@ -79,0 +86,0 @@ })

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc