npm-audit-report
Advanced tools
npm-audit-report - npm Package Compare versions
Comparing version 4.0.0 to 5.0.0
@@ -1,9 +0,7 @@ | ||
| const chalk = require('chalk') | ||
| module.exports = color => { | ||
| const identity = x => x | ||
| const green = color ? s => chalk.green.bold(s) : identity | ||
| const red = color ? s => chalk.red.bold(s) : identity | ||
| const magenta = color ? s => chalk.magenta.bold(s) : identity | ||
| const yellow = color ? s => chalk.yellow.bold(s) : identity | ||
| const white = color ? s => chalk.bold(s) : identity | ||
| module.exports = (chalk) => { | ||
| const green = s => chalk.green.bold(s) | ||
| const red = s => chalk.red.bold(s) | ||
| const magenta = s => chalk.magenta.bold(s) | ||
| const yellow = s => chalk.yellow.bold(s) | ||
| const white = s => chalk.bold(s) | ||
| const severity = (sev, s) => sev.toLowerCase() === 'moderate' ? yellow(s || sev) | ||
@@ -13,3 +11,3 @@ : sev.toLowerCase() === 'high' ? red(s || sev) | ||
| : white(s || sev) | ||
| const dim = color ? s => chalk.dim(s) : identity | ||
| const dim = s => chalk.dim(s) | ||
@@ -16,0 +14,0 @@ return { |
@@ -15,3 +15,3 @@ 'use strict' | ||
| reporter = 'install', | ||
| color = true, | ||
| chalk, | ||
| unicode = true, | ||
@@ -39,5 +39,5 @@ indent = 2, | ||
| return { | ||
| report: reporters[reporter](data, { color, unicode, indent }), | ||
| report: reporters[reporter](data, { chalk, unicode, indent }), | ||
| exitCode: exitCode(data, auditLevel), | ||
| } | ||
| }, { reporters }) |
@@ -6,10 +6,10 @@ 'use strict' | ||
| module.exports = (data, { color }) => { | ||
| const summary = install.summary(data, { color }) | ||
| module.exports = (data, { chalk }) => { | ||
| const summary = install.summary(data, { chalk }) | ||
| const none = data.metadata.vulnerabilities.total === 0 | ||
| return none ? summary : fullReport(data, { color, summary }) | ||
| return none ? summary : fullReport(data, { chalk, summary }) | ||
| } | ||
| const fullReport = (data, { color, summary }) => { | ||
| const c = colors(color) | ||
| const fullReport = (data, { chalk, summary }) => { | ||
| const c = colors(chalk) | ||
| const output = [c.white('# npm audit report'), ''] | ||
@@ -16,0 +16,0 @@ |
| const colors = require('../colors.js') | ||
| const calculate = (data, { color }) => { | ||
| const c = colors(color) | ||
| const calculate = (data, { chalk }) => { | ||
| const c = colors(chalk) | ||
| const output = [] | ||
@@ -6,0 +6,0 @@ const { metadata: { vulnerabilities } } = data |
| { | ||
| "name": "npm-audit-report", | ||
| "version": "4.0.0", | ||
| "version": "5.0.0", | ||
| "description": "Given a response from the npm security api, render it into a variety of security reports", | ||
@@ -31,9 +31,6 @@ "main": "lib/index.js", | ||
| "license": "ISC", | ||
| "dependencies": { | ||
| "chalk": "^4.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@npmcli/eslint-config": "^3.0.1", | ||
| "@npmcli/template-oss": "4.5.1", | ||
| "require-inject": "^1.4.4", | ||
| "@npmcli/eslint-config": "^4.0.0", | ||
| "@npmcli/template-oss": "4.14.1", | ||
| "chalk": "^5.2.0", | ||
| "tap": "^16.0.0" | ||
@@ -62,4 +59,4 @@ }, | ||
| "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", | ||
| "version": "4.5.1" | ||
| "version": "4.14.1" | ||
| } | ||
| } |
@@ -62,5 +62,5 @@ # npm audit security report | ||
| | reporter | `install`, `detail`, `json`, `quiet` | `install` | specify which output format you want to use | | ||
| | color | `true`, `false` | `true` | indicates if some report elements should use colors | | ||
| | chalk | `Chalk` instance | required | a Chalk instance to use for colorizing strings. use `new chalk.Instance({ level: 0 })` for no colors | | ||
| | unicode | `true`, `false` | `true` | indicates if unicode characters should be used| | ||
| | indent | Number or String | `2` | indentation for `'json'` report| | ||
| | auditLevel | 'info', 'low', 'moderate', 'high', 'critical', 'none' | `low` (ie, exit 0 if only `info` advisories are found) | level of vulnerability that will trigger a non-zero exit code (set to 'none' to always exit with a 0 status code) | |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Dependency count
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-1.51%
11839
- Lines of code
- decreased by-0.97%
205
Dependency changes
- Removedchalk@^4.0.0
- Removedansi-styles@4.3.0(transitive)
- Removedchalk@4.1.2(transitive)
- Removedcolor-convert@2.0.1(transitive)
- Removedcolor-name@1.1.4(transitive)
- Removedhas-flag@4.0.0(transitive)
- Removedsupports-color@7.2.0(transitive)