snyk-report
Advanced tools
snyk-report - npm Package Compare versions
Comparing version 0.1.3 to 0.1.4
@@ -0,1 +1,3 @@ | ||
| * **0.1.4** - Support authentication. | ||
| * **0.1.3** - Updated dependencies. | ||
| * **0.1.2** - Update error handling to prevent build failure | ||
@@ -6,2 +8,1 @@ * **0.1.1** - Updated repo URL in package.json | ||
| * **0.0.1** - Initial release. | ||
@@ -14,2 +14,5 @@ 'use strict'; | ||
| } | ||
| if (process.env.SNYK_API_TOKEN) { | ||
| snyk.api = process.env.SNYK_API_TOKEN; | ||
| } | ||
| snyk.test(targetPath, {}) | ||
@@ -16,0 +19,0 @@ .then(function(results) { |
| { | ||
| "name": "snyk-report", | ||
| "version": "0.1.3", | ||
| "version": "0.1.4", | ||
| "description": "Assists in generating human readable snyk reports for CI integration", | ||
@@ -5,0 +5,0 @@ "main": "lib/report.js", |
@@ -16,2 +16,6 @@ # snyk-report | ||
| Before this module can be used authentication with the Snyk API will need to be setup. For more details see [Snyk CLI Authentication](https://snyk.io/docs/using-snyk#authentication). | ||
| Alternatively this module allows the environment variable `SNYK_API_TOKEN` to be set containing the correct authentication token. | ||
| An example script has been included, which demonstrates `snyk-report` being run against either a directory pointed to by the `REPO_DIR` environment variable, or the current directory if it is not defined. | ||
@@ -18,0 +22,0 @@ |
@@ -21,2 +21,37 @@ 'use strict'; | ||
| context('without a environment token', function() { | ||
| var token; | ||
| before(function() { | ||
| token = snyk.api; | ||
| report('NOTEXISTS', function() {}); | ||
| }); | ||
| it('does not change the token', function() { | ||
| expect(snyk.api).to.equal(token); | ||
| }); | ||
| }); | ||
| context('with a environment token', function() { | ||
| var token; | ||
| before(function() { | ||
| token = snyk.api; | ||
| process.env.SNYK_API_TOKEN = 'TESTTOKEN'; | ||
| report('NOTEXISTS', function() {}); | ||
| }); | ||
| after(function() { | ||
| snyk.api = token; | ||
| }); | ||
| it('sets the token from the environment', function() { | ||
| expect(snyk.api).to.equal('TESTTOKEN'); | ||
| }); | ||
| }); | ||
| context('without a callback', function() { | ||
@@ -23,0 +58,0 @@ |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.65%
19198
- Lines of code
- increased by5.91%
484
- Number of lines in readme file
- increased by10%
44
Worsened metrics
- Number of low supply chain risk alerts
- increased by300%
4