update README & npm run all

2020-11-12 10:45:24 +00:00
parent 56422b6d5a
commit 3868af0215
5 changed files with 22 additions and 18 deletions
--- a/.github/workflows/daily.yml
+++ b/.github/workflows/daily.yml
@@ -12,7 +12,7 @@ jobs:
      - uses: actions/checkout@v2
      - name: install dependencies
        run: npm ci
-      - uses: oke-py/npm-audit-action@v1.5.2
+      - uses: oke-py/npm-audit-action@v1.6.0
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          issue_assignees: oke-py
--- a/README.md
+++ b/README.md
@@ -58,7 +58,7 @@ jobs:
      - uses: actions/checkout@v2
      - name: install dependencies
        run: npm ci
-      - uses: oke-py/npm-audit-action@v1.5.2
+      - uses: oke-py/npm-audit-action@v1.6.0
        with:
          audit_level: moderate
          github_token: ${{ secrets.GITHUB_TOKEN }}
--- a/dist/index.js
+++ b/dist/index.js
@@ -556,9 +556,13 @@ class Audit {
        this.stdout = '';
        this.status = null;
    }
-    run(auditLevel) {
+    run(auditLevel, productionFlag) {
        try {
-            const result = child_process_1.spawnSync('npm', ['audit', '--audit-level', auditLevel], {
+            const auditOptions = ['audit', '--audit-level', auditLevel];
+            if (productionFlag === 'true') {
+                auditOptions.push('--production');
+            }
+            const result = child_process_1.spawnSync('npm', auditOptions, {
                encoding: 'utf-8',
                maxBuffer: SPAWN_PROCESS_BUFFER_SIZE
            });
@@ -1427,9 +1431,13 @@ function run() {
            if (!['critical', 'high', 'moderate', 'low'].includes(auditLevel)) {
                throw new Error('Invalid input: audit_level');
            }
+            const productionFlag = core.getInput('production_flag', { required: false });
+            if (!['true', 'false'].includes(productionFlag)) {
+                throw new Error('Invalid input: production_flag');
+            }
            // run `npm audit`
            const audit = new audit_1.Audit();
-            audit.run(auditLevel);
+            audit.run(auditLevel, productionFlag);
            core.info(audit.stdout);
            if (audit.foundVulnerability()) {
                // vulnerabilities are found
--- a/src/audit.ts
+++ b/src/audit.ts
@@ -9,20 +9,16 @@ export class Audit {

  public run(auditLevel: string, productionFlag: string): void {
    try {
-      const auditOptions: Array<string> =['audit', '--audit-level', auditLevel];
-      
-      if(productionFlag === 'true') {
-        auditOptions.push('--production');
+      const auditOptions: Array<string> = ['audit', '--audit-level', auditLevel]
+
+      if (productionFlag === 'true') {
+        auditOptions.push('--production')
      }

-      const result: SpawnSyncReturns<string> = spawnSync(
-        'npm',
-        auditOptions,
-        {
-          encoding: 'utf-8',
-          maxBuffer: SPAWN_PROCESS_BUFFER_SIZE
-        }
-      )
+      const result: SpawnSyncReturns<string> = spawnSync('npm', auditOptions, {
+        encoding: 'utf-8',
+        maxBuffer: SPAWN_PROCESS_BUFFER_SIZE
+      })

      if (result.error) {
        throw result.error
--- a/src/main.ts
+++ b/src/main.ts
@@ -25,7 +25,7 @@ export async function run(): Promise<void> {
      throw new Error('Invalid input: audit_level')
    }

-    const productionFlag = core.getInput('production_flag',  {required: false});
+    const productionFlag = core.getInput('production_flag', {required: false})
    if (!['true', 'false'].includes(productionFlag)) {
      throw new Error('Invalid input: production_flag')
    }