feat: add the ability to run with '--production' (#75)

* feat: add the ability to run with '--production' Adding the config options to run npm audit with the --production flag. Contributes to: #74 Signed-off-by: Stelios Gkiokas <s_giokas@hotmail.com> * fix: add tests Adding the relevant tests for the new production flag. Contributes to: #74 Signed-off-by: Stelios Gkiokas <s_giokas@hotmail.com>
2020-11-12 12:33:56 +02:00
parent 107a3c4a4a
commit 42e6d27a29
8 changed files with 56 additions and 9 deletions
--- a/src/audit.ts
+++ b/src/audit.ts
@@ -7,11 +7,17 @@ export class Audit {
  stdout = ''
  private status: number | null = null

-  public run(auditLevel: string): void {
+  public run(auditLevel: string, productionFlag: string): void {
    try {
+      const auditOptions: Array<string> =['audit', '--audit-level', auditLevel];
+      
+      if(productionFlag === 'true') {
+        auditOptions.push('--production');
+      }
+
      const result: SpawnSyncReturns<string> = spawnSync(
        'npm',
-        ['audit', '--audit-level', auditLevel],
+        auditOptions,
        {
          encoding: 'utf-8',
          maxBuffer: SPAWN_PROCESS_BUFFER_SIZE
--- a/src/main.ts
+++ b/src/main.ts
@@ -25,9 +25,14 @@ export async function run(): Promise<void> {
      throw new Error('Invalid input: audit_level')
    }

+    const productionFlag = core.getInput('production_flag',  {required: false});
+    if (!['true', 'false'].includes(productionFlag)) {
+      throw new Error('Invalid input: production_flag')
+    }
+
    // run `npm audit`
    const audit = new Audit()
-    audit.run(auditLevel)
+    audit.run(auditLevel, productionFlag)
    core.info(audit.stdout)

    if (audit.foundVulnerability()) {