nna/npm-audit-action
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
376 Commits 1 Branch 2 Tags
main
Commit Graph

32 Commits

Author SHA1 Message Date
Naoki Oketani
d5d84ff3f1 fix(lint): resolve @typescript-eslint/no-explicit-any warnings 2025-05-07 12:11:12 +00:00
Naoki Oketani
307d90f9c7 fix(eslint): resolve @typescript-eslint/no-unused-vars errors 2025-05-07 11:58:37 +00:00
Naoki Oketani
0ac2be2860 fix: suppress unnecessary output during test execution 2025-05-07 11:18:01 +00:00
Naoki Oketani
f45ed00267 style(format): format code with Prettier 2025-05-05 13:37:57 +00:00
Naoki Oketani
fa975d057b fix: resolve prettier and eslint conflict by removing bracketSpacing: false 2025-05-03 12:32:25 +00:00
Naoki Oketani
ed6e8d71b4 feat: migrate codebase to ES Modules 2025-05-03 02:15:44 +00:00
Naoki Oketani
2564984eab refactor(testing): migrate from Jest to Vitest for testing framework 2025-05-02 14:03:34 +00:00
Naoki Oketani
179abbdc1c fix: Update express and typescript in test data to fix vulnerabilities 2025-05-02 01:58:18 +00:00
Naoki Oketani
cf7dcfffcf Fix tests to work with @octokit/rest v21.1.1 2025-05-01 13:18:37 +00:00
Naoki Oketani
0cbdd1f2f3 refactor: replace axios call with octokit 2023-04-22 13:29:59 +00:00
Naoki Oketani
b3d30b2367 chore(package): bump jest from 27.2.5 to 29.3.1 2022-12-18 14:09:18 +09:00
Naoki Oketani
8ada989698 test: fix CVE-2022-24999 in testdata to avoid failure unit test 2022-12-10 22:07:37 +09:00
Naoki Oketani
e434d1ce70 update dependencies (#96) 
* Bump @actions/core from 1.3.0 to 1.6.0

* Bump @actions/github from 4.0.0 to 5.0.0

* Bump @octokit/rest from 18.5.6 to 18.12.0

* Bump strip-ansi from 6.0.0 to 6.0.1
 2021-10-09 12:22:18 +09:00
Pavish Kumar
9e9a90b41e Retain spaces within label (#95) 2021-10-08 21:17:46 +09:00
Naoki Oketani
47dbb726b6 feature: support create_issues, create_pr_comments flag (#93) 
* doc: support new parameter create_issues, create_pr_comments

* feature: support create_pr_comments flag

* feature: support create_issues flag
 2021-10-03 09:26:16 +09:00
sgkiokas
c4cd169835 feat: add the ability to run with '--json' and output the result (#78) 
* addition-of-json-flag

* Set output of npn audit
 2020-12-12 20:56:05 +09:00
sgkiokas
42e6d27a29 feat: add the ability to run with '--production' (#75) 
* feat: add the ability to run with '--production'

Adding the config options to run npm audit with the --production flag.

Contributes to: #74

Signed-off-by: Stelios Gkiokas <s_giokas@hotmail.com>

* fix: add tests

Adding the relevant tests for the new production flag.

Contributes to: #74

Signed-off-by: Stelios Gkiokas <s_giokas@hotmail.com>
 2020-11-12 19:33:56 +09:00
Spencer Small
b0bc596f8e Catch errors thrown by Audit.run and increase child process buffer size (#67) 
* Audit.run does not need to be async

* Set max buffer size for npm audit subprocess to 10MiB
 2020-07-14 18:59:28 +09:00
Spencer Small
261cbab716 Support de-duping issues (#65) 
* De-dupe against open issues when dedupe_issues = true

* Update README

* Fix compile errors

* Add unit tests for issue.ts
 2020-05-28 07:18:45 +09:00
Naoki Oketani
5209022168 support different working directory (#64) 
* support different working directory

* validate working_directory
 2020-05-23 15:59:51 +09:00
Naoki Oketani
ad3449ef9c filter vulnerabilities by audit_level (#55) 
* filter vulnerabilities by audit_level

* update README.md

* fix test cases

* restrict audit_level value

* update dist/index.js
 2020-03-21 07:08:53 +09:00
Naoki Oketani
4d8769971b Refactor (#54) 
* run `npm ci` instead of `npm install` for PR build

* bump version

* return Promise for test mock
 2020-03-19 17:46:36 +09:00
Naoki Oketani
a6b5113465 Correct test case 2019-12-14 21:08:54 +09:00
Naoki Oketani
0e9661d4a3 Add unit test for error handling (#30) 2019-12-14 12:56:45 +09:00
Naoki Oketani
a0a6093710 add unit test and cleanup (#28) 
* remove unnessary import

* use mock for child_process.spawnSync()

* document useful resources

* use v1.1.0 for daily scan
 2019-12-13 16:09:10 +09:00
Naoki Oketani
3e659c8c99 use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00
Naoki Oketani
2e5ad3c2cf Creates an issue even if inputs.issue_labels is not given (#21) 
* Creates an issue even if inputs.issue_labels is not given

* 1.0.0

* Use v1.0.0 in example, daily scan
 2019-12-09 22:49:41 +09:00
Naoki Oketani
be0cdcbe10 add test for issue option (#20) 2019-12-09 21:31:55 +09:00
Naoki Oketani
14d92785e4 Set Issue labels by inputs & add unit test (#12) 
* Set Issue labels by inputs

* Add unit test
 2019-12-09 12:43:13 +09:00
Naoki Oketani
02e2cee4ed Open a GitHub Issue if vulnerabilities are found (#8) 
* Get GitHub access token from input

* install npm package

* fix TypeScript error to successfully build

ref: https://github.com/actions/toolkit/issues/199

* npm i strip-ansi to remove control characters

* create an issue

* use template literal to pass lint

* npm run format; npm run lint

* use inputs.issue_title as issue title

* document inputs.issue_title

* add inputs.issue_title
 2019-12-09 08:51:14 +09:00
Naoki Oketani
2167fa39e5 setup repo & run npm audit (#1) 2019-12-08 22:10:35 +09:00
Naoki Oketani
284541286f Initial commit 2019-12-08 19:17:13 +09:00