nna/npm-audit-action
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
322 Commits 1 Branch 2 Tags
9f0ca85362979a8dc61a84ebda59ea3477d6cddc
Commit Graph

43 Commits

Author SHA1 Message Date
Naoki Oketani
b91c65bee2 fix(workdir): handle directory change errors gracefully 2025-05-05 12:09:35 +00:00
Naoki Oketani
0ff4c383ef fix(workdir): handle trailing slash in working directory path 2025-05-05 12:03:14 +00:00
Naoki Oketani
616e881987 refactor(build): update TypeScript and Rollup configuration 2025-05-05 11:52:10 +00:00
oke-py
868ad3ad89 chore(build): automated change 2025-05-05 06:20:37 +00:00
Naoki Oketani
fa975d057b fix: resolve prettier and eslint conflict by removing bracketSpacing: false 2025-05-03 12:32:25 +00:00
Naoki Oketani
745e45b95c chore: migrate to ESLint 9 and update configurations 2025-05-03 12:03:12 +00:00
Naoki Oketani
2af7795f4f refactor: modernize code to ES2020 (#220) 2025-05-03 04:08:29 +00:00
Naoki Oketani
ed6e8d71b4 feat: migrate codebase to ES Modules 2025-05-03 02:15:44 +00:00
Naoki Oketani
8319691add Update code to work with @octokit/rest v21.1.1 2025-05-01 12:56:00 +00:00
Naoki Oketani
0cbdd1f2f3 refactor: replace axios call with octokit 2023-04-22 13:29:59 +00:00
Naoki Oketani
153cdc3701 fix: type guard for catched error 2022-12-11 13:06:22 +09:00
William Barnes
5b91df5581 updating production flag to --omit=dev (#125) 
* updating production flag to --omit=dev

* fixing readme comment
 2022-07-09 18:08:36 +09:00
Naoki Oketani
2f9b156c84 npm run all 2022-05-12 07:47:12 +09:00
Shaid Khan
33a41db91d Fix Commit - Committing fix whereby NPM Audit Actions Fails when running on Windows OS (#122) 
- This commit is to fix an issue when running the 'npm-audit-action' on the 'windows-latest'
- Integrated the 'spawnSync' to use the right 'npm' script based upon the OS used
 2022-05-12 07:45:03 +09:00
Naoki Oketani
c0410c237f Adds 'info', 'none' as a valid argument for audit-level (#120) 
* Adds 'info', 'none' as a valid argument for audit-level

* 2.1.0
 2022-04-12 08:19:34 +09:00
Naoki Oketani
e434d1ce70 update dependencies (#96) 
* Bump @actions/core from 1.3.0 to 1.6.0

* Bump @actions/github from 4.0.0 to 5.0.0

* Bump @octokit/rest from 18.5.6 to 18.12.0

* Bump strip-ansi from 6.0.0 to 6.0.1
 2021-10-09 12:22:18 +09:00
Naoki Oketani
1595df392b chore: format by prettier 2021-10-08 21:20:06 +09:00
Pavish Kumar
9e9a90b41e Retain spaces within label (#95) 2021-10-08 21:17:46 +09:00
Naoki Oketani
47dbb726b6 feature: support create_issues, create_pr_comments flag (#93) 
* doc: support new parameter create_issues, create_pr_comments

* feature: support create_pr_comments flag

* feature: support create_issues flag
 2021-10-03 09:26:16 +09:00
Naoki Oketani
8851061b81 run npm run all 2020-12-12 12:01:55 +00:00
sgkiokas
c4cd169835 feat: add the ability to run with '--json' and output the result (#78) 
* addition-of-json-flag

* Set output of npn audit
 2020-12-12 20:56:05 +09:00
Naoki Oketani
3868af0215 update README & npm run all 2020-11-12 10:45:24 +00:00
sgkiokas
42e6d27a29 feat: add the ability to run with '--production' (#75) 
* feat: add the ability to run with '--production'

Adding the config options to run npm audit with the --production flag.

Contributes to: #74

Signed-off-by: Stelios Gkiokas <s_giokas@hotmail.com>

* fix: add tests

Adding the relevant tests for the new production flag.

Contributes to: #74

Signed-off-by: Stelios Gkiokas <s_giokas@hotmail.com>
 2020-11-12 19:33:56 +09:00
Naoki Oketani
7b23c85c0d npm audit fix & npm update (#70) 
* npm audit fix & modify eslint rules

* update axios, @types/jest, eslint-plugin-jest

* update @octokit/rest, @typescript-eslint/parser

* update @actions/github
 2020-09-11 22:04:02 +09:00
Spencer Small
b0bc596f8e Catch errors thrown by Audit.run and increase child process buffer size (#67) 
* Audit.run does not need to be async

* Set max buffer size for npm audit subprocess to 10MiB
 2020-07-14 18:59:28 +09:00
Spencer Small
261cbab716 Support de-duping issues (#65) 
* De-dupe against open issues when dedupe_issues = true

* Update README

* Fix compile errors

* Add unit tests for issue.ts
 2020-05-28 07:18:45 +09:00
Naoki Oketani
5209022168 support different working directory (#64) 
* support different working directory

* validate working_directory
 2020-05-23 15:59:51 +09:00
Naoki Oketani
161485c040 update @octokit/rest from 16.43.1 to 17.9.2 (#62) 2020-05-23 14:46:31 +09:00
Naoki Oketani
79bd1d007d npm update (#56) 
* npm update

* update prettier to ^2.0.2

* npm run all

* update @zeit/ncc to ^0.22.0
 2020-03-29 19:57:04 +09:00
Naoki Oketani
ad3449ef9c filter vulnerabilities by audit_level (#55) 
* filter vulnerabilities by audit_level

* update README.md

* fix test cases

* restrict audit_level value

* update dist/index.js
 2020-03-21 07:08:53 +09:00
Naoki Oketani
56cc033b69 update eslint-plugin-github (#48) 
* update eslint-plugin-github

* remove non-existent eslint rules

* fix a lint error
 2020-03-14 19:21:06 +09:00
Naoki Oketani
dcb39c0a56 update @actions/github and @octokit/rest (#46) 2020-03-14 18:04:03 +09:00
Naoki Oketani
ba4e9c22fd Action should fail if child_process causes an error (#41) 2020-03-14 15:46:51 +09:00
Naoki Oketani
02cdae80b6 Action fails always if vulnerabilities are found (#35) 2020-01-09 18:59:40 +09:00
Naoki Oketani
a0a6093710 add unit test and cleanup (#28) 
* remove unnessary import

* use mock for child_process.spawnSync()

* document useful resources

* use v1.1.0 for daily scan
 2019-12-13 16:09:10 +09:00
Naoki Oketani
3e659c8c99 use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00
Naoki Oketani
2e5ad3c2cf Creates an issue even if inputs.issue_labels is not given (#21) 
* Creates an issue even if inputs.issue_labels is not given

* 1.0.0

* Use v1.0.0 in example, daily scan
 2019-12-09 22:49:41 +09:00
Naoki Oketani
be0cdcbe10 add test for issue option (#20) 2019-12-09 21:31:55 +09:00
Naoki Oketani
14d92785e4 Set Issue labels by inputs & add unit test (#12) 
* Set Issue labels by inputs

* Add unit test
 2019-12-09 12:43:13 +09:00
Naoki Oketani
9931b4d0d0 Set Issue assignees by inputs (#10) 
* Set Issue assignees by inputs

* remove unused file

* Revert "remove unused file"

This reverts commit f308fad240706376cf21c6df7490b84c66ef1905.

* npm run all

* add heading to README

* create issue templates
 2019-12-09 09:41:29 +09:00
Naoki Oketani
02e2cee4ed Open a GitHub Issue if vulnerabilities are found (#8) 
* Get GitHub access token from input

* install npm package

* fix TypeScript error to successfully build

ref: https://github.com/actions/toolkit/issues/199

* npm i strip-ansi to remove control characters

* create an issue

* use template literal to pass lint

* npm run format; npm run lint

* use inputs.issue_title as issue title

* document inputs.issue_title

* add inputs.issue_title
 2019-12-09 08:51:14 +09:00
Naoki Oketani
2167fa39e5 setup repo & run npm audit (#1) 2019-12-08 22:10:35 +09:00
Naoki Oketani
284541286f Initial commit 2019-12-08 19:17:13 +09:00