nna/npm-audit-action
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
46 Commits 1 Branch 2 Tags
b0bc596f8ef0f87747ecdb0baec966f82d2fb2f0
Commit Graph

46 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Spencer Small
b0bc596f8e Catch errors thrown by Audit.run and increase child process buffer size (#67) 
* Audit.run does not need to be async

* Set max buffer size for npm audit subprocess to 10MiB
 2020-07-14 18:59:28 +09:00
Naoki Oketani
4adc177da9 add Dockerfile to use VSCode Remote Container 2020-06-06 11:02:15 +00:00
Naoki Oketani
f6ba9be9cf update example & daily scan to use v1.5.0 with dedupe_issues=true 2020-05-28 07:24:52 +09:00
Naoki Oketani
711840e936 1.5.0 2020-05-28 07:20:05 +09:00
Spencer Small
261cbab716 Support de-duping issues (#65) 
* De-dupe against open issues when dedupe_issues = true

* Update README

* Fix compile errors

* Add unit tests for issue.ts
 2020-05-28 07:18:45 +09:00
Naoki Oketani
1c3165e2f5 update action.yml to support working_directory 2020-05-23 16:26:33 +09:00
Naoki Oketani
94ec1a79c4 update README.md 2020-05-23 16:13:09 +09:00
Naoki Oketani
6ca4ad598e bump version to v1.4.0 2020-05-23 16:10:57 +09:00
Naoki Oketani
5209022168 support different working directory (#64) 
* support different working directory

* validate working_directory
 2020-05-23 15:59:51 +09:00
Naoki Oketani
277fc872da update dependencies (#63) 
* npm update

* npm i jest@26.0.1 jest-circus@26.0.1 ts-jest@26.0.0

* npm i @types/node@14.0.5

* npm i eslint@7.1.0 @typescript-eslint/parser@3.0.0
 2020-05-23 15:06:32 +09:00
Naoki Oketani
161485c040 update @octokit/rest from 16.43.1 to 17.9.2 (#62) 2020-05-23 14:46:31 +09:00
Naoki Oketani
49b1b8cc78 bump version to v1.3.1 2020-04-30 07:59:06 +09:00
Naoki Oketani
8e21576306 npm update dependencies (#59) 
* npm update

- @types/jest
- @types/node
- @typescript-eslint/parser
- @zeit/ncc jest
- jest-circus
- prettier
- ts-jest

* npm run all

* npm update graphql
 2020-04-30 07:43:27 +09:00
dependabot[bot]
081ab6e55a Bump @actions/http-client from 1.0.6 to 1.0.8 (#58) 
Bumps [@actions/http-client](https://github.com/actions/http-client) from 1.0.6 to 1.0.8.
- [Release notes](https://github.com/actions/http-client/releases)
- [Changelog](https://github.com/actions/http-client/blob/master/RELEASES.md)
- [Commits](https://github.com/actions/http-client/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-04-30 07:26:41 +09:00
Naoki Oketani
79bd1d007d npm update (#56) 
* npm update

* update prettier to ^2.0.2

* npm run all

* update @zeit/ncc to ^0.22.0
 2020-03-29 19:57:04 +09:00
Naoki Oketani
ad3449ef9c filter vulnerabilities by audit_level (#55) 
* filter vulnerabilities by audit_level

* update README.md

* fix test cases

* restrict audit_level value

* update dist/index.js
 2020-03-21 07:08:53 +09:00
Naoki Oketani
4d8769971b Refactor (#54) 
* run `npm ci` instead of `npm install` for PR build

* bump version

* return Promise for test mock
 2020-03-19 17:46:36 +09:00
Naoki Oketani
f654b1dd0a fresh install jest, eslint (#53) 
* fresh install jest, eslint

* npm run all
 2020-03-19 17:35:08 +09:00
Naoki Oketani
6ffbb041ac npm audit fix (#52) 2020-03-19 06:47:39 +09:00
Naoki Oketani
3b7b95bf4a update npm-audit-action to v1.2.0 (#50) 2020-03-14 20:35:30 +09:00
Naoki Oketani
56cc033b69 update eslint-plugin-github (#48) 
* update eslint-plugin-github

* remove non-existent eslint rules

* fix a lint error
 2020-03-14 19:21:06 +09:00
Naoki Oketani
7f304403a6 update eslint-plugin-jest (#47) 2020-03-14 18:56:55 +09:00
Naoki Oketani
dcb39c0a56 update @actions/github and @octokit/rest (#46) 2020-03-14 18:04:03 +09:00
Naoki Oketani
a0e0b47fa7 update outdated dependencies(yellow) except for @actions/github, eslint-plugin-* (#45) 2020-03-14 17:17:25 +09:00
Naoki Oketani
4df977494a update outdated dependencies(red) except for @octokit/rest (#44) 2020-03-14 16:50:32 +09:00
Naoki Oketani
a908d1f578 update eslint to 6.8.0 to fix vulnerabilities (#42) 
* update eslint to 6.8.0 to fix vulnerabilities

* npm install --save-dev jest@25.1.0

* npm install --save-dev @types/jest@25.1.4
 2020-03-14 16:16:42 +09:00
Naoki Oketani
ba4e9c22fd Action should fail if child_process causes an error (#41) 2020-03-14 15:46:51 +09:00
Naoki Oketani
6c003b8ee4 update actions/checkout to v2 (#37) 2020-01-27 20:48:43 +09:00
Naoki Oketani
02cdae80b6 Action fails always if vulnerabilities are found (#35) 2020-01-09 18:59:40 +09:00
Naoki Oketani
4894ae0aad Update README (#33) 2019-12-15 10:49:06 +09:00
Naoki Oketani
a6b5113465 Correct test case 2019-12-14 21:08:54 +09:00
Naoki Oketani
0e9661d4a3 Add unit test for error handling (#30) 2019-12-14 12:56:45 +09:00
Naoki Oketani
a0a6093710 add unit test and cleanup (#28) 
* remove unnessary import

* use mock for child_process.spawnSync()

* document useful resources

* use v1.1.0 for daily scan
 2019-12-13 16:09:10 +09:00
Naoki Oketani
3e659c8c99 use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00
Naoki Oketani
ac19a7500b set branding (#23) 
* echo $GITHUB_CONTEXT

* set branding
 2019-12-10 18:48:15 +09:00
Naoki Oketani
2e5ad3c2cf Creates an issue even if inputs.issue_labels is not given (#21) 
* Creates an issue even if inputs.issue_labels is not given

* 1.0.0

* Use v1.0.0 in example, daily scan
 2019-12-09 22:49:41 +09:00
Naoki Oketani
be0cdcbe10 add test for issue option (#20) 2019-12-09 21:31:55 +09:00
Naoki Oketani
4b8e261c55 Execute daily scan (#19) 
* Update README.md

* run `npm audit` daily
 2019-12-09 19:59:47 +09:00
Naoki Oketani
8b1b45628f Measure test coverage (#16) 
* define npm run coverage

* Revert "define npm run coverage"

This reverts commit 32133d33412105d167226ac31c4f7875f85716ab.

* use coverallsapp/github-action@master

* Give --coverage option to npm test

* Add coveralls badge
 2019-12-09 16:00:28 +09:00
Naoki Oketani
a4fb3cef7f Add image and example to README.md 2019-12-09 14:13:56 +09:00
Naoki Oketani
dcded27633 0.1.0 2019-12-09 13:12:46 +09:00
Naoki Oketani
14d92785e4 Set Issue labels by inputs & add unit test (#12) 
* Set Issue labels by inputs

* Add unit test
 2019-12-09 12:43:13 +09:00
Naoki Oketani
9931b4d0d0 Set Issue assignees by inputs (#10) 
* Set Issue assignees by inputs

* remove unused file

* Revert "remove unused file"

This reverts commit f308fad240706376cf21c6df7490b84c66ef1905.

* npm run all

* add heading to README

* create issue templates
 2019-12-09 09:41:29 +09:00
Naoki Oketani
02e2cee4ed Open a GitHub Issue if vulnerabilities are found (#8) 
* Get GitHub access token from input

* install npm package

* fix TypeScript error to successfully build

ref: https://github.com/actions/toolkit/issues/199

* npm i strip-ansi to remove control characters

* create an issue

* use template literal to pass lint

* npm run format; npm run lint

* use inputs.issue_title as issue title

* document inputs.issue_title

* add inputs.issue_title
 2019-12-09 08:51:14 +09:00
Naoki Oketani
2167fa39e5 setup repo & run npm audit (#1) 2019-12-08 22:10:35 +09:00
Naoki Oketani
284541286f Initial commit 2019-12-08 19:17:13 +09:00