npm-audit-action

Author	SHA1	Message	Date
Naoki Oketani	9f4cdf97ce	fix: limit test coverage to src directory only	2025-05-03 12:20:53 +00:00
Naoki Oketani	4427195a49	ci(test): update test command to include --run and --coverage flags	2025-05-02 14:23:18 +00:00
Naoki Oketani	2564984eab	refactor(testing): migrate from Jest to Vitest for testing framework	2025-05-02 14:03:34 +00:00
Naoki Oketani	b51e018cee	Disable test-on-windows job	2025-05-02 03:53:41 +00:00
Naoki Oketani	9ad3f5888f	Add step names to GitHub Actions workflow for better readability	2025-05-02 00:52:33 +00:00
Naoki Oketani	05ae6e9b03	Remove npm-windows-upgrade steps as they are no longer needed with Node.js 20	2025-05-02 00:39:05 +00:00
Naoki Oketani	f8f995f645	fix: Combine PowerShell execution policy setting with npm-windows-upgrade step	2025-05-02 00:28:06 +00:00
Naoki Oketani	9aaec722be	fix: Specify PowerShell for npm-windows-upgrade command execution in Windows environment	2025-05-02 00:21:34 +00:00
Naoki Oketani	b4503033f0	Fix Windows build job in CI workflow	2025-05-01 14:11:51 +00:00
Naoki Oketani	414f093a36	Update to Node.js 20 compatibility	2025-05-01 12:05:25 +00:00
dependabot[bot]	7a79a0b760	build(deps): bump actions/setup-node from 3 to 4 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-24 09:14:30 +00:00
dependabot[bot]	f5fab4045b	build(deps): bump stefanzweifel/git-auto-commit-action from 4 to 5 Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4 to 5. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4...v5) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-09 09:35:35 +00:00
dependabot[bot]	f761856646	build(deps): bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-08 14:34:15 +00:00
Naoki Oketani	a13ffcb1f2	chore(test): end of support for node v16	2023-10-08 14:25:18 +00:00
Naoki Oketani	5ccfa07c62	create issue only when vulns found in production modules	2023-07-04 13:29:28 +00:00
Naoki Oketani	3e9f7e4b24	chore(release): fix error on re-targeting v2 tag on release	2023-01-02 11:37:27 +09:00
Naoki Oketani	782594d200	chore(release): re-target v2 tag on release	2023-01-02 11:19:59 +09:00
Naoki Oketani	edfefe90f9	chore(build): remove unused branch from trigger	2023-01-02 11:04:02 +09:00
Naoki Oketani	ca9669d6b4	chore(test): ignore devDependencies vulnerabilities	2022-12-30 10:06:20 +09:00
Naoki Oketani	a2adb56514	chore(test): run tests on node 16 & 18	2022-12-15 21:24:21 +09:00
Naoki Oketani	8a70c78853	[skip ci] fix: automatically update package version	2022-12-11 20:50:04 +09:00
Naoki Oketani	8d9211d055	chore(release): labeled pull request triggers package version change	2022-12-11 18:50:59 +09:00
Naoki Oketani	856d2a375a	chore(build): set up actions to automatically update dist/index.js	2022-12-11 15:39:40 +09:00
Naoki Oketani	c04a413c8d	test: PR build will not create a new issue to report vulnerabilities	2022-12-10 22:16:40 +09:00
Naoki Oketani	3e3735791c	update npm globally at an earlier step of each job (#124 ) * update npm globally at an earlier step of each job * execute `npm update` with sudo * seprate windows jobs from linux,mac jobs * upgrade npm to latest on windows * upgrade npm to latest on windows	2022-07-01 07:16:46 +09:00
Shaid Khan	33a41db91d	Fix Commit - Committing fix whereby NPM Audit Actions Fails when running on Windows OS (#122 ) - This commit is to fix an issue when running the 'npm-audit-action' on the 'windows-latest' - Integrated the 'spawnSync' to use the right 'npm' script based upon the OS used	2022-05-12 07:45:03 +09:00
Naoki Oketani	e3662da326	Update default runtime to node16 (#118 ) * Update default runtime to node16 * update dependencies * 2.0.0	2022-03-26 15:31:24 +09:00
dependabot[bot]	e0cb327868	Bump actions/checkout from 2 to 3 (#114 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-06 20:10:33 +09:00
Naoki Oketani	02cb9c4d3b	fix CVE-2022-0235 (#108 ) * npm audit fix * npm run all * 1.8.4 * update README and daily action to use v1.8.4	2022-01-25 12:30:57 +09:00
Naoki Oketani	8196a9cc90	Release v1.8.3 (#105 ) * 1.8.3 * update README and daily action to use v1.8.3	2022-01-15 18:33:23 +09:00
Naoki Oketani	b58fe17512	Release v1.8.2 (#101 ) * 1.8.2 * update README and daily action to use v1.8.2	2021-10-16 18:26:12 +09:00
Naoki Oketani	9d3f4c8708	Bump patch verstion to 1.8.1	2021-10-08 21:21:58 +09:00
Naoki Oketani	b279a61c36	Bump minor version to 1.8.0	2021-10-03 09:28:58 +09:00
Naoki Oketani	2d35348be4	chore: fix a broken link in README (#92 ) * chore: fix a broken link in README * chore: fix branch name	2021-10-02 21:51:01 +09:00
Naoki Oketani	cf7f895e0d	Bump patch version to 1.7.4	2021-09-26 21:36:59 +09:00
Naoki Oketani	5d4cffea6d	fix dependencies' vulnerabilities (#86 ) * [fix] `npm audit fix` * [fix] `npm update` * [fix] update jest, jest-circus, ts-jest * 1.7.3	2021-06-03 07:45:50 +09:00
Naoki Oketani	47ffa59342	update: scan v1.7.2	2021-05-09 17:25:00 +09:00
Naoki Oketani	ddca8d247d	docs: use 1.7.1 in the sample	2021-01-06 13:21:27 +09:00
Naoki Oketani	8a4cabf41a	update version	2020-12-12 12:04:36 +00:00
Naoki Oketani	3868af0215	update README & npm run all	2020-11-12 10:45:24 +00:00
Naoki Oketani	86587558c6	use v1.5.2	2020-09-11 13:08:07 +00:00
Naoki Oketani	75b171622a	v1.5.1 (#68 ) * run `npm audit fix` * run `npm run all` * 1.5.1 * use v1.5.1	2020-07-14 19:14:55 +09:00
Naoki Oketani	f6ba9be9cf	update example & daily scan to use v1.5.0 with dedupe_issues=true	2020-05-28 07:24:52 +09:00
Naoki Oketani	6ca4ad598e	bump version to v1.4.0	2020-05-23 16:10:57 +09:00
Naoki Oketani	5209022168	support different working directory (#64 ) * support different working directory * validate working_directory	2020-05-23 15:59:51 +09:00
Naoki Oketani	49b1b8cc78	bump version to v1.3.1	2020-04-30 07:59:06 +09:00
Naoki Oketani	4d8769971b	Refactor (#54 ) * run `npm ci` instead of `npm install` for PR build * bump version * return Promise for test mock	2020-03-19 17:46:36 +09:00
Naoki Oketani	3b7b95bf4a	update npm-audit-action to v1.2.0 (#50 )	2020-03-14 20:35:30 +09:00
Naoki Oketani	6c003b8ee4	update actions/checkout to v2 (#37 )	2020-01-27 20:48:43 +09:00
Naoki Oketani	a0a6093710	add unit test and cleanup (#28 ) * remove unnessary import * use mock for child_process.spawnSync() * document useful resources * use v1.1.0 for daily scan	2019-12-13 16:09:10 +09:00

1 2

56 Commits