diff options
author | Kat Marchán <kzm@zkat.tech> | 2019-01-29 14:43:00 -0800 |
---|---|---|
committer | Myles Borins <mylesborins@google.com> | 2019-02-12 00:06:29 -0800 |
commit | 43dd49c9782848c25e5b03448c8a0f923f13c158 (patch) | |
tree | f7ac5d645019b2b844f26be66c291bbae734d097 /deps/npm/node_modules/npm-audit-report | |
parent | b361f9577fbd72e518438d3fa0b01f7d34d814a5 (diff) | |
download | android-node-v8-43dd49c9782848c25e5b03448c8a0f923f13c158.tar.gz android-node-v8-43dd49c9782848c25e5b03448c8a0f923f13c158.tar.bz2 android-node-v8-43dd49c9782848c25e5b03448c8a0f923f13c158.zip |
deps: upgrade npm to 6.7.0
PR-URL: https://github.com/nodejs/node/pull/25804
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Diffstat (limited to 'deps/npm/node_modules/npm-audit-report')
4 files changed, 39 insertions, 24 deletions
diff --git a/deps/npm/node_modules/npm-audit-report/CHANGELOG.md b/deps/npm/node_modules/npm-audit-report/CHANGELOG.md index 4cf6a1acda..941a18741b 100644 --- a/deps/npm/node_modules/npm-audit-report/CHANGELOG.md +++ b/deps/npm/node_modules/npm-audit-report/CHANGELOG.md @@ -2,6 +2,18 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +<a name="1.3.2"></a> +## [1.3.2](https://github.com/npm/npm-audit-report/compare/v1.3.1...v1.3.2) (2018-12-18) + + +### Bug Fixes + +* **parseable:** add support for critical vulns and more resolves on update/install action ([#28](https://github.com/npm/npm-audit-report/issues/28)) ([5e27893](https://github.com/npm/npm-audit-report/commit/5e27893)) +* **security:** audit fix ([ff9faf3](https://github.com/npm/npm-audit-report/commit/ff9faf3)) +* **urls:** Replace hardcoded URL to advisory with a URL from audit response ([#34](https://github.com/npm/npm-audit-report/issues/34)) ([e2fe95b](https://github.com/npm/npm-audit-report/commit/e2fe95b)) + + + <a name="1.3.1"></a> ## [1.3.1](https://github.com/npm/npm-audit-report/compare/v1.3.0...v1.3.1) (2018-07-10) diff --git a/deps/npm/node_modules/npm-audit-report/package.json b/deps/npm/node_modules/npm-audit-report/package.json index 0f76601e27..905c0ce33d 100644 --- a/deps/npm/node_modules/npm-audit-report/package.json +++ b/deps/npm/node_modules/npm-audit-report/package.json @@ -1,27 +1,27 @@ { - "_from": "npm-audit-report@^1.2.1", - "_id": "npm-audit-report@1.3.1", + "_from": "npm-audit-report@1.3.2", + "_id": "npm-audit-report@1.3.2", "_inBundle": false, - "_integrity": "sha512-SjTF8ZP4rOu3JiFrTMi4M1CmVo2tni2sP4TzhyCMHwnMGf6XkdGLZKt9cdZ12esKf0mbQqFyU9LtY0SoeahL7g==", + "_integrity": "sha512-abeqS5ONyXNaZJPGAf6TOUMNdSe1Y6cpc9MLBRn+CuUoYbfdca6AxOyXVlfIv9OgKX+cacblbG5w7A6ccwoTPw==", "_location": "/npm-audit-report", "_phantomChildren": {}, "_requested": { - "type": "range", + "type": "version", "registry": true, - "raw": "npm-audit-report@^1.2.1", + "raw": "npm-audit-report@1.3.2", "name": "npm-audit-report", "escapedName": "npm-audit-report", - "rawSpec": "^1.2.1", + "rawSpec": "1.3.2", "saveSpec": null, - "fetchSpec": "^1.2.1" + "fetchSpec": "1.3.2" }, "_requiredBy": [ "#USER", "/" ], - "_resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-1.3.1.tgz", - "_shasum": "e79ea1fcb5ffaf3031102b389d5222c2b0459632", - "_spec": "npm-audit-report@^1.2.1", + "_resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-1.3.2.tgz", + "_shasum": "303bc78cd9e4c226415076a4f7e528c89fc77018", + "_spec": "npm-audit-report@1.3.2", "_where": "/Users/zkat/Documents/code/work/npm", "author": { "name": "Adam Baldwin" @@ -76,5 +76,5 @@ "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" }, - "version": "1.3.1" + "version": "1.3.2" } diff --git a/deps/npm/node_modules/npm-audit-report/reporters/detail.js b/deps/npm/node_modules/npm-audit-report/reporters/detail.js index 2cbb8fea50..f6e822eb7a 100644 --- a/deps/npm/node_modules/npm-audit-report/reporters/detail.js +++ b/deps/npm/node_modules/npm-audit-report/reporters/detail.js @@ -117,7 +117,7 @@ const report = function (data, options) { {'Package': advisory.module_name}, {'Dependency of': `${resolution.path.split('>')[0]} ${resolution.dev ? '[dev]' : ''}`}, {'Path': `${resolution.path.split('>').join(Utils.color(' > ', 'grey', config.withColor))}`}, - {'More info': `https://nodesecurity.io/advisories/${advisory.id}`} + {'More info': advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`} ) log(table.toString() + '\n\n') @@ -160,7 +160,7 @@ const report = function (data, options) { {'Patched in': patchedIn}, {'Dependency of': `${resolution.path.split('>')[0]} ${resolution.dev ? '[dev]' : ''}`}, {'Path': `${resolution.path.split('>').join(Utils.color(' > ', 'grey', config.withColor))}`}, - {'More info': `https://nodesecurity.io/advisories/${advisory.id}`} + {'More info': advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`} ) log(table.toString()) }) diff --git a/deps/npm/node_modules/npm-audit-report/reporters/parseable.js b/deps/npm/node_modules/npm-audit-report/reporters/parseable.js index 3633597729..1d46ef2271 100644 --- a/deps/npm/node_modules/npm-audit-report/reporters/parseable.js +++ b/deps/npm/node_modules/npm-audit-report/reporters/parseable.js @@ -11,6 +11,7 @@ const report = function (data, options) { const actions = function (data, config) { let accumulator = { + critical: '', high: '', moderate: '', low: '' @@ -25,16 +26,18 @@ const report = function (data, options) { l.recommendation = recommendation.cmd l.breaking = recommendation.isBreaking ? 'Y' : 'N' - // TODO: Verify: The advisory seems to repeat and be the same for all the 'resolves'. Is it true? - const advisory = data.advisories[action.resolves[0].id] - l.sevLevel = advisory.severity - l.severity = advisory.title - l.package = advisory.module_name - l.moreInfo = `https://nodesecurity.io/advisories/${advisory.id}` - l.path = action.resolves[0].path + action.resolves.forEach((resolution) => { + const advisory = data.advisories[resolution.id] + + l.sevLevel = advisory.severity + l.severity = advisory.title + l.package = advisory.module_name + l.moreInfo = advisory.url || `https://www.npmjs.com/advisories/${advisory.id}` + l.path = resolution.path - accumulator[advisory.severity] += [action.action, l.package, l.sevLevel, l.recommendation, l.severity, l.moreInfo, l.path, l.breaking] - .join('\t') + '\n' + accumulator[advisory.severity] += [action.action, l.package, l.sevLevel, l.recommendation, l.severity, l.moreInfo, l.path, l.breaking] + .join('\t') + '\n' + }) // forEach resolves } if (action.action === 'review') { @@ -44,7 +47,7 @@ const report = function (data, options) { l.sevLevel = advisory.severity l.severity = advisory.title l.package = advisory.module_name - l.moreInfo = `https://nodesecurity.io/advisories/${advisory.id}` + l.moreInfo = advisory.url || `https://www.npmjs.com/advisories/${advisory.id}` l.patchedIn = advisory.patched_versions.replace(' ', '') === '<0.0.0' ? 'No patch available' : advisory.patched_versions l.path = resolution.path @@ -53,7 +56,7 @@ const report = function (data, options) { } // is review }) // forEach actions } - return accumulator['high'] + accumulator['moderate'] + accumulator['low'] + return accumulator['critical'] + accumulator['high'] + accumulator['moderate'] + accumulator['low'] } const exitCode = function (metadata) { |