diff options
Diffstat (limited to '.circleci/scripts/npm-audit-check.js')
-rw-r--r-- | .circleci/scripts/npm-audit-check.js | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/.circleci/scripts/npm-audit-check.js b/.circleci/scripts/npm-audit-check.js new file mode 100644 index 000000000..2fb408add --- /dev/null +++ b/.circleci/scripts/npm-audit-check.js @@ -0,0 +1,24 @@ +const path = require('path') +const audit = require(path.join(__dirname, '..', '..', 'audit.json')) +const error = audit.error +const advisories = Object.keys(audit.advisories || []).map((k) => audit.advisories[k]) + +if (error) { + process.exit(1) +} + +let count = 0 +for (const advisory of advisories) { + if (advisory.severity === 'low') { + continue + } + + count += advisory.findings.some((finding) => (!finding.dev && !finding.optional)) +} + +if (count > 0) { + console.log(`Audit shows ${count} moderate or high severity advisories _in the production dependencies_`) + process.exit(1) +} else { + console.log(`Audit shows _zero_ moderate or high severity advisories _in the production dependencies_`) +} |