aboutsummaryrefslogtreecommitdiffstats
path: root/.circleci/scripts/npm-audit-check.js
diff options
context:
space:
mode:
Diffstat (limited to '.circleci/scripts/npm-audit-check.js')
-rw-r--r--.circleci/scripts/npm-audit-check.js24
1 files changed, 24 insertions, 0 deletions
diff --git a/.circleci/scripts/npm-audit-check.js b/.circleci/scripts/npm-audit-check.js
new file mode 100644
index 000000000..2fb408add
--- /dev/null
+++ b/.circleci/scripts/npm-audit-check.js
@@ -0,0 +1,24 @@
+const path = require('path')
+const audit = require(path.join(__dirname, '..', '..', 'audit.json'))
+const error = audit.error
+const advisories = Object.keys(audit.advisories || []).map((k) => audit.advisories[k])
+
+if (error) {
+ process.exit(1)
+}
+
+let count = 0
+for (const advisory of advisories) {
+ if (advisory.severity === 'low') {
+ continue
+ }
+
+ count += advisory.findings.some((finding) => (!finding.dev && !finding.optional))
+}
+
+if (count > 0) {
+ console.log(`Audit shows ${count} moderate or high severity advisories _in the production dependencies_`)
+ process.exit(1)
+} else {
+ console.log(`Audit shows _zero_ moderate or high severity advisories _in the production dependencies_`)
+}
generated by cgit (git 2.34.1) at 2024-10-17 07:23:53 +0800