Git Product home page Git Product logo

pnpm-ci-tools's Introduction

CI tools for pnpm

This project provides packages that allow certain pnpm commands to be used in a CI/CD environment.

Build Status

Codeship Status for drtyh2o/pnpm-ci-tools code style: prettier

Audit

This package provides a command that allows pnpm audit to be used in a CI/CD environment.

This project was inspired by similar tools available for npm and yarn

Check for all advisories.

pnpx pnpm-ci-tools audit

Set the Minimum Severity Level of Advisories (--audit-level)

Only advisories that meet the minimum severity level are reported.

pnpx pnpm-ci-tools audit --audit-level=[low,moderate,high,critical]

Ignore Specific Advisories (--ignore-advisories, -i)

Advisories with the specified id values are not reported.

pnpx pnpm-ci-tools audit -i 123,456

or

pnpx pnpm-ci-tools audit -i 123 -i 456

Strict Mode (--strict)

In this mode, any advisory that is ignored using --ignore-advisories but is not detected by the audit will cause the command to fail.

pnpx pnpm-ci-tools audit -i 123,456 --strict

Local Installation

As an alternative to using pnpx, this package can be installed as a dev dependency in a project and run from an npm script.

pnpm add -D pnpm-ci-tools

If installing this package in a monorepo that uses pnpm workspaces then install it in the workspace root using:

pnpm add -D -w pnpm-ci-tools

pnpm-ci-tools's People

Contributors

mdurling avatar avatarneil avatar

Watchers

avatar

Forkers

avatarneil

pnpm-ci-tools's Issues

Invalid URL when cmd+clicking in VSCode

I've found that attempting to cmd+click the URL provided when a vulnerability is found by the audit script results in an unresolvable URL as parsed by VSCode. This is due to the trailing : in the URL.

image

Fix for this should be easy, I'll cut a PR shortly and reference this issue.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.