mirror of
https://github.com/nuxt/nuxt.git
synced 2024-11-23 14:15:13 +00:00
chore(release, ci): use npm audit instead of nsp (#3883)
This commit is contained in:
Clark Du
Pooya Parsa
parent
6fc78ea024
commit
40ad691f60
@ -39,9 +39,18 @@ jobs:
|
||||
- attach_workspace:
|
||||
at: ~/project
|
||||
- run:
|
||||
name: Lint and Security
|
||||
name: Lint
|
||||
command: yarn test:lint
|
||||
|
||||
audit:
|
||||
<<: *defaults
|
||||
steps:
|
||||
- attach_workspace:
|
||||
at: ~/project
|
||||
- run:
|
||||
name: Security Audit
|
||||
command: npm install --package-lock-only && npm audit --audit-level=moderate
|
||||
|
||||
build:
|
||||
<<: *defaults
|
||||
steps:
|
||||
@ -104,6 +113,10 @@ workflows:
|
||||
requires:
|
||||
- setup
|
||||
|
||||
- audit:
|
||||
requires:
|
||||
- setup
|
||||
|
||||
- build:
|
||||
requires:
|
||||
- setup
|
||||
@ -120,6 +133,7 @@ workflows:
|
||||
requires:
|
||||
- build
|
||||
- lint
|
||||
- audit
|
||||
- test-unit
|
||||
- test-e2e
|
||||
filters:
|
||||
|
||||
@ -52,11 +52,10 @@
|
||||
"coverage": "codecov",
|
||||
"lint": "eslint --ext .js,.mjs,.vue bin/** benchmarks build examples lib packages test",
|
||||
"postinstall": "opencollective || exit 0",
|
||||
"security": "nsp check || true",
|
||||
"test": "yarn test:fixtures && yarn test:unit",
|
||||
"test:fixtures": "jest test/fixtures",
|
||||
"test:e2e": "jest -i test/e2e",
|
||||
"test:lint": "yarn lint && yarn security",
|
||||
"test:lint": "yarn lint",
|
||||
"test:unit": "jest test/unit"
|
||||
},
|
||||
"engines": {
|
||||
@ -155,7 +154,6 @@
|
||||
"get-port": "^4.0.0",
|
||||
"jest": "^23.6.0",
|
||||
"jsdom": "^12.0.0",
|
||||
"nsp": "^3.2.1",
|
||||
"pug": "^2.0.3",
|
||||
"pug-plain-loader": "^1.0.0",
|
||||
"puppeteer": "^1.8.0",
|
||||
|
||||
135
yarn.lock
135
yarn.lock
@ -1377,12 +1377,6 @@ boolbase@^1.0.0, boolbase@~1.0.0:
|
||||
version "1.0.0"
|
||||
resolved "https://registry.npmjs.org/boolbase/-/boolbase-1.0.0.tgz#68dff5fbe60c51eb37725ea9e3ed310dcc1e776e"
|
||||
|
||||
boom@5.x.x:
|
||||
version "5.2.0"
|
||||
resolved "https://registry.npmjs.org/boom/-/boom-5.2.0.tgz#5dd9da6ee3a5f302077436290cb717d3f4a54e02"
|
||||
dependencies:
|
||||
hoek "4.x.x"
|
||||
|
||||
brace-expansion@^1.1.7:
|
||||
version "1.1.11"
|
||||
resolved "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
|
||||
@ -1673,10 +1667,6 @@ character-parser@^2.1.1:
|
||||
dependencies:
|
||||
is-regex "^1.0.3"
|
||||
|
||||
chardet@^0.4.0:
|
||||
version "0.4.2"
|
||||
resolved "https://registry.npmjs.org/chardet/-/chardet-0.4.2.tgz#b5473b33dc97c424e5d98dc87d55d4d8a29c8bf2"
|
||||
|
||||
chardet@^0.7.0:
|
||||
version "0.7.0"
|
||||
resolved "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz#90094849f0937f2eedc2425d0d28a9e5f0cbad9e"
|
||||
@ -1756,15 +1746,6 @@ cli-cursor@^2.0.0, cli-cursor@^2.1.0:
|
||||
dependencies:
|
||||
restore-cursor "^2.0.0"
|
||||
|
||||
cli-table2@^0.2.0:
|
||||
version "0.2.0"
|
||||
resolved "https://registry.npmjs.org/cli-table2/-/cli-table2-0.2.0.tgz#2d1ef7f218a0e786e214540562d4bd177fe32d97"
|
||||
dependencies:
|
||||
lodash "^3.10.1"
|
||||
string-width "^1.0.1"
|
||||
optionalDependencies:
|
||||
colors "^1.1.2"
|
||||
|
||||
cli-width@^2.0.0:
|
||||
version "2.2.0"
|
||||
resolved "https://registry.npmjs.org/cli-width/-/cli-width-2.2.0.tgz#ff19ede8a9a5e579324147b0c11f0fbcbabed639"
|
||||
@ -1777,14 +1758,6 @@ cliui@^2.1.0:
|
||||
right-align "^0.1.1"
|
||||
wordwrap "0.0.2"
|
||||
|
||||
cliui@^3.2.0:
|
||||
version "3.2.0"
|
||||
resolved "https://registry.npmjs.org/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d"
|
||||
dependencies:
|
||||
string-width "^1.0.1"
|
||||
strip-ansi "^3.0.1"
|
||||
wrap-ansi "^2.0.0"
|
||||
|
||||
cliui@^4.0.0:
|
||||
version "4.1.0"
|
||||
resolved "https://registry.npmjs.org/cliui/-/cliui-4.1.0.tgz#348422dbe82d800b3022eef4f6ac10bf2e4d1b49"
|
||||
@ -1887,10 +1860,6 @@ colormin@^1.0.5:
|
||||
css-color-names "0.0.4"
|
||||
has "^1.0.1"
|
||||
|
||||
colors@^1.1.2:
|
||||
version "1.3.2"
|
||||
resolved "https://registry.npmjs.org/colors/-/colors-1.3.2.tgz#2df8ff573dfbf255af562f8ce7181d6b971a359b"
|
||||
|
||||
colors@~1.1.2:
|
||||
version "1.1.2"
|
||||
resolved "https://registry.npmjs.org/colors/-/colors-1.1.2.tgz#168a4701756b6a7f51a12ce0c97bfa28c084ed63"
|
||||
@ -2368,10 +2337,6 @@ currently-unhandled@^0.4.1:
|
||||
dependencies:
|
||||
array-find-index "^1.0.1"
|
||||
|
||||
cvss@^1.0.2:
|
||||
version "1.0.3"
|
||||
resolved "https://registry.npmjs.org/cvss/-/cvss-1.0.3.tgz#70df9c4a4e07fdb9341f27a2847a21df25c3a83a"
|
||||
|
||||
cyclist@~0.2.2:
|
||||
version "0.2.2"
|
||||
resolved "https://registry.npmjs.org/cyclist/-/cyclist-0.2.2.tgz#1b33792e11e914a2fd6d6ed6447464444e5fa640"
|
||||
@ -3072,14 +3037,6 @@ extend@~3.0.2:
|
||||
version "3.0.2"
|
||||
resolved "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz#f8b1136b4071fbd8eb140aff858b1019ec2915fa"
|
||||
|
||||
external-editor@^2.0.4:
|
||||
version "2.2.0"
|
||||
resolved "http://registry.npmjs.org/external-editor/-/external-editor-2.2.0.tgz#045511cfd8d133f3846673d1047c154e214ad3d5"
|
||||
dependencies:
|
||||
chardet "^0.4.0"
|
||||
iconv-lite "^0.4.17"
|
||||
tmp "^0.0.33"
|
||||
|
||||
external-editor@^3.0.0:
|
||||
version "3.0.3"
|
||||
resolved "https://registry.npmjs.org/external-editor/-/external-editor-3.0.3.tgz#5866db29a97826dbe4bf3afd24070ead9ea43a27"
|
||||
@ -3570,10 +3527,6 @@ hmac-drbg@^1.0.0:
|
||||
minimalistic-assert "^1.0.0"
|
||||
minimalistic-crypto-utils "^1.0.1"
|
||||
|
||||
hoek@4.x.x:
|
||||
version "4.2.1"
|
||||
resolved "https://registry.npmjs.org/hoek/-/hoek-4.2.1.tgz#9634502aa12c445dd5a7c5734b572bb8738aacbb"
|
||||
|
||||
home-or-tmp@^2.0.0:
|
||||
version "2.0.0"
|
||||
resolved "https://registry.npmjs.org/home-or-tmp/-/home-or-tmp-2.0.0.tgz#e36c3f2d2cae7d746a857e38d18d5f32a7882db8"
|
||||
@ -3674,7 +3627,7 @@ https-browserify@^1.0.0:
|
||||
version "1.0.0"
|
||||
resolved "https://registry.npmjs.org/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73"
|
||||
|
||||
https-proxy-agent@^2.1.0, https-proxy-agent@^2.2.1:
|
||||
https-proxy-agent@^2.2.1:
|
||||
version "2.2.1"
|
||||
resolved "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-2.2.1.tgz#51552970fa04d723e04c56d04178c3f92592bbc0"
|
||||
dependencies:
|
||||
@ -3691,7 +3644,7 @@ iconv-lite@0.4.23:
|
||||
dependencies:
|
||||
safer-buffer ">= 2.1.2 < 3"
|
||||
|
||||
iconv-lite@^0.4.17, iconv-lite@^0.4.24, iconv-lite@^0.4.4:
|
||||
iconv-lite@^0.4.24, iconv-lite@^0.4.4:
|
||||
version "0.4.24"
|
||||
resolved "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
|
||||
dependencies:
|
||||
@ -3775,25 +3728,6 @@ ini@~1.3.0:
|
||||
version "1.3.5"
|
||||
resolved "https://registry.npmjs.org/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927"
|
||||
|
||||
inquirer@^3.3.0:
|
||||
version "3.3.0"
|
||||
resolved "https://registry.npmjs.org/inquirer/-/inquirer-3.3.0.tgz#9dd2f2ad765dcab1ff0443b491442a20ba227dc9"
|
||||
dependencies:
|
||||
ansi-escapes "^3.0.0"
|
||||
chalk "^2.0.0"
|
||||
cli-cursor "^2.1.0"
|
||||
cli-width "^2.0.0"
|
||||
external-editor "^2.0.4"
|
||||
figures "^2.0.0"
|
||||
lodash "^4.3.0"
|
||||
mute-stream "0.0.7"
|
||||
run-async "^2.2.0"
|
||||
rx-lite "^4.0.8"
|
||||
rx-lite-aggregates "^4.0.8"
|
||||
string-width "^2.1.0"
|
||||
strip-ansi "^4.0.0"
|
||||
through "^2.3.6"
|
||||
|
||||
inquirer@^6.1.0:
|
||||
version "6.2.0"
|
||||
resolved "https://registry.npmjs.org/inquirer/-/inquirer-6.2.0.tgz#51adcd776f661369dc1e894859c2560a224abdd8"
|
||||
@ -4818,11 +4752,7 @@ lodash@4.17.9:
|
||||
version "4.17.9"
|
||||
resolved "https://registry.npmjs.org/lodash/-/lodash-4.17.9.tgz#9c056579af0bdbb4322e23c836df13ef2b271cb7"
|
||||
|
||||
lodash@^3.10.1:
|
||||
version "3.10.1"
|
||||
resolved "http://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz#5bf45e8e49ba4189e17d482789dfd15bd140b7b6"
|
||||
|
||||
lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.3.0:
|
||||
lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.17.5:
|
||||
version "4.17.11"
|
||||
resolved "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"
|
||||
|
||||
@ -5255,10 +5185,6 @@ node-releases@^1.0.0-alpha.11:
|
||||
dependencies:
|
||||
semver "^5.3.0"
|
||||
|
||||
nodesecurity-npm-utils@^6.0.0:
|
||||
version "6.0.0"
|
||||
resolved "https://registry.npmjs.org/nodesecurity-npm-utils/-/nodesecurity-npm-utils-6.0.0.tgz#5fb5974008c0c97a5c01844faa8fd3fc5520806c"
|
||||
|
||||
nopt@^4.0.1:
|
||||
version "4.0.1"
|
||||
resolved "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz#d0d4685afd5415193c8c7505602d0d17cd64474d"
|
||||
@ -5324,20 +5250,6 @@ npmlog@^4.0.2:
|
||||
gauge "~2.7.3"
|
||||
set-blocking "~2.0.0"
|
||||
|
||||
nsp@^3.2.1:
|
||||
version "3.2.1"
|
||||
resolved "https://registry.npmjs.org/nsp/-/nsp-3.2.1.tgz#0f540f8e85851e4ad370b14d5001098046dedfd1"
|
||||
dependencies:
|
||||
chalk "^2.1.0"
|
||||
cli-table2 "^0.2.0"
|
||||
cvss "^1.0.2"
|
||||
https-proxy-agent "^2.1.0"
|
||||
inquirer "^3.3.0"
|
||||
nodesecurity-npm-utils "^6.0.0"
|
||||
semver "^5.4.1"
|
||||
wreck "^12.5.1"
|
||||
yargs "^9.0.1"
|
||||
|
||||
nth-check@^1.0.1, nth-check@~1.0.1:
|
||||
version "1.0.1"
|
||||
resolved "https://registry.npmjs.org/nth-check/-/nth-check-1.0.1.tgz#9929acdf628fc2c41098deab82ac580cf149aae4"
|
||||
@ -7161,16 +7073,6 @@ run-queue@^1.0.0, run-queue@^1.0.3:
|
||||
dependencies:
|
||||
aproba "^1.1.1"
|
||||
|
||||
rx-lite-aggregates@^4.0.8:
|
||||
version "4.0.8"
|
||||
resolved "https://registry.npmjs.org/rx-lite-aggregates/-/rx-lite-aggregates-4.0.8.tgz#753b87a89a11c95467c4ac1626c4efc4e05c67be"
|
||||
dependencies:
|
||||
rx-lite "*"
|
||||
|
||||
rx-lite@*, rx-lite@^4.0.8:
|
||||
version "4.0.8"
|
||||
resolved "https://registry.npmjs.org/rx-lite/-/rx-lite-4.0.8.tgz#0b1e11af8bc44836f04a6407e92da42467b79444"
|
||||
|
||||
rxjs@^6.1.0:
|
||||
version "6.3.2"
|
||||
resolved "https://registry.npmjs.org/rxjs/-/rxjs-6.3.2.tgz#6a688b16c4e6e980e62ea805ec30648e1c60907f"
|
||||
@ -8422,13 +8324,6 @@ wrappy@1:
|
||||
version "1.0.2"
|
||||
resolved "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
|
||||
|
||||
wreck@^12.5.1:
|
||||
version "12.5.1"
|
||||
resolved "https://registry.npmjs.org/wreck/-/wreck-12.5.1.tgz#cd2ffce167449e1f0242ed9cf80552e20fb6902a"
|
||||
dependencies:
|
||||
boom "5.x.x"
|
||||
hoek "4.x.x"
|
||||
|
||||
write-file-atomic@^2.1.0:
|
||||
version "2.3.0"
|
||||
resolved "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-2.3.0.tgz#1ff61575c2e2a4e8e510d6fa4e243cce183999ab"
|
||||
@ -8485,12 +8380,6 @@ yallist@^3.0.0, yallist@^3.0.2:
|
||||
version "3.0.2"
|
||||
resolved "https://registry.npmjs.org/yallist/-/yallist-3.0.2.tgz#8452b4bb7e83c7c188d8041c1a837c773d6d8bb9"
|
||||
|
||||
yargs-parser@^7.0.0:
|
||||
version "7.0.0"
|
||||
resolved "https://registry.npmjs.org/yargs-parser/-/yargs-parser-7.0.0.tgz#8d0ac42f16ea55debd332caf4c4038b3e3f5dfd9"
|
||||
dependencies:
|
||||
camelcase "^4.1.0"
|
||||
|
||||
yargs-parser@^9.0.2:
|
||||
version "9.0.2"
|
||||
resolved "https://registry.npmjs.org/yargs-parser/-/yargs-parser-9.0.2.tgz#9ccf6a43460fe4ed40a9bb68f48d43b8a68cc077"
|
||||
@ -8514,24 +8403,6 @@ yargs@^11.0.0:
|
||||
y18n "^3.2.1"
|
||||
yargs-parser "^9.0.2"
|
||||
|
||||
yargs@^9.0.1:
|
||||
version "9.0.1"
|
||||
resolved "https://registry.npmjs.org/yargs/-/yargs-9.0.1.tgz#52acc23feecac34042078ee78c0c007f5085db4c"
|
||||
dependencies:
|
||||
camelcase "^4.1.0"
|
||||
cliui "^3.2.0"
|
||||
decamelize "^1.1.1"
|
||||
get-caller-file "^1.0.1"
|
||||
os-locale "^2.0.0"
|
||||
read-pkg-up "^2.0.0"
|
||||
require-directory "^2.1.1"
|
||||
require-main-filename "^1.0.1"
|
||||
set-blocking "^2.0.0"
|
||||
string-width "^2.0.0"
|
||||
which-module "^2.0.0"
|
||||
y18n "^3.2.1"
|
||||
yargs-parser "^7.0.0"
|
||||
|
||||
yargs@~3.10.0:
|
||||
version "3.10.0"
|
||||
resolved "http://registry.npmjs.org/yargs/-/yargs-3.10.0.tgz#f7ee7bd857dd7c1d2d38c0e74efbd681d1431fd1"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user