Skip to content

Releases: IBM/audit-ci

v2.5.1

15 Feb 04:08
0af1d5e
Compare
Choose a tag to compare

Fixes:

#129 - fix: NPM ENOAUDIT message capturing improvements

v2.5.0

14 Feb 20:28
e836b34
Compare
Choose a tag to compare

Fixes:
#120 - fix: Get audit-ci version from package.json

Docs:
#123 - docs: Change suggested usage to include master

Build:
#121 - fix(CI): Update CircleCI and Travis-CI build configs
#122 - fix(CI): audit-ci checks in CircleCI on PR builds

Add current audit-ci version to output

24 Oct 16:46
9ba2ec5
Compare
Choose a tag to compare

#114 - Add current audit-ci version to output
#115 - chore(contributing): Improve testing section

Remove duplicate advisories from whitelisted list

23 Oct 00:23
5ff791c
Compare
Choose a tag to compare

Fixes:

#112: Remove duplicate advisories from whitelisted list

Add list of advisories to failed summary output

29 Sep 22:56
73339c1
Compare
Choose a tag to compare

Features

  • Add list of advisories to failed summary output (#110)

Add `--path-whitelist` option and fix `--pass-enoaudit`

05 Aug 23:55
920b0df
Compare
Choose a tag to compare

Features:
#104 - Add "path-whitelist" option

Fixes:
#108 - Fix --pass-enoaudit to not always pass an audit

Docs:
#101 - README typo fix for the --report-type
#105 - Aditional examples for path whitelisting

Adds `JSONStream` for handling JSON data too big for `JSON.parse`

15 Jul 15:16
123005e
Compare
Choose a tag to compare

Fixes:

  • #97 - Adds JSONStream for handling JSON data too big for JSON.parse
  • #98 - Change low vulnerability dependency test

Docs:

  • #99 - Add --pass-enoaudit information to README
  • #101 - Typo fix for the --report-type

Introduce `-pass-enoaudit` flag

28 Jun 13:52
d92ba34
Compare
Choose a tag to compare

Features

#88 - Added --pass-enoaudit flag to mitigate issues with registries having service unavailability

Fix retry mechanism for NPM ENOAUDIT

06 Jun 15:52
b7ba2f3
Compare
Choose a tag to compare

Diff: https://github.com/IBM/audit-ci/compare/v2.0.0..v2.0.1

Bug fixes
Fix retry mechanism for another version of NPM error message: #89

Use --report-type {type} instead of --report or --summary

29 May 16:30
b7d70ed
Compare
Choose a tag to compare

Diff: https://github.com/IBM/audit-ci/compare/v1.7.0..v2.0.0

BREAKING

The default report output has been changed for Yarn and NPM. Instead of showing the audit summary alone, it shows the audit summary as well as relevant vulnerabilities. This behaviour can be changed using the --report-type option.

Spec:

--report-type important --> (default) Show the audit summary and relevant vulnerabilities
--report-type summary --> Only show the audit summary (# of each vulnerability)
--report-type full --> Show the full audit report

Features

  • Introduce --report-type {important,summary,full} flag #74 (closes #64 )

Chores

  • Deprecate --report in favour of --report-type full
  • Deprecate --summary in favour of --report-type summary

Major release due to changing the default behaviour for audit reporting and deprecating key options