sasjs · allanbowe · Jan 29, 2025 · Jan 29, 2025 · Jan 30, 2025 · Jan 30, 2025
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
@@ -1,18 +1,17 @@
 # Security Policy
 
-As an Enterprise tool, security is taken seriously by the SASjs team.  In general we look to minimise third party dependencies, and we distinguish between production dependencies and development dependencies whenever possible.
+As an Enterprise tool, security is taken seriously by the SASjs team. In general we look to minimise third party dependencies, and we distinguish between production dependencies and development dependencies whenever possible.
 
 In addition we take the following steps:
 
-* Use of Dependabot for automated reporting of security issues
-* Locking versions to prevent upgrades unless explicitly applied
-* We run `npm audit` as part of the CI build to ensure the dependency tree is clear from warnings
+- Use of Dependabot for automated reporting of security issues.
+- Locking versions to prevent upgrades unless explicitly applied.
+- We run `npm run audit` as part of the CI build to ensure the dependency tree is clear from warnings. At the moment we ignore the reported Cross-Site Request Forgery vulnerability in Axios because it is mainly related to the browsers and it does not apply to @sasjs/cli.
 
 ## Supported Versions
 
-We support only the latest version with security updates.  If you would like an earlier version supported, then do [get in touch](https://sasapps.io/contact-us).
+We support only the latest version with security updates. If you would like an earlier version supported, then do [get in touch](https://sasapps.io/contact-us).
 
 ## Reporting a Vulnerability
 
-We welcome reponsible disclosures and will act immediately.  Please report [here](https://sasapps.io/contact-us) with full details of the vulnerability.
-
+We welcome reponsible disclosures and will act immediately. Please report [here](https://sasapps.io/contact-us) with full details of the vulnerability.
diff --git a/.github/workflows/npmpublish.yml b/.github/workflows/npmpublish.yml
@@ -14,7 +14,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [lts/hydrogen]
+        node-version: [lts/iron]
 
     steps:
       - name: Checkout
@@ -35,7 +35,7 @@ jobs:
         run: npm run build
 
       - name: Check npm audit
-        run: npm audit --omit=dev --audit-level=low
+        run: npm run audit
 
       - name: Set NPM Registry back to https
         run: npm config set registry https://registry.npmjs.org

diff --git a/.github/workflows/run-tests-windows.yml b/.github/workflows/run-tests-windows.yml
@@ -12,7 +12,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [lts/hydrogen]
+        node-version: [lts/iron]
 
     steps:
       - uses: actions/checkout@v2
@@ -30,7 +30,7 @@ jobs:
       - name: Install Doxygen
         run: |
           git clone https://github.com/sasjs/doxygen-installer.git
-          .\doxygen-installer\install.bat
+          .\doxygen-installer\install.bat -Force
 
       - name: Add doxygen to path
         run: echo "C:\Program Files\doxygen\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append

diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
@@ -12,7 +12,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [lts/hydrogen]
+        node-version: [lts/iron]
 
     steps:
       - uses: actions/checkout@v2
@@ -24,7 +24,7 @@ jobs:
           cache: npm
 
       - name: Check npm audit
-        run: npm audit --production --audit-level=low
+        run: npm install -g better-npm-audit && npm run audit
 
       - name: Install production dependencies (fail if any warning)
         run: sh ./npm-production-install.sh

diff --git a/.nsprc b/.nsprc
@@ -0,0 +1,6 @@
+{
+  "1097679": {
+    "active": true,
+    "notes": "Ignored since the Cross-Site Request Forgery vulnerability in Axios is mainly related to the browsers and it does not apply to @sasjs/cli."
+  }
+}
diff --git a/README.md b/README.md
@@ -3,12 +3,9 @@
 [![npm package][npm-image]][npm-url]
 [![Github Workflow][githubworkflow-image]][githubworkflow-url]
 [![npm](https://img.shields.io/npm/dt/@sasjs/cli)]()
-![Snyk Vulnerabilities for npm package](https://img.shields.io/snyk/vulnerabilities/npm/@sasjs/cli)
-[![License](https://img.shields.io/apm/l/atomic-design-ui.svg)](/LICENSE)
 ![GitHub top language](https://img.shields.io/github/languages/top/sasjs/cli)
 [![GitHub closed issues](https://img.shields.io/github/issues-closed-raw/sasjs/cli)](https://github.com/sasjs/cli/issues?q=is%3Aissue+is%3Aclosed)
 [![GitHub issues](https://img.shields.io/github/issues-raw/sasjs/cli)](https://github.com/sasjs/cli/issues)
-[![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-908a85?logo=gitpod)](https://gitpod.io/#https://github.com/sasjs/cli)
 
 [npm-image]: https://img.shields.io/npm/v/@sasjs/cli.svg
 [npm-url]: http://npmjs.org/package/@sasjs/cli

diff --git a/jest.config.js b/jest.config.js
@@ -45,7 +45,7 @@ module.exports = {
     global: {
       statements: 73.51,
       branches: 60.57,
-      functions: 73.56,
+      functions: 73.45,
       lines: 74.12
     }
   },