From 9ede4e1140a33e8e97a2f8838a1eac423917ca05 Mon Sep 17 00:00:00 2001 From: Lucas Nogueira Date: Fri, 23 Aug 2024 14:43:05 -0300 Subject: [PATCH] use audit-ci --- .changes/config.json | 46 +++++++++++++++++++++++---------- tooling/api/audit-ci.jsonc | 8 ++++++ tooling/cli/node/audit-ci.jsonc | 8 ++++++ 3 files changed, 49 insertions(+), 13 deletions(-) create mode 100644 tooling/api/audit-ci.jsonc create mode 100644 tooling/cli/node/audit-ci.jsonc diff --git a/.changes/config.json b/.changes/config.json index 4298f31a2ce..75f86d79a03 100644 --- a/.changes/config.json +++ b/.changes/config.json @@ -87,12 +87,12 @@ "dryRunCommand": true }, { - "command": "echo '
\n

Yarn Audit

\n\n```'", + "command": "echo '
\n

Audit

\n\n```'", "dryRunCommand": true, "pipe": true }, { - "command": "yarn audit", + "command": "npx audit-ci --config ./audit-ci.jsonc", "dryRunCommand": true, "runFromRoot": true, "pipe": true @@ -148,12 +148,12 @@ "dryRunCommand": true }, { - "command": "echo '
\n

Yarn Audit

\n\n```'", + "command": "echo '
\n

Audit

\n\n```'", "dryRunCommand": true, "pipe": true }, { - "command": "yarn audit", + "command": "npx audit-ci --config ./audit-ci.jsonc", "dryRunCommand": true, "runFromRoot": true, "pipe": true @@ -193,32 +193,47 @@ "tauri-bundler": { "path": "./tooling/bundler", "manager": "rust", - "dependencies": ["tauri-utils"] + "dependencies": [ + "tauri-utils" + ] }, "tauri-runtime": { "path": "./core/tauri-runtime", "manager": "rust", - "dependencies": ["tauri-utils"] + "dependencies": [ + "tauri-utils" + ] }, "tauri-runtime-wry": { "path": "./core/tauri-runtime-wry", "manager": "rust", - "dependencies": ["tauri-utils", "tauri-runtime"] + "dependencies": [ + "tauri-utils", + "tauri-runtime" + ] }, "tauri-codegen": { "path": "./core/tauri-codegen", "manager": "rust", - "dependencies": ["tauri-utils"] + "dependencies": [ + "tauri-utils" + ] }, "tauri-macros": { "path": "./core/tauri-macros", "manager": "rust", - "dependencies": ["tauri-codegen", "tauri-utils"] + "dependencies": [ + "tauri-codegen", + "tauri-utils" + ] }, "tauri-build": { "path": "./core/tauri-build", "manager": "rust", - "dependencies": ["tauri-codegen", "tauri-utils"], + "dependencies": [ + "tauri-codegen", + "tauri-utils" + ], "postversion": [ "node ../../.scripts/covector/sync-cli-metadata.js ${ pkg.pkg } ${ release.type }", "cargo build --manifest-path ../tauri-config-schema/Cargo.toml" @@ -245,7 +260,9 @@ "path": "./tooling/cli/node", "manager": "javascript", "getPublishedVersion": "node ../../../.scripts/covector/package-latest-version.js npm ${ pkgFile.pkg.name } ${ pkgFile.pkg.version }", - "dependencies": ["tauri-cli"], + "dependencies": [ + "tauri-cli" + ], "postversion": [ "node ../../../.scripts/covector/sync-cli-metadata.js ${ pkg.pkg } ${ release.type }", "cargo build --manifest-path ../../../core/tauri-config-schema/Cargo.toml" @@ -257,7 +274,10 @@ "tauri-cli": { "path": "./tooling/cli", "manager": "rust", - "dependencies": ["tauri-bundler", "tauri-utils"], + "dependencies": [ + "tauri-bundler", + "tauri-utils" + ], "postversion": [ "cargo check", "cargo build --manifest-path ../../core/tauri-config-schema/Cargo.toml" @@ -275,4 +295,4 @@ "postversion": "cargo check" } } -} +} \ No newline at end of file diff --git a/tooling/api/audit-ci.jsonc b/tooling/api/audit-ci.jsonc new file mode 100644 index 00000000000..f6628ce6219 --- /dev/null +++ b/tooling/api/audit-ci.jsonc @@ -0,0 +1,8 @@ +{ + // $schema provides code completion hints to IDEs. + "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json", + "moderate": true, + "allowlist": [ + "GHSA-952p-6rrq-rcjv" + ] +} diff --git a/tooling/cli/node/audit-ci.jsonc b/tooling/cli/node/audit-ci.jsonc new file mode 100644 index 00000000000..f6628ce6219 --- /dev/null +++ b/tooling/cli/node/audit-ci.jsonc @@ -0,0 +1,8 @@ +{ + // $schema provides code completion hints to IDEs. + "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json", + "moderate": true, + "allowlist": [ + "GHSA-952p-6rrq-rcjv" + ] +}