Releases: IBM/audit-ci
v2.5.0
Add current audit-ci version to output
Remove duplicate advisories from whitelisted list
Fixes:
#112: Remove duplicate advisories from whitelisted list
Add list of advisories to failed summary output
Features
- Add list of advisories to failed summary output (#110)
Add `--path-whitelist` option and fix `--pass-enoaudit`
Adds `JSONStream` for handling JSON data too big for `JSON.parse`
Introduce `-pass-enoaudit` flag
Features
#88 - Added --pass-enoaudit
flag to mitigate issues with registries having service unavailability
Fix retry mechanism for NPM ENOAUDIT
Diff: https://github.com/IBM/audit-ci/compare/v2.0.0..v2.0.1
Bug fixes
Fix retry mechanism for another version of NPM error message: #89
Use --report-type {type} instead of --report or --summary
Diff: https://github.com/IBM/audit-ci/compare/v1.7.0..v2.0.0
BREAKING
The default report output has been changed for Yarn and NPM. Instead of showing the audit summary alone, it shows the audit summary as well as relevant vulnerabilities. This behaviour can be changed using the --report-type
option.
Spec:
--report-type important
--> (default) Show the audit summary and relevant vulnerabilities
--report-type summary
--> Only show the audit summary (# of each vulnerability)
--report-type full
--> Show the full audit report
Features
Chores
- Deprecate
--report
in favour of--report-type full
- Deprecate
--summary
in favour of--report-type summary
Major release due to changing the default behaviour for audit reporting and deprecating key options
Warn when whitelisted advisories are not found + bug fixes
Diff: https://github.com/IBM/audit-ci/compare/v1.5.0..v1.6.0
Features
Fixes
- Handle non-JSON Yarn audit report (re-closes #45) (PR: #66 and #76)
- Fix broken link in README (PR: #78)
Chores
- Update
.travis.yml
config to use thecache: npm
shortcut and provide more docs (PR: #79) - Fix advisories (fixes #67) (PR: #68 and #80)
- Bump Mocha (minor) (PR: #80)
- Bump ESLint (minor) (PR: #80)
Minor release due to the new behaviour of Yarn non-JSON audit report and warning when whitelisted advisories are not found