m/metamask-extension
1
0
Fork 0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Code

Merge pull request #6690 from MetaMask/npm-audit

Browse Source 
Re-enable npm audit CI job
This commit is contained in:
Thomas Huang 2019-06-06 15:00:27 -07:00 committed by GitHub
commit 3dc7e29a51
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 21147 additions and 7161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
.circleci/config.yml
View File

@ -17,9 +17,9 @@ workflows:
- test-lint: - test-lint:
requires: requires:
- prep-deps-npm - prep-deps-npm
# - test-deps: - test-deps:
# requires: requires:
# - prep-deps-npm - prep-deps-npm
- test-e2e-chrome: - test-e2e-chrome:
requires: requires:
- prep-deps-npm - prep-deps-npm
@ -156,16 +156,16 @@ jobs:
name: Test name: Test
command: npm run lint command: npm run lint
# test-deps: test-deps:
# docker: docker:
# - image: circleci/node:8.11.3-browsers - image: circleci/node:8.15.1-browsers
# steps: steps:
# - checkout - checkout
# - attach_workspace: - attach_workspace:
# at: . at: .
# - run: - run:
# name: Test name: npm audit
# command: sudo npm install -g npm@6 && npm audit command: .circleci/scripts/npm-audit
# test-e2e-beta-drizzle: # test-e2e-beta-drizzle:
# docker: # docker:

12
.circleci/scripts/npm-audit Executable file
View File

@ -0,0 +1,12 @@
#!/usr/bin/env bash
set -e
set -u
set -o pipefail
if ! npm audit
then
! npm audit --json > audit.json
printf '%s\n' ''
node .circleci/scripts/npm-audit-check.js
fi

24
.circleci/scripts/npm-audit-check.js Normal file
View File

@ -0,0 +1,24 @@
const path = require('path')
const audit = require(path.join(__dirname, '..', '..', 'audit.json'))
const error = audit.error
const advisories = Object.keys(audit.advisories || []).map((k) => audit.advisories[k])
if (error) {
process.exit(1)
}
let count = 0
for (const advisory of advisories) {
if (advisory.severity === 'low') {
continue
}
count += advisory.findings.some((finding) => (!finding.dev && !finding.optional))
}
if (count > 0) {
console.log(`Audit shows ${count} moderate or high severity advisories _in the production dependencies_`)
process.exit(1)
} else {
console.log(`Audit shows _zero_ moderate or high severity advisories _in the production dependencies_`)
}

28302
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

42
package.json
View File

@ -56,7 +56,7 @@
"@material-ui/core": "1.0.0", "@material-ui/core": "1.0.0",
"@sentry/browser": "^4.1.1", "@sentry/browser": "^4.1.1",
"@zxing/library": "^0.8.0", "@zxing/library": "^0.8.0",
"abi-decoder": "^1.0.9", "abi-decoder": "^1.2.0",
"asmcrypto.js": "0.22.0", "asmcrypto.js": "0.22.0",
"async": "^2.5.0", "async": "^2.5.0",
"await-semaphore": "^0.1.1", "await-semaphore": "^0.1.1",
@ -90,8 +90,8 @@
"eth-contract-metadata": "github:MetaMask/eth-contract-metadata#dc68506221859bc90792bc5e0279a6835f2484d8", "eth-contract-metadata": "github:MetaMask/eth-contract-metadata#dc68506221859bc90792bc5e0279a6835f2484d8",
"eth-ens-namehash": "^2.0.8", "eth-ens-namehash": "^2.0.8",
"eth-hd-keyring": "^1.2.2", "eth-hd-keyring": "^1.2.2",
"eth-json-rpc-filters": "^3.0.3", "eth-json-rpc-filters": "^3.0.4",
"eth-json-rpc-infura": "^3.0.0", "eth-json-rpc-infura": "^3.2.0",
"eth-keyring-controller": "^3.3.1", "eth-keyring-controller": "^3.3.1",
"eth-ledger-bridge-keyring": "^0.2.0", "eth-ledger-bridge-keyring": "^0.2.0",
"eth-method-registry": "^1.2.0", "eth-method-registry": "^1.2.0",
@ -101,7 +101,7 @@
"eth-token-tracker": "^1.1.5", "eth-token-tracker": "^1.1.5",
"eth-trezor-keyring": "^0.4.0", "eth-trezor-keyring": "^0.4.0",
"ethereumjs-abi": "^0.6.4", "ethereumjs-abi": "^0.6.4",
"ethereumjs-tx": "^1.3.0", "ethereumjs-tx": "^1.3.7",
"ethereumjs-util": "github:ethereumjs/ethereumjs-util#ac5d0908536b447083ea422b435da27f26615de9", "ethereumjs-util": "github:ethereumjs/ethereumjs-util#ac5d0908536b447083ea422b435da27f26615de9",
"ethereumjs-wallet": "^0.6.0", "ethereumjs-wallet": "^0.6.0",
"etherscan-link": "^1.0.2", "etherscan-link": "^1.0.2",
@ -115,13 +115,14 @@
"fast-json-patch": "^2.0.4", "fast-json-patch": "^2.0.4",
"fast-levenshtein": "^2.0.6", "fast-levenshtein": "^2.0.6",
"fuse.js": "^3.2.0", "fuse.js": "^3.2.0",
"gaba": "^1.3.0",
"hat": "0.0.3", "hat": "0.0.3",
"human-standard-token-abi": "^2.0.0", "human-standard-token-abi": "^2.0.0",
"identicon.js": "^2.3.1", "identicon.js": "^2.3.1",
"inject-css": "^0.1.1", "inject-css": "^0.1.1",
"jazzicon": "^1.2.0", "jazzicon": "^1.2.0",
"json-rpc-engine": "^4.0.0", "json-rpc-engine": "^4.0.0",
"json-rpc-middleware-stream": "^2.1.0", "json-rpc-middleware-stream": "^2.1.1",
"jsonschema": "^1.2.4", "jsonschema": "^1.2.4",
"lodash.debounce": "^4.0.8", "lodash.debounce": "^4.0.8",
"lodash.memoize": "^4.1.2", "lodash.memoize": "^4.1.2",
@ -187,18 +188,18 @@
"swappable-obj-proxy": "^1.1.0", "swappable-obj-proxy": "^1.1.0",
"textarea-caret": "^3.0.1", "textarea-caret": "^3.0.1",
"valid-url": "^1.0.9", "valid-url": "^1.0.9",
"web3": "^0.20.1", "web3": "^0.20.7",
"web3-stream-provider": "^3.0.1", "web3-stream-provider": "^3.0.1",
"webrtc-adapter": "^6.3.0", "webrtc-adapter": "^6.3.0",
"xtend": "^4.0.1" "xtend": "^4.0.1"
}, },
"devDependencies": { "devDependencies": {
"@sentry/cli": "^1.30.3", "@sentry/cli": "^1.30.3",
"@storybook/addon-info": "^3.4.2", "@storybook/addon-info": "^5.1.1",
"@storybook/addon-knobs": "^3.4.2", "@storybook/addon-knobs": "^3.4.2",
"@storybook/react": "^3.4.2", "@storybook/react": "^5.1.1",
"addons-linter": "^1.3.4", "addons-linter": "^1.10.0",
"babel-core": "^6.24.1", "babel-core": "^6.26.3",
"babel-eslint": "^8.0.0", "babel-eslint": "^8.0.0",
"babel-plugin-transform-async-to-generator": "^6.24.1", "babel-plugin-transform-async-to-generator": "^6.24.1",
"babel-plugin-transform-runtime": "^6.23.0", "babel-plugin-transform-runtime": "^6.23.0",
@ -215,7 +216,7 @@
"clipboardy": "^1.2.3", "clipboardy": "^1.2.3",
"coveralls": "^3.0.0", "coveralls": "^3.0.0",
"cross-env": "^5.1.4", "cross-env": "^5.1.4",
"css-loader": "^0.28.11", "css-loader": "^2.1.1",
"deep-freeze-strict": "^1.1.1", "deep-freeze-strict": "^1.1.1",
"del": "^3.0.0", "del": "^3.0.0",
"envify": "^4.0.0", "envify": "^4.0.0",
@ -225,15 +226,14 @@
"eslint-plugin-json": "^1.2.0", "eslint-plugin-json": "^1.2.0",
"eslint-plugin-mocha": "^5.0.0", "eslint-plugin-mocha": "^5.0.0",
"eslint-plugin-react": "^7.4.0", "eslint-plugin-react": "^7.4.0",
"eth-json-rpc-middleware": "^3.1.6", "eth-json-rpc-middleware": "^3.1.7",
"fetch-mock": "^6.5.2", "fetch-mock": "^6.5.2",
"file-loader": "^1.1.11", "file-loader": "^1.1.11",
"fs-extra": "^6.0.1", "fs-extra": "^6.0.1",
"fs-promise": "^2.0.3", "fs-promise": "^2.0.3",
"gaba": "^1.3.0",
"ganache-cli": "^6.1.0", "ganache-cli": "^6.1.0",
"ganache-core": "^2.5.3", "ganache-core": "^2.5.5",
"geckodriver": "^1.14.1", "geckodriver": "^1.16.2",
"gh-pages": "^1.2.0", "gh-pages": "^1.2.0",
"gifencoder": "^1.1.0", "gifencoder": "^1.1.0",
"gulp": "^4.0.0", "gulp": "^4.0.0",
@ -252,16 +252,16 @@
"gulp-uglify": "^3.0.0", "gulp-uglify": "^3.0.0",
"gulp-uglify-es": "^1.0.1", "gulp-uglify-es": "^1.0.1",
"gulp-util": "^3.0.7", "gulp-util": "^3.0.7",
"gulp-watch": "^5.0.0", "gulp-watch": "^5.0.1",
"gulp-zip": "^4.0.0", "gulp-zip": "^4.0.0",
"http-server": "^0.11.1", "http-server": "^0.11.1",
"image-size": "^0.6.2", "image-size": "^0.6.2",
"isomorphic-fetch": "^2.2.1", "isomorphic-fetch": "^2.2.1",
"jsdoc": "^3.5.5", "jsdoc": "^3.6.2",
"jsdom": "^11.2.0", "jsdom": "^11.2.0",
"jsdom-global": "^3.0.2", "jsdom-global": "^3.0.2",
"jshint-stylish": "~2.2.1", "jshint-stylish": "~2.2.1",
"karma": "^3.1.1", "karma": "^4.1.0",
"karma-chrome-launcher": "^2.2.0", "karma-chrome-launcher": "^2.2.0",
"karma-cli": "^1.0.1", "karma-cli": "^1.0.1",
"karma-firefox-launcher": "^1.0.1", "karma-firefox-launcher": "^1.0.1",
@ -272,7 +272,7 @@
"mocha-jsdom": "^1.1.0", "mocha-jsdom": "^1.1.0",
"mocha-sinon": "^2.0.0", "mocha-sinon": "^2.0.0",
"nock": "^9.0.14", "nock": "^9.0.14",
"node-sass": "^4.9.2", "node-sass": "^4.12.0",
"nyc": "^13.0.0", "nyc": "^13.0.0",
"path": "^0.12.7", "path": "^0.12.7",
"png-file-stream": "^1.1.0", "png-file-stream": "^1.1.0",
@ -298,11 +298,11 @@
"style-loader": "^0.21.0", "style-loader": "^0.21.0",
"stylelint-config-standard": "^18.2.0", "stylelint-config-standard": "^18.2.0",
"tape": "^4.5.1", "tape": "^4.5.1",
"testem": "^2.8.0", "testem": "^2.16.0",
"through2": "^2.0.3", "through2": "^2.0.3",
"vinyl-buffer": "^1.0.1", "vinyl-buffer": "^1.0.1",
"vinyl-source-stream": "^2.0.0", "vinyl-source-stream": "^2.0.0",
"watchify": "^3.11.0" "watchify": "^3.11.1"
}, },
"engines": { "engines": {
"node": "8.11.3", "node": "8.11.3",