1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-01 13:47:06 +01:00
metamask-extension/.circleci/scripts/yarn-audit.sh
ricky 0fd1cea1fe
Feature/remove bitmask (#14489)
* remove bitmask

* add --fail-on-missing-exclusions

* add .iyarc
2022-04-21 17:58:57 -04:00

25 lines
735 B
Bash
Executable File

#!/usr/bin/env bash
set -e
set -u
set -x
set -o pipefail
# use `improved-yarn-audit` since that allows for exclude
# exclusions are in .iyarc now
yarn run improved-yarn-audit \
--ignore-dev-deps \
--min-severity moderate \
--fail-on-missing-exclusions
audit_status="$?"
if [[ "$audit_status" != 0 ]]
then
count="$(yarn audit --level moderate --groups dependencies --json | tail -1 | jq '.data.vulnerabilities.moderate + .data.vulnerabilities.high + .data.vulnerabilities.critical')"
printf "Audit shows %s moderate or high severity advisories _in the production dependencies_\n" "$count"
exit 1
else
printf "Audit shows _zero_ moderate or high severity advisories _in the production dependencies_\n"
fi