1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-25 11:28:51 +01:00
metamask-extension/.circleci/scripts/yarn-audit.sh
Brad Decker 6d1170f06c
upgrade yarn to version 3 (#16232)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: ricky <ricky.miller@gmail.com>
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
Co-authored-by: legobt <6wbvkn0j@anonaddy.me>
Co-authored-by: Pedro Figueiredo <pedro.figueiredo@consensys.net>
2022-12-08 10:38:04 -06:00

25 lines
745 B
Bash
Executable File

#!/usr/bin/env bash
set -e
set -u
set -x
set -o pipefail
# use `improved-yarn-audit` since that allows for exclude
# exclusions are in .iyarc now
yarn run improved-yarn-audit \
--ignore-dev-deps \
--min-severity moderate \
--fail-on-missing-exclusions
audit_status="$?"
if [[ "$audit_status" != 0 ]]
then
count="$(yarn npm audit --severity moderate --environment production --json | tail -1 | jq '.data.vulnerabilities.moderate + .data.vulnerabilities.high + .data.vulnerabilities.critical')"
printf "Audit shows %s moderate or high severity advisories _in the production dependencies_\n" "$count"
exit 1
else
printf "Audit shows _zero_ moderate or high severity advisories _in the production dependencies_\n"
fi