Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: allow audit --fix to skip installing overrides based on pnpm.auditConfig.ignoreCves array in the manifest #5592

Merged
merged 6 commits into from
Nov 8, 2022
Merged

feat: allow audit --fix to skip installing overrides based on pnpm.auditConfig.ignoreCves array in the manifest #5592

merged 6 commits into from
Nov 8, 2022

Commits on Nov 8, 2022

  1. feat: (plugin-commands-audit,types) add allowList to audit --fix 

    - Add an allowList field to the ProjectManifest type
- Skip install of overrides for CVEs in the allowList
- Add has-allowlist fixture and test
    @CobyPear @zkochan
    CobyPear authored and zkochan committed Nov 8, 2022
    Configuration menu
    Copy the full SHA
    6c0e8a9 View commit details
    Browse the repository at this point in the history

  2. refactor: updates from code review 

    - Change config option to auditConfig.ignoreCves
- Update test to ignore 3 overrides
- Refactor filter callback
- Rename fixture
    @CobyPear @zkochan
    CobyPear authored and zkochan committed Nov 8, 2022
    Configuration menu
    Copy the full SHA
    3051ece View commit details
    Browse the repository at this point in the history

  3. refactor: audit

    @zkochan
    zkochan committed Nov 8, 2022
    Configuration menu
    Copy the full SHA
    2eb4134 View commit details
    Browse the repository at this point in the history

  4. feat: ensure audit doesn't fail on ignored CVEs

    @CobyPear @zkochan
    CobyPear authored and zkochan committed Nov 8, 2022
    Configuration menu
    Copy the full SHA
    7fb6372 View commit details
    Browse the repository at this point in the history

  5. test(audit): fix

    @zkochan
    zkochan committed Nov 8, 2022
    Configuration menu
    Copy the full SHA
    36481ad View commit details
    Browse the repository at this point in the history

  6. refactor: audit

    @zkochan
    zkochan committed Nov 8, 2022
    Configuration menu
    Copy the full SHA
    f503ea8 View commit details
    Browse the repository at this point in the history