auditjs/CHANGELOG.md at 2ffc0352a25f3c08d19f6df25eb711808664fcb4 · sonatype-nexus-community/auditjs · GitHub

4.0.37 (2022-04-20)

Bug Fixes

security(npm): lock colors library to 1.4.0 (#251) (36ae07f), closes #250

4.0.36 (2022-02-08)

Bug Fixes

sonatype-2021-4879 in minimatch : 3.0.4 (384a99f)

4.0.35 (2022-01-20)

Bug Fixes

CVE-2022-21704 in log4js : 6.3.0 (b7f1548)

4.0.34 (2022-01-20)

Bug Fixes

CVE-2022-0235 in node-fetch : 2.6.1 (cde4677)

4.0.33 (2021-10-25)

Bug Fixes

Error message formatting (#248) (c8acb04), closes #206

4.0.32 (2021-09-16)

Bug Fixes

revert fix for SONATYPE-2021-1169, breaks eslint. needs more work (a7428e2)
SONATYPE-2021-1169 (74abe3c)

4.0.31 (2021-09-07)

Bug Fixes

Make caching class return undefined if property does not exist (#247) (8e3b3ad)
use newer node version in CI release process, required to run semantic-release. (589e0ce)
use newly published @xmldom/xmldom package. fixes #243 (9f8b646)

4.0.30 (2021-08-09)

Bug Fixes

CVE-2021-32796, will change when xmldom@0.7.0 is published on npm (#242) (a6c8e32)

4.0.29 (2021-08-05)

Bug Fixes

Initial move to yarn (#241) (88b063f)

4.0.28 (2021-08-03)

Bug Fixes

workaround to fix issue #239. may convert to yarn later (2056567)

4.0.27 (2021-07-30)

Bug Fixes

switch to force-resolutions to avoid error when running on a project without a package-lock.json (a07ae78)

4.0.26 (2021-07-29)

Bug Fixes

avoid ab-end in Application.spec.ts test by using process.exitCode instead of process.exit(). @TNeer rules! (1e63108)
CWE-20: Improper Input Validation in y18n version 5.0.5 (1b6a7cb)
the releases must flow. remove semantic-release dry-run flag (9bb8efb)

4.0.25 (2021-03-12)

Bug Fixes

CVE-2021-21366 in commit 4d727dcd (7875242)

4.0.24 (2021-02-12)

Bug Fixes

Handle relative URLs (#224) (c2e192c)

4.0.23 (2021-01-11)

Bug Fixes

take whitelist path parameter into account (#219) (f2f14ac)

4.0.22 (2020-12-18)

Bug Fixes

document release process, test release credentials (3e5b2ba)

4.0.21 (2020-12-17)

Bug Fixes

Adds insecure flag, implements (#213) (88e7d87)

4.0.20 (2020-11-17)

Bug Fixes

Vulnerability field (#216) (0b91917)

4.0.19 (2020-11-06)

Bug Fixes

YARGS TO THE FUTURE (#214) (254ea3d)

4.0.18 (2020-06-04)

Bug Fixes

Bump node-persist version (#201) (144e370)

4.0.17 (2020-06-02)

Bug Fixes

Add support of proxy environment variable (#191) (#199) (276974d)

4.0.16 (2020-05-20)

Bug Fixes

Mention support on README (e09edfd)

4.0.15 (2020-05-08)

Bug Fixes

Pipe cyclonedx sbom to std_out (#194) (9bf2ae0), closes #195

4.0.14 (2020-03-27)

Bug Fixes

Bump yargs due to yargs/yargs-parser#258 (#190) (69598e5)

4.0.13 (2020-03-24)

Bug Fixes

Allow someone to force a Bower scan, if they so wish (#182) (840e81c)

4.0.12 (2020-03-12)

Bug Fixes

pkg.homepage, not pkg.repository.url (213e52d)

4.0.11 (2020-03-12)

Bug Fixes

(bug) Fixed NPE in logger if meta is not passed in (#183) (c113741)

4.0.10 (2020-03-04)

Bug Fixes

-d flag includes dev dependencies, not excludes (#181) (188b9be)

4.0.9 (2020-03-03)

Bug Fixes

move to formatters (#180) (fa59842)

4.0.8 (2020-02-28)

Bug Fixes

add some info on AuditJS and IQ CLI Scanner, and differences (ca3c119)
add verbiage to identify some potential differences with using AuditJS vs using the Sonatype Nexus IQ CLI Scanner (1d5a2d7)

4.0.7 (2020-02-26)

Bug Fixes

memorialize Allen, through AllenJS (592fb93)

4.0.6 (2020-02-24)

Bug Fixes

Added Istanbul (not Constantinople) as a code coverage checker (#173) (c7d3536)

4.0.5 (2020-02-21)

Bug Fixes

Moving from Winston to Log4JS (#166) (b22a9e0)

4.0.4 (2020-02-21)

Bug Fixes

Suggest to run with dev flag if 0 dependencies are found (#171) (39b7d73)

4.0.3 (2020-02-21)

Bug Fixes

Make sure CycloneDXSbomCreator handles URIs if it runs into a bad one (#170) (d6d24ba)

4.0.2 (2020-02-19)

Bug Fixes

Remove some deps (#165) (36d3bde)

4.0.1 (2020-02-18)

Bug Fixes

turn off Dry Run, publish to npm, hang on to your butts (5a96d2a)