@security-alert/share 1.3.0 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/lib/VulnerabilityAlerts.js +44 -43
  2. package/lib/VulnerabilityAlerts.js.map +1 -1
  3. package/lib/fetchPackageDetails.js +7 -7
  4. package/lib/fetchPackageDetails.js.map +1 -1
  5. package/lib/index.js +1 -0
  6. package/lib/index.js.map +1 -1
  7. package/lib/parser/package-lock.json.js.map +1 -1
  8. package/lib/parser/package.json.js.map +1 -1
  9. package/lib/parser/yarn-lock.js +1 -1
  10. package/lib/parser/yarn-lock.js.map +1 -1
  11. package/package.json +8 -26
  12. package/src/VulnerabilityAlerts.ts +65 -59
  13. package/src/fetchPackageDetails.ts +35 -32
  14. package/src/index.ts +7 -3
  15. package/src/parser/Details.ts +1 -1
  16. package/src/parser/package-lock.json.ts +8 -4
  17. package/src/parser/package.json.ts +9 -5
  18. package/src/parser/yarn-lock.ts +13 -6
  19. package/CHANGELOG.md +0 -33
package/lib/VulnerabilityAlerts.js CHANGED
@@ -14,50 +14,51 @@ const graphql_1 = require("@octokit/graphql");
14
14
  function fetchVulnerabilityAlerts(options) {
15
15
  return __awaiter(this, void 0, void 0, function* () {
16
16
  // https://developer.github.com/v4/object/repository/#connections
17
- const { repository } = yield graphql_1.graphql(`
18
- query vulnerabilityAlerts($owner: String!, $repo: String!) {
19
- repository(owner:$owner, name:$repo) {
20
- vulnerabilityAlerts(first:100) {
21
- edges {
22
- node {
23
- id
24
- vulnerableManifestFilename
25
- vulnerableManifestPath
26
- vulnerableRequirements
27
- dismissReason
28
- dismissedAt
29
- dismisser {
30
- login
31
- }
32
- securityAdvisory {
33
- ghsaId
34
- description
35
- severity
36
- summary
37
- identifiers {
38
- type
39
- value
17
+ const { repository } = yield (0, graphql_1.graphql)(`
18
+ query vulnerabilityAlerts($owner: String!, $repo: String!) {
19
+ repository(owner: $owner, name: $repo) {
20
+ vulnerabilityAlerts(first: 100) {
21
+ edges {
22
+ node {
23
+ id
24
+ vulnerableManifestFilename
25
+ vulnerableManifestPath
26
+ vulnerableRequirements
27
+ dismissReason
28
+ dismissedAt
29
+ dismisser {
30
+ login
31
+ }
32
+ securityAdvisory {
33
+ ghsaId
34
+ description
35
+ severity
36
+ summary
37
+ identifiers {
38
+ type
39
+ value
40
+ }
41
+ references {
42
+ url
43
+ }
44
+ }
45
+ securityVulnerability {
46
+ firstPatchedVersion {
47
+ identifier
48
+ }
49
+ vulnerableVersionRange
50
+ severity
51
+ package {
52
+ name
53
+ ecosystem
54
+ }
55
+ }
56
+ }
57
+ }
58
+ }
59
+ }
40
60
  }
41
- references {
42
- url
43
- }
44
- }
45
- securityVulnerability {
46
- firstPatchedVersion {
47
- identifier
48
- }
49
- vulnerableVersionRange
50
- severity
51
- package {
52
- name
53
- ecosystem
54
- }
55
- }
56
- }
57
- }
58
- }
59
- }
60
- }`, {
61
+ `, {
61
62
  owner: options.owner,
62
63
  repo: options.repo,
63
64
  headers: {
package/lib/VulnerabilityAlerts.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"VulnerabilityAlerts.js","sourceRoot":"","sources":["../src/VulnerabilityAlerts.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAA2C;AAuC3C,SAAsB,wBAAwB,CAAC,OAAwC;;QACnF,iEAAiE;QACjE,MAAM,EAAC,UAAU,EAAC,GAAG,MAAM,iBAAO,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2CrC,EAAE;YACI,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,OAAO,EAAE;gBACL,aAAa,EAAE,SAAS,OAAO,CAAC,KAAK,EAAE;gBACvC,MAAM,EAAE,2CAA2C;aACtD;SACJ,CAAC,CAAC;QACH,OAAO,UAAU,CAAC,mBAAmB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE;YAC1D,OAAO,IAAI,CAAC,IAAI,CAAC;QACrB,CAAC,CAAC,CAAC;IACP,CAAC;CAAA;AAxDD,4DAwDC"}
1
+ {"version":3,"file":"VulnerabilityAlerts.js","sourceRoot":"","sources":["../src/VulnerabilityAlerts.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAA2C;AAuC3C,SAAsB,wBAAwB,CAC1C,OAAwC;;QAExC,iEAAiE;QACjE,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,iBAAO,EAChC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;SA4CC,EACD;YACI,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,OAAO,EAAE;gBACL,aAAa,EAAE,SAAS,OAAO,CAAC,KAAK,EAAE;gBACvC,MAAM,EAAE,2CAA2C;aACtD;SACJ,CACJ,CAAC;QACF,OAAO,UAAU,CAAC,mBAAmB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE;YAC1D,OAAO,IAAI,CAAC,IAAI,CAAC;QACrB,CAAC,CAAC,CAAC;IACP,CAAC;CAAA;AA9DD,4DA8DC"}
package/lib/fetchPackageDetails.js CHANGED
@@ -32,7 +32,7 @@ function fetchPackageDetails(options) {
32
32
  owner: options.owner,
33
33
  path: options.packageFilePath
34
34
  })
35
- .then(res => {
35
+ .then((res) => {
36
36
  if (res.data.type !== "file") {
37
37
  throw new Error("This is not file:" + options.packageFilePath);
38
38
  }
@@ -49,22 +49,22 @@ function fetchPackageDetails(options) {
49
49
  }
50
50
  throw new Error("Unknown file type" + res.data.type + ":" + res.data.encoding);
51
51
  });
52
- if (package_lock_json_1.isPackageLock(options.packageFilePath)) {
53
- return Object.assign(Object.assign({}, package_lock_json_1.lookupPackageLockDetails({
52
+ if ((0, package_lock_json_1.isPackageLock)(options.packageFilePath)) {
53
+ return Object.assign(Object.assign({}, (0, package_lock_json_1.lookupPackageLockDetails)({
54
54
  packageName: options.packageName,
55
55
  packageFilePath: options.packageFilePath,
56
56
  pkg: JSON.parse(pkg.content)
57
57
  })), { packageManifestUrl: pkg.html_url });
58
58
  }
59
- else if (package_json_1.isPackage(options.packageFilePath)) {
60
- return Object.assign(Object.assign({}, package_json_1.lookupPackageDetails({
59
+ else if ((0, package_json_1.isPackage)(options.packageFilePath)) {
60
+ return Object.assign(Object.assign({}, (0, package_json_1.lookupPackageDetails)({
61
61
  packageName: options.packageName,
62
62
  packageFilePath: options.packageFilePath,
63
63
  pkg: JSON.parse(pkg.content)
64
64
  })), { packageManifestUrl: pkg.html_url });
65
65
  }
66
- else if (yarn_lock_1.isYarnLock(options.packageFilePath)) {
67
- return Object.assign(Object.assign({}, yarn_lock_1.lookupYarnLockDetails({
66
+ else if ((0, yarn_lock_1.isYarnLock)(options.packageFilePath)) {
67
+ return Object.assign(Object.assign({}, (0, yarn_lock_1.lookupYarnLockDetails)({
68
68
  packageName: options.packageName,
69
69
  packageFilePath: options.packageFilePath,
70
70
  pkg: lockfile.parse(pkg.content)
package/lib/fetchPackageDetails.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"fetchPackageDetails.js","sourceRoot":"","sources":["../src/fetchPackageDetails.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAwC;AACxC,wDAAsE;AACtE,kEAAmF;AAEnF,kDAAqE;AAErE,MAAM,QAAQ,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAU9C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAGpB,CAAC;AAML,SAAsB,mBAAmB,CAAC,OAA4B;;QAClE,MAAM,EAAC,KAAK,EAAC,GAAG,OAAO,CAAC;QACxB,MAAM,OAAO,GAAG,IAAI,cAAO,CAAC;YACxB,IAAI,EAAE,KAAK;SACd,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC/E,MAAM,WAAW,GAAG,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3C,MAAM,GAAG,GAAG,WAAW;YACnB,CAAC,CAAC,WAAW;YACb,CAAC,CAAC,MAAM,OAAO,CAAC,KAAK;iBAChB,UAAU,CAAC;gBACR,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,IAAI,EAAE,OAAO,CAAC,eAAe;aAChC,CAAC;iBACD,IAAI,CAAC,GAAG,CAAC,EAAE;gBACR,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE;oBAC1B,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;iBAClE;gBACD,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE;oBAChC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;oBACnE,QAAQ,CAAC,GAAG,CAAC,QAAQ,EAAE;wBACnB,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ;wBAC3B,OAAO,EAAE,OAAO;qBACnB,CAAC,CAAC;oBACH,OAAO;wBACH,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ;wBAC3B,OAAO,EAAE,OAAO;qBACnB,CAAC;iBACL;gBACD,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACnF,CAAC,CAAC,CAAC;QACX,IAAI,iCAAa,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE;YACxC,uCACO,4CAAwB,CAAC;gBACxB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;aAC/B,CAAC,KACF,kBAAkB,EAAE,GAAG,CAAC,QAAQ,IAClC;SACL;aAAM,IAAI,wBAAS,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE;YAC3C,uCACO,mCAAoB,CAAC;gBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;aAC/B,CAAC,KACF,kBAAkB,EAAE,GAAG,CAAC,QAAQ,IAClC;SACL;aAAM,IAAI,sBAAU,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE;YAC5C,uCACO,iCAAqB,CAAC;gBACrB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;aACnC,CAAC,KACF,kBAAkB,EAAE,GAAG,CAAC,QAAQ,IAClC;SACL;QACD,UAAU;QACV,OAAO,OAAO,CAAC,OAAO,CAAC;YACnB,IAAI,EAAE,OAAO,CAAC,WAAW;YACzB,OAAO,EAAE,OAAO;YAChB,eAAe,EAAE,OAAO,CAAC,eAAe;YACxC,gBAAgB,EAAE,SAAS;YAC3B,kBAAkB,EAAE,GAAG,CAAC,QAAQ;SACnC,CAAC,CAAC;IACP,CAAC;CAAA;AApED,kDAoEC"}
1
+ {"version":3,"file":"fetchPackageDetails.js","sourceRoot":"","sources":["../src/fetchPackageDetails.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAwC;AACxC,wDAAwE;AACxE,kEAAqF;AAErF,kDAAuE;AAEvE,MAAM,QAAQ,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAU9C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAMrB,CAAC;AAMJ,SAAsB,mBAAmB,CAAC,OAA4B;;QAClE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;QAC1B,MAAM,OAAO,GAAG,IAAI,cAAO,CAAC;YACxB,IAAI,EAAE,KAAK;SACd,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC/E,MAAM,WAAW,GAAG,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3C,MAAM,GAAG,GAAG,WAAW;YACnB,CAAC,CAAC,WAAW;YACb,CAAC,CAAC,MAAM,OAAO,CAAC,KAAK;iBACd,UAAU,CAAC;gBACR,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,IAAI,EAAE,OAAO,CAAC,eAAe;aAChC,CAAC;iBACD,IAAI,CAAC,CAAC,GAAQ,EAAO,EAAE;gBACpB,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE;oBAC1B,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;iBAClE;gBACD,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE;oBAChC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;oBACnE,QAAQ,CAAC,GAAG,CAAC,QAAQ,EAAE;wBACnB,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ;wBAC3B,OAAO,EAAE,OAAO;qBACnB,CAAC,CAAC;oBACH,OAAO;wBACH,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ;wBAC3B,OAAO,EAAE,OAAO;qBACnB,CAAC;iBACL;gBACD,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACnF,CAAC,CAAC,CAAC;QACb,IAAI,IAAA,iCAAa,EAAC,OAAO,CAAC,eAAe,CAAC,EAAE;YACxC,uCACO,IAAA,4CAAwB,EAAC;gBACxB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;aAC/B,CAAC,KACF,kBAAkB,EAAE,GAAG,CAAC,QAAQ,IAClC;SACL;aAAM,IAAI,IAAA,wBAAS,EAAC,OAAO,CAAC,eAAe,CAAC,EAAE;YAC3C,uCACO,IAAA,mCAAoB,EAAC;gBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;aAC/B,CAAC,KACF,kBAAkB,EAAE,GAAG,CAAC,QAAQ,IAClC;SACL;aAAM,IAAI,IAAA,sBAAU,EAAC,OAAO,CAAC,eAAe,CAAC,EAAE;YAC5C,uCACO,IAAA,iCAAqB,EAAC;gBACrB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;aACnC,CAAC,KACF,kBAAkB,EAAE,GAAG,CAAC,QAAQ,IAClC;SACL;QACD,UAAU;QACV,OAAO,OAAO,CAAC,OAAO,CAAC;YACnB,IAAI,EAAE,OAAO,CAAC,WAAW;YACzB,OAAO,EAAE,OAAO;YAChB,eAAe,EAAE,OAAO,CAAC,eAAe;YACxC,gBAAgB,EAAE,SAAS;YAC3B,kBAAkB,EAAE,GAAG,CAAC,QAAQ;SACnC,CAAC,CAAC;IACP,CAAC;CAAA;AApED,kDAoEC"}
package/lib/index.js CHANGED
@@ -1,5 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.fetchVulnerabilityAlerts = exports.fetchPackageDetails = void 0;
3
4
  var fetchPackageDetails_1 = require("./fetchPackageDetails");
4
5
  Object.defineProperty(exports, "fetchPackageDetails", { enumerable: true, get: function () { return fetchPackageDetails_1.fetchPackageDetails; } });
5
6
  var VulnerabilityAlerts_1 = require("./VulnerabilityAlerts");
package/lib/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;AAAA,6DAA+E;AAAlD,0HAAA,mBAAmB,OAAA;AAChD,6DAAwH;AAA/E,+HAAA,wBAAwB,OAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,6DAAiF;AAAnD,0HAAA,mBAAmB,OAAA;AACjD,6DAI+B;AAF3B,+HAAA,wBAAwB,OAAA"}
package/lib/parser/package-lock.json.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"package-lock.json.js","sourceRoot":"","sources":["../../src/parser/package-lock.json.ts"],"names":[],"mappings":";;;AAGA,SAAgB,aAAa,CAAC,eAAuB;IACjD,OAAO,oBAAoB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AACtD,CAAC;AAFD,sCAEC;AAED,SAAgB,wBAAwB,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE,GAAG,EAI3E;IACG,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE;QACnB,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IACjD,IAAI,CAAC,UAAU,EAAE;QACb,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,IAAI,GAAqB,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC;IACnF,OAAO;QACH,IAAI,EAAE,WAAW;QACjB,eAAe;QACf,OAAO,EAAE,UAAU,CAAC,OAAO;QAC3B,gBAAgB,EAAE,IAAI;KACzB,CAAC;AACN,CAAC;AA7BD,4DA6BC"}
1
+ {"version":3,"file":"package-lock.json.js","sourceRoot":"","sources":["../../src/parser/package-lock.json.ts"],"names":[],"mappings":";;;AAGA,SAAgB,aAAa,CAAC,eAAuB;IACjD,OAAO,oBAAoB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AACtD,CAAC;AAFD,sCAEC;AAED,SAAgB,wBAAwB,CAAC,EACrC,WAAW,EACX,eAAe,EACf,GAAG,EAKN;IACG,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE;QACnB,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;IACjD,IAAI,CAAC,UAAU,EAAE;QACb,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,IAAI,GAAqB,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC;IACnF,OAAO;QACH,IAAI,EAAE,WAAW;QACjB,eAAe;QACf,OAAO,EAAE,UAAU,CAAC,OAAO;QAC3B,gBAAgB,EAAE,IAAI;KACzB,CAAC;AACN,CAAC;AAjCD,4DAiCC"}
package/lib/parser/package.json.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"package.json.js","sourceRoot":"","sources":["../../src/parser/package.json.ts"],"names":[],"mappings":";;;AAGA,SAAgB,SAAS,CAAC,eAAuB;IAC7C,OAAO,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AACjD,CAAC;AAFD,8BAEC;AAED,SAAgB,oBAAoB,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE,GAAG,EAIvE;IACG,4CAA4C;IAC5C,MAAM,YAAY,GAAI,GAAW,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACxD,MAAM,eAAe,GAAG,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,MAAM,GAAG,CAAC,GAA4D,EAAE;QAC1E,IAAI,YAAY,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE;YAC1C,OAAO;gBACH,gBAAgB,EAAE,cAAc;gBAChC,OAAO,EAAE,YAAY,CAAC,WAAW,CAAC;aACrC,CAAC;SACL;QACD,IAAI,eAAe,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE;YAC7C,OAAO;gBACH,gBAAgB,EAAE,iBAAiB;gBACnC,OAAO,EAAE,eAAe,CAAC,WAAW,CAAC;aACxC,CAAC;SACL;QACD,OAAO;YACH,gBAAgB,EAAE,SAAS;YAC3B,OAAO,EAAE,OAAO;SACnB,CAAC;IACN,CAAC,CAAC,EAAE,CAAC;IACL,OAAO;QACH,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,eAAe;QACf,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;KAC5C,CAAC;AACN,CAAC;AAhCD,oDAgCC"}
1
+ {"version":3,"file":"package.json.js","sourceRoot":"","sources":["../../src/parser/package.json.ts"],"names":[],"mappings":";;;AAGA,SAAgB,SAAS,CAAC,eAAuB;IAC7C,OAAO,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AACjD,CAAC;AAFD,8BAEC;AAED,SAAgB,oBAAoB,CAAC,EACjC,WAAW,EACX,eAAe,EACf,GAAG,EAKN;IACG,4CAA4C;IAC5C,MAAM,YAAY,GAAI,GAAW,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACxD,MAAM,eAAe,GAAG,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,MAAM,GAAG,CAAC,GAA4D,EAAE;QAC1E,IAAI,YAAY,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE;YAC1C,OAAO;gBACH,gBAAgB,EAAE,cAAc;gBAChC,OAAO,EAAE,YAAY,CAAC,WAAW,CAAC;aACrC,CAAC;SACL;QACD,IAAI,eAAe,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE;YAC7C,OAAO;gBACH,gBAAgB,EAAE,iBAAiB;gBACnC,OAAO,EAAE,eAAe,CAAC,WAAW,CAAC;aACxC,CAAC;SACL;QACD,OAAO;YACH,gBAAgB,EAAE,SAAS;YAC3B,OAAO,EAAE,OAAO;SACnB,CAAC;IACN,CAAC,CAAC,EAAE,CAAC;IACL,OAAO;QACH,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,eAAe;QACf,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;KAC5C,CAAC;AACN,CAAC;AApCD,oDAoCC"}
package/lib/parser/yarn-lock.js CHANGED
@@ -14,7 +14,7 @@ function lookupYarnLockDetails({ packageName, packageFilePath, pkg }) {
14
14
  dependenciesType: "unknown"
15
15
  };
16
16
  }
17
- const matchKey = Object.keys(pkg.object).find(key => {
17
+ const matchKey = Object.keys(pkg.object).find((key) => {
18
18
  const keyName = key.slice(0, key.lastIndexOf("@"));
19
19
  return keyName === packageName;
20
20
  });
package/lib/parser/yarn-lock.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"yarn-lock.js","sourceRoot":"","sources":["../../src/parser/yarn-lock.ts"],"names":[],"mappings":";;;AAEA,SAAgB,UAAU,CAAC,eAAuB;IAC9C,OAAO,YAAY,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AAC9C,CAAC;AAFD,gCAEC;AAED,SAAgB,qBAAqB,CAAC,EAAC,WAAW,EAAE,eAAe,EAAE,GAAG,EAIvE;IACG,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE;QACxB,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAChD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QACnD,OAAO,OAAO,KAAK,WAAW,CAAC;IACnC,CAAC,CAAC,CAAC;IACH,IAAI,CAAC,QAAQ,EAAE;QACX,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACjC,OAAO;QACH,IAAI,EAAE,WAAW;QACjB,eAAe;QACf,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,gBAAgB,EAAE,SAAS;KAC9B,CAAC;AACN,CAAC;AAhCD,sDAgCC"}
1
+ {"version":3,"file":"yarn-lock.js","sourceRoot":"","sources":["../../src/parser/yarn-lock.ts"],"names":[],"mappings":";;;AAEA,SAAgB,UAAU,CAAC,eAAuB;IAC9C,OAAO,YAAY,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AAC9C,CAAC;AAFD,gCAEC;AAED,SAAgB,qBAAqB,CAAC,EAClC,WAAW,EACX,eAAe,EACf,GAAG,EAQN;IACG,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE;QACxB,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;QAClD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QACnD,OAAO,OAAO,KAAK,WAAW,CAAC;IACnC,CAAC,CAAC,CAAC;IACH,IAAI,CAAC,QAAQ,EAAE;QACX,OAAO;YACH,IAAI,EAAE,WAAW;YACjB,eAAe;YACf,OAAO,EAAE,OAAO;YAChB,gBAAgB,EAAE,SAAS;SAC9B,CAAC;KACL;IACD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACjC,OAAO;QACH,IAAI,EAAE,WAAW;QACjB,eAAe;QACf,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,gBAAgB,EAAE,SAAS;KAC9B,CAAC;AACN,CAAC;AAvCD,sDAuCC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@security-alert/share",
3
- "version": "1.3.0",
3
+ "version": "1.6.0",
4
4
  "description": "security alert shared lib",
5
5
  "keywords": [
6
6
  "cli",
@@ -34,52 +34,34 @@
34
34
  "scripts": {
35
35
  "build": "cross-env NODE_ENV=production tsc -p .",
36
36
  "clean": "rimraf lib/",
37
- "prettier": "prettier --write \"**/*.{js,jsx,ts,tsx,css}\"",
38
37
  "prepublish": "npm run --if-present build",
39
38
  "test": "mocha \"test/**/*.ts\"",
40
39
  "watch": "tsc -p . --watch"
41
40
  },
42
- "husky": {
43
- "hooks": {
44
- "precommit": "lint-staged"
45
- }
46
- },
47
- "lint-staged": {
48
- "*.{js,jsx,ts,tsx,css}": [
49
- "prettier --write",
50
- "git add"
51
- ]
52
- },
53
- "prettier": {
54
- "printWidth": 120,
55
- "singleQuote": false,
56
- "tabWidth": 4
57
- },
58
41
  "devDependencies": {
59
42
  "@types/lodash": "^4.14.158",
60
43
  "@types/meow": "^5.0.0",
61
44
  "@types/mocha": "^8.0.1",
62
45
  "@types/nock": "^11.1.0",
63
- "@types/node": "^14.0.27",
46
+ "@types/node": "^14.18.12",
64
47
  "cross-env": "^7.0.2",
65
48
  "husky": "^4.2.5",
66
- "lint-staged": "^10.2.11",
67
- "mocha": "^8.1.0",
49
+ "mocha": "^9.2.2",
68
50
  "nock": "^13.0.3",
69
- "prettier": "^2.0.5",
70
51
  "rimraf": "^3.0.2",
71
- "ts-node": "^8.10.2",
72
- "ts-node-test-register": "^8.0.1",
73
- "typescript": "^3.9.7"
52
+ "ts-node": "^10.7.0",
53
+ "ts-node-test-register": "^10.0.0",
54
+ "typescript": "^4.6.3"
74
55
  },
75
56
  "dependencies": {
76
57
  "@npm/types": "^1.0.1",
77
58
  "@octokit/graphql": "^4.5.3",
78
59
  "@octokit/rest": "^18.0.3",
60
+ "@octokit/types": "^6.34.0",
79
61
  "@yarnpkg/lockfile": "^1.0.0",
80
62
  "meow": "^7.0.1"
81
63
  },
82
- "gitHead": "3b0a7359c897f348bb7595dd74e1d6376201c395",
64
+ "gitHead": "6788f5c379dc9daa8cfeb6556d1cce93401df21e",
83
65
  "publishConfig": {
84
66
  "access": "public"
85
67
  }
package/src/VulnerabilityAlerts.ts CHANGED
@@ -4,11 +4,11 @@ export type fetchVulnerabilityAlertsOptions = {
4
4
  token: string;
5
5
  owner: string;
6
6
  repo: string;
7
- }
7
+ };
8
8
 
9
9
  export type VulnerabilityAlertNode = {
10
10
  id: string;
11
- vulnerableManifestFilename: string
11
+ vulnerableManifestFilename: string;
12
12
  vulnerableManifestPath: string;
13
13
  vulnerableRequirements: string;
14
14
  dismissReason: string | null;
@@ -20,10 +20,10 @@ export type VulnerabilityAlertNode = {
20
20
  description: string;
21
21
  ghsaId: string;
22
22
  severity: string;
23
- summary: string
24
- identifiers: { id: string; value: string; }[]
25
- references: { url: string }[]
26
- }
23
+ summary: string;
24
+ identifiers: { id: string; value: string }[];
25
+ references: { url: string }[];
26
+ };
27
27
  securityVulnerability: {
28
28
  firstPatchedVersion?: {
29
29
  identifier: string;
@@ -32,64 +32,70 @@ export type VulnerabilityAlertNode = {
32
32
  severity: string;
33
33
  package: {
34
34
  name: string;
35
- ecosystem: string
36
- }
37
- }
38
- }
35
+ ecosystem: string;
36
+ };
37
+ };
38
+ };
39
39
 
40
- export async function fetchVulnerabilityAlerts(options: fetchVulnerabilityAlertsOptions): Promise<VulnerabilityAlertNode[]> {
40
+ export async function fetchVulnerabilityAlerts(
41
+ options: fetchVulnerabilityAlertsOptions
42
+ ): Promise<VulnerabilityAlertNode[]> {
41
43
  // https://developer.github.com/v4/object/repository/#connections
42
- const {repository} = await graphql(`
43
- query vulnerabilityAlerts($owner: String!, $repo: String!) {
44
- repository(owner:$owner, name:$repo) {
45
- vulnerabilityAlerts(first:100) {
46
- edges {
47
- node {
48
- id
49
- vulnerableManifestFilename
50
- vulnerableManifestPath
51
- vulnerableRequirements
52
- dismissReason
53
- dismissedAt
54
- dismisser {
55
- login
56
- }
57
- securityAdvisory {
58
- ghsaId
59
- description
60
- severity
61
- summary
62
- identifiers {
63
- type
64
- value
44
+ const { repository } = await graphql(
45
+ `
46
+ query vulnerabilityAlerts($owner: String!, $repo: String!) {
47
+ repository(owner: $owner, name: $repo) {
48
+ vulnerabilityAlerts(first: 100) {
49
+ edges {
50
+ node {
51
+ id
52
+ vulnerableManifestFilename
53
+ vulnerableManifestPath
54
+ vulnerableRequirements
55
+ dismissReason
56
+ dismissedAt
57
+ dismisser {
58
+ login
59
+ }
60
+ securityAdvisory {
61
+ ghsaId
62
+ description
63
+ severity
64
+ summary
65
+ identifiers {
66
+ type
67
+ value
68
+ }
69
+ references {
70
+ url
71
+ }
72
+ }
73
+ securityVulnerability {
74
+ firstPatchedVersion {
75
+ identifier
76
+ }
77
+ vulnerableVersionRange
78
+ severity
79
+ package {
80
+ name
81
+ ecosystem
82
+ }
83
+ }
84
+ }
85
+ }
86
+ }
87
+ }
65
88
  }
66
- references {
67
- url
89
+ `,
90
+ {
91
+ owner: options.owner,
92
+ repo: options.repo,
93
+ headers: {
94
+ authorization: `token ${options.token}`,
95
+ accept: "application/vnd.github.vixen-preview+json"
68
96
  }
69
- }
70
- securityVulnerability {
71
- firstPatchedVersion {
72
- identifier
73
- }
74
- vulnerableVersionRange
75
- severity
76
- package {
77
- name
78
- ecosystem
79
- }
80
- }
81
97
  }
82
- }
83
- }
84
- }
85
- }`, {
86
- owner: options.owner,
87
- repo: options.repo,
88
- headers: {
89
- authorization: `token ${options.token}`,
90
- accept: "application/vnd.github.vixen-preview+json"
91
- }
92
- });
98
+ );
93
99
  return repository.vulnerabilityAlerts.edges.map((edge: any) => {
94
100
  return edge.node;
95
101
  });
package/src/fetchPackageDetails.ts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { Octokit } from "@octokit/rest";
2
- import {isPackage, lookupPackageDetails} from "./parser/package.json";
3
- import {isPackageLock, lookupPackageLockDetails} from "./parser/package-lock.json";
4
- import {PackageDetails} from "./parser/Details";
5
- import {isYarnLock, lookupYarnLockDetails} from "./parser/yarn-lock";
2
+ import { isPackage, lookupPackageDetails } from "./parser/package.json";
3
+ import { isPackageLock, lookupPackageLockDetails } from "./parser/package-lock.json";
4
+ import { PackageDetails } from "./parser/Details";
5
+ import { isYarnLock, lookupYarnLockDetails } from "./parser/yarn-lock";
6
6
 
7
7
  const lockfile = require("@yarnpkg/lockfile");
8
8
 
@@ -14,17 +14,20 @@ export type fetchPackageOptions = {
14
14
  packageFilePath: string;
15
15
  };
16
16
 
17
- const cacheMap = new Map<string, {
18
- html_url: string,
19
- content: string,
20
- }>();
17
+ const cacheMap = new Map<
18
+ string,
19
+ {
20
+ html_url: string;
21
+ content: string;
22
+ }
23
+ >();
21
24
 
22
25
  export type fetchPackageDetails = PackageDetails & {
23
26
  packageManifestUrl: string;
24
- }
27
+ };
25
28
 
26
29
  export async function fetchPackageDetails(options: fetchPackageOptions): Promise<fetchPackageDetails> {
27
- const {token} = options;
30
+ const { token } = options;
28
31
  const octokit = new Octokit({
29
32
  auth: token
30
33
  });
@@ -33,28 +36,28 @@ export async function fetchPackageDetails(options: fetchPackageOptions): Promise
33
36
  const pkg = cachedValue
34
37
  ? cachedValue
35
38
  : await octokit.repos
36
- .getContent({
37
- repo: options.repo,
38
- owner: options.owner,
39
- path: options.packageFilePath
40
- })
41
- .then(res => {
42
- if (res.data.type !== "file") {
43
- throw new Error("This is not file:" + options.packageFilePath);
44
- }
45
- if (res.data.encoding === "base64") {
46
- const content = Buffer.from(res.data.content, "base64").toString();
47
- cacheMap.set(cacheKey, {
48
- html_url: res.data.html_url,
49
- content: content
50
- });
51
- return {
52
- html_url: res.data.html_url,
53
- content: content
54
- };
55
- }
56
- throw new Error("Unknown file type" + res.data.type + ":" + res.data.encoding);
57
- });
39
+ .getContent({
40
+ repo: options.repo,
41
+ owner: options.owner,
42
+ path: options.packageFilePath
43
+ })
44
+ .then((res: any): any => {
45
+ if (res.data.type !== "file") {
46
+ throw new Error("This is not file:" + options.packageFilePath);
47
+ }
48
+ if (res.data.encoding === "base64") {
49
+ const content = Buffer.from(res.data.content, "base64").toString();
50
+ cacheMap.set(cacheKey, {
51
+ html_url: res.data.html_url,
52
+ content: content
53
+ });
54
+ return {
55
+ html_url: res.data.html_url,
56
+ content: content
57
+ };
58
+ }
59
+ throw new Error("Unknown file type" + res.data.type + ":" + res.data.encoding);
60
+ });
58
61
  if (isPackageLock(options.packageFilePath)) {
59
62
  return {
60
63
  ...lookupPackageLockDetails({
package/src/index.ts CHANGED
@@ -1,3 +1,7 @@
1
- export {fetchPackageOptions, fetchPackageDetails} from "./fetchPackageDetails";
2
- export {fetchVulnerabilityAlertsOptions, fetchVulnerabilityAlerts, VulnerabilityAlertNode} from "./VulnerabilityAlerts";
3
- export {PackageDetails} from "./parser/Details";
1
+ export { fetchPackageOptions, fetchPackageDetails } from "./fetchPackageDetails";
2
+ export {
3
+ fetchVulnerabilityAlertsOptions,
4
+ fetchVulnerabilityAlerts,
5
+ VulnerabilityAlertNode
6
+ } from "./VulnerabilityAlerts";
7
+ export { PackageDetails } from "./parser/Details";
package/src/parser/Details.ts CHANGED
@@ -4,4 +4,4 @@ export type PackageDetails = {
4
4
  version: string;
5
5
  packageFilePath: string;
6
6
  dependenciesType: DependenciesType;
7
- }
7
+ };
package/src/parser/package-lock.json.ts CHANGED
@@ -5,10 +5,14 @@ export function isPackageLock(packageFilePath: string) {
5
5
  return /package-lock.json$/.test(packageFilePath);
6
6
  }
7
7
 
8
- export function lookupPackageLockDetails({ packageName, packageFilePath, pkg }: {
9
- packageName: string,
10
- packageFilePath: string,
11
- pkg: PackageLock
8
+ export function lookupPackageLockDetails({
9
+ packageName,
10
+ packageFilePath,
11
+ pkg
12
+ }: {
13
+ packageName: string;
14
+ packageFilePath: string;
15
+ pkg: PackageLock;
12
16
  }): PackageDetails {
13
17
  if (!pkg.dependencies) {
14
18
  return {
package/src/parser/package.json.ts CHANGED
@@ -5,15 +5,19 @@ export function isPackage(packageFilePath: string) {
5
5
  return /pacakge.json$/.test(packageFilePath);
6
6
  }
7
7
 
8
- export function lookupPackageDetails({ packageName, packageFilePath, pkg }: {
9
- packageName: string,
10
- packageFilePath: string,
11
- pkg: PackageJson
8
+ export function lookupPackageDetails({
9
+ packageName,
10
+ packageFilePath,
11
+ pkg
12
+ }: {
13
+ packageName: string;
14
+ packageFilePath: string;
15
+ pkg: PackageJson;
12
16
  }): PackageDetails {
13
17
  // TODO: https://github.com/npm/types/pull/2
14
18
  const dependencies = (pkg as any)["dependencies"] || {};
15
19
  const devDependencies = pkg["devDependencies"] || {};
16
- const target = ((): { dependenciesType: DependenciesType, version: string } => {
20
+ const target = ((): { dependenciesType: DependenciesType; version: string } => {
17
21
  if (dependencies.hasOwnProperty(packageName)) {
18
22
  return {
19
23
  dependenciesType: "dependencies",
package/src/parser/yarn-lock.ts CHANGED
@@ -1,13 +1,20 @@
1
- import {PackageDetails} from "./Details";
1
+ import { PackageDetails } from "./Details";
2
2
 
3
3
  export function isYarnLock(packageFilePath: string) {
4
4
  return /yarn.lock$/.test(packageFilePath);
5
5
  }
6
6
 
7
- export function lookupYarnLockDetails({packageName, packageFilePath, pkg}: {
8
- packageName: string,
9
- packageFilePath: string,
10
- pkg: { type: string, object: { [index: string]: { version: string, resolve: string, integrity: string, dependencies: object } } }
7
+ export function lookupYarnLockDetails({
8
+ packageName,
9
+ packageFilePath,
10
+ pkg
11
+ }: {
12
+ packageName: string;
13
+ packageFilePath: string;
14
+ pkg: {
15
+ type: string;
16
+ object: { [index: string]: { version: string; resolve: string; integrity: string; dependencies: object } };
17
+ };
11
18
  }): PackageDetails {
12
19
  if (pkg.type !== "success") {
13
20
  return {
@@ -17,7 +24,7 @@ export function lookupYarnLockDetails({packageName, packageFilePath, pkg}: {
17
24
  dependenciesType: "unknown"
18
25
  };
19
26
  }
20
- const matchKey = Object.keys(pkg.object).find(key => {
27
+ const matchKey = Object.keys(pkg.object).find((key) => {
21
28
  const keyName = key.slice(0, key.lastIndexOf("@"));
22
29
  return keyName === packageName;
23
30
  });
package/CHANGELOG.md DELETED
@@ -1,33 +0,0 @@
1
- # Change Log
2
-
3
- All notable changes to this project will be documented in this file.
4
- See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
-
6
- # [1.3.0](https://github.com/azu/security-alert/compare/v1.2.0...v1.3.0) (2020-08-04)
7
-
8
- **Note:** Version bump only for package @security-alert/share
9
-
10
-
11
-
12
-
13
-
14
- # [1.2.0](https://github.com/azu/security-alert/compare/v1.1.1...v1.2.0) (2019-07-19)
15
-
16
-
17
- ### Bug Fixes
18
-
19
- * **package:** add publishConfig ([0534d41](https://github.com/azu/security-alert/commit/0534d41))
20
- * lockfile ([76d7f95](https://github.com/azu/security-alert/commit/76d7f95))
21
-
22
-
23
- ### Features
24
-
25
- * **create-issue:** support yarn.lock ([5857f2c](https://github.com/azu/security-alert/commit/5857f2c))
26
-
27
-
28
-
29
-
30
-
31
- ## 1.1.1 (2019-07-05)
32
-
33
- **Note:** Version bump only for package @security-alert/share