npm-audit-report-cli 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +180 -0
- package/action.yml +38 -0
- package/dist/chunk-L2D2NQGH.js +574 -0
- package/dist/cli.cjs +760 -0
- package/dist/cli.d.cts +1 -0
- package/dist/cli.d.ts +1 -0
- package/dist/cli.js +197 -0
- package/dist/index.cjs +613 -0
- package/dist/index.d.cts +54 -0
- package/dist/index.d.ts +54 -0
- package/dist/index.js +23 -0
- package/package.json +60 -0
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
type Severity = 'critical' | 'high' | 'moderate' | 'low' | 'info';
|
|
2
|
+
type Format = 'markdown' | 'html' | 'sarif' | 'annotations';
|
|
3
|
+
interface Vulnerability {
|
|
4
|
+
id: string;
|
|
5
|
+
name: string;
|
|
6
|
+
severity: Severity;
|
|
7
|
+
title: string;
|
|
8
|
+
url: string;
|
|
9
|
+
range: string;
|
|
10
|
+
fixAvailable: boolean;
|
|
11
|
+
fixCommand?: string;
|
|
12
|
+
paths: string[];
|
|
13
|
+
}
|
|
14
|
+
interface AuditMeta {
|
|
15
|
+
npmVersion: string;
|
|
16
|
+
nodeVersion: string;
|
|
17
|
+
auditedAt: string;
|
|
18
|
+
totalDependencies: number;
|
|
19
|
+
}
|
|
20
|
+
interface AuditSummary {
|
|
21
|
+
critical: number;
|
|
22
|
+
high: number;
|
|
23
|
+
moderate: number;
|
|
24
|
+
low: number;
|
|
25
|
+
info: number;
|
|
26
|
+
total: number;
|
|
27
|
+
}
|
|
28
|
+
interface AuditReport {
|
|
29
|
+
meta: AuditMeta;
|
|
30
|
+
summary: AuditSummary;
|
|
31
|
+
vulnerabilities: Vulnerability[];
|
|
32
|
+
}
|
|
33
|
+
interface FormatOptions {
|
|
34
|
+
format?: Format;
|
|
35
|
+
severity?: Severity;
|
|
36
|
+
failOn?: Severity | 'none';
|
|
37
|
+
title?: string;
|
|
38
|
+
template?: string;
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
declare class ParseError extends Error {
|
|
42
|
+
constructor(message: string);
|
|
43
|
+
}
|
|
44
|
+
declare function parse(input: string): AuditReport;
|
|
45
|
+
|
|
46
|
+
declare function format(report: AuditReport, opts?: FormatOptions): string;
|
|
47
|
+
|
|
48
|
+
declare function meetsThreshold(severity: Severity, threshold: Severity): boolean;
|
|
49
|
+
declare function shouldFail(report: AuditReport, failOn: Severity | 'none'): boolean;
|
|
50
|
+
declare function filterBySeverity(vulns: Vulnerability[], minSeverity: Severity): Vulnerability[];
|
|
51
|
+
|
|
52
|
+
declare function report(json: string, opts?: FormatOptions): string;
|
|
53
|
+
|
|
54
|
+
export { type AuditMeta, type AuditReport, type AuditSummary, type Format, type FormatOptions, ParseError, type Severity, type Vulnerability, filterBySeverity, format, meetsThreshold, parse, report, shouldFail };
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import {
|
|
2
|
+
ParseError,
|
|
3
|
+
filterBySeverity,
|
|
4
|
+
format,
|
|
5
|
+
meetsThreshold,
|
|
6
|
+
parse,
|
|
7
|
+
shouldFail
|
|
8
|
+
} from "./chunk-L2D2NQGH.js";
|
|
9
|
+
|
|
10
|
+
// src/index.ts
|
|
11
|
+
function report(json, opts = {}) {
|
|
12
|
+
const parsed = parse(json);
|
|
13
|
+
return format(parsed, opts);
|
|
14
|
+
}
|
|
15
|
+
export {
|
|
16
|
+
ParseError,
|
|
17
|
+
filterBySeverity,
|
|
18
|
+
format,
|
|
19
|
+
meetsThreshold,
|
|
20
|
+
parse,
|
|
21
|
+
report,
|
|
22
|
+
shouldFail
|
|
23
|
+
};
|
package/package.json
ADDED
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "npm-audit-report-cli",
|
|
3
|
+
"version": "1.0.0",
|
|
4
|
+
"description": "Convert npm audit JSON to Markdown, HTML, SARIF, or GitHub annotations — zero dependencies",
|
|
5
|
+
"license": "MIT",
|
|
6
|
+
"author": "dimasd-angga <email.dimasdarfiangga@gmail.com>",
|
|
7
|
+
"homepage": "https://github.com/dimasd-angga/npm-audit-report-cli#readme",
|
|
8
|
+
"repository": {
|
|
9
|
+
"type": "git",
|
|
10
|
+
"url": "git+https://github.com/dimasd-angga/npm-audit-report-cli.git"
|
|
11
|
+
},
|
|
12
|
+
"bugs": {
|
|
13
|
+
"url": "https://github.com/dimasd-angga/npm-audit-report-cli/issues"
|
|
14
|
+
},
|
|
15
|
+
"keywords": [
|
|
16
|
+
"npm-audit",
|
|
17
|
+
"audit",
|
|
18
|
+
"security",
|
|
19
|
+
"vulnerability",
|
|
20
|
+
"sarif",
|
|
21
|
+
"cli",
|
|
22
|
+
"github-actions",
|
|
23
|
+
"report",
|
|
24
|
+
"markdown",
|
|
25
|
+
"html"
|
|
26
|
+
],
|
|
27
|
+
"type": "module",
|
|
28
|
+
"exports": {
|
|
29
|
+
".": {
|
|
30
|
+
"import": "./dist/index.js",
|
|
31
|
+
"require": "./dist/index.cjs"
|
|
32
|
+
}
|
|
33
|
+
},
|
|
34
|
+
"main": "./dist/index.cjs",
|
|
35
|
+
"module": "./dist/index.js",
|
|
36
|
+
"types": "./dist/index.d.ts",
|
|
37
|
+
"bin": {
|
|
38
|
+
"audit-report": "./dist/cli.js"
|
|
39
|
+
},
|
|
40
|
+
"files": [
|
|
41
|
+
"dist",
|
|
42
|
+
"action.yml"
|
|
43
|
+
],
|
|
44
|
+
"engines": {
|
|
45
|
+
"node": ">=18.0.0"
|
|
46
|
+
},
|
|
47
|
+
"scripts": {
|
|
48
|
+
"build": "tsup",
|
|
49
|
+
"test": "vitest run",
|
|
50
|
+
"test:watch": "vitest",
|
|
51
|
+
"lint": "tsc --noEmit",
|
|
52
|
+
"prepublishOnly": "npm run build && npm test"
|
|
53
|
+
},
|
|
54
|
+
"devDependencies": {
|
|
55
|
+
"@types/node": "^25.9.2",
|
|
56
|
+
"tsup": "^8.0.0",
|
|
57
|
+
"typescript": "^5.4.0",
|
|
58
|
+
"vitest": "^1.6.0"
|
|
59
|
+
}
|
|
60
|
+
}
|