ts-node-client 1.8.6 → 2.1.0

package/README.md

@@ -1,6 +1,5 @@
 # TrustSource ts-node-client
 
-[![Travis build status](https://travis-ci.org/TrustSource/ts-node-client.svg?branch=master)](https://travis-ci.org/TrustSource/ts-node-client)
 [![Version](https://img.shields.io/npm/v/ts-node-client.svg)](http://npm.im/ts-node-client)
 [![Downloads](https://img.shields.io/npm/dm/ts-node-client.svg)](http://npm-stat.com/charts.html?package=ts-node-client)
 [![Downloads](https://img.shields.io/npm/dt/ts-node-client.svg)](http://npm-stat.com/charts.html?package=ts-node-client)
@@ -8,14 +7,12 @@
 
 [![npm package](https://nodei.co/npm/ts-node-client.png?downloads=true&downloadRank=true&stars=true)](https://nodei.co/npm/ts-node-client/)
 
-TrustSource node client
-
-> node module to transfer dependency information to TrustSource server.
+> TrustSource node client - node module to transfer dependency information to TrustSource server.
 
 ## Requirements
-
 * node >= 8.9.0
-* npm < 8.0.0
+* npm < 8.0.0 use **ts-node-client@1.***
+* npm >= 8.0.0 use **ts-node-client@2.***
 
 ## Installation
 Run: `npm install --save-dev ts-node-client` or `yarn add --dev ts-node-client`
@@ -63,9 +60,9 @@ Options:
   --url           url                                                [default: null]
   --config, -c    Config path                                        [default: null]
   --proxy         Proxy url like 'https://user:password@host:port'   [default: null]
-  --version, -v   Prints a version                                   [default: false]
+  --version       Prints a version                                   [default: null]
   --saveAs, -o              Save as file (file name prefix)          [default: null]
-  --saveAsFormat, -of      Save as format (scan / cydx / spdx)       [default: null]
+  --saveAsFormat, -f      Save as format (scan / cydx / spdx)       [default: null]
   --debug                                                            [default: null]
   --simulate                                                         [default: null]
   --includeDevDependencies                                           [default: null]
@@ -77,105 +74,87 @@ Options:
 ```
 PLEASE NOTE: if you want to pass param into function
 you should add value, for example:
+
 `--breakOnViolations true` or `--saveAs sbom`
 
 ## Software bill of materials
 
 [View SBOM  <img alt="TrustSource" src="https://app.trustsource.io/logo.png" width="70"/>](https://app.trustsource.io/api/v1/public-BoM/ae0832c6-5a55-4aa8-8c45-75528d0833fb) 
 
-
 ## Known problems
 
 ####  Error: The programmatic API was removed in npm v8.0.0
-You should upgrade to later versions of ts-node-client
+You should upgrade to 2.* versions of ts-node-client
 
 ## Changelog
 
+#### 2.1.*
+- Migrate 1.6.* - 1.8.* changes to version 2.1
+
+#### 2.0.*
+- Support new scan tool and fix problem with programmatic API for >= npm@8.0.0
+- Stop usage of [`global-npm`](https://github.com/dracupid/global-npm) until we find new resolution
+- Get back `npm` as local dependency
+
 #### 1.8.*
 - SBOM
 - **--saveAs** and **--saveAsFormat**
 - Bump minimist from 1.2.5 to 1.2.6
 - Bump urijs from 1.19.10 to 1.19.11
 - replace packageurl-js with simple local function
+- improve docs
 
 #### 1.7.*
 - request -> axios
 - fix dependencies
 - doc fixes
 
-#### 1.6.0
+#### 1.6.*
 - **--breakOnWarnings** and **--breakOnViolations**
 - Bump devDependencies
 
-#### 1.5.2
+#### 1.5.*
 - Describe `Error: The programmatic API was removed in npm v8.0.0`
-
-#### 1.5.1
 - Bump devDependencies
 - Introduce sonarjs
 
-#### 1.4.3
+#### 1.4.*
 - Bump glob-parent from 5.1.1 to 5.1.2
 - Bump path-parse from 1.0.6 to 1.0.7
-
-#### 1.4.2
 - Bump lodash from 4.17.19 to 4.17.21
-
-#### 1.4.1
 - Bump y18n from 4.0.0 to 4.0.1
-
-#### 1.4.0
 - Added:
     - option **--includeDevDependencies**. It is allow to scan dev dependencies
 
-#### 1.3.1
+#### 1.3.*
 - Use [`global-npm`](https://github.com/dracupid/global-npm) (meaning `npm` is no longer a dependency of `ts-node-client`)
 
-#### 1.2.3
+#### 1.2.*
 - Added:
     - option **--brakeOnViolations**. It is fail build in case any violations after scan transferred.
     - option **--brakeOnWarnings**. It is fail build in case any warning after scan transferred.
 
-#### 1.1.2
+#### 1.1.*
 - userName is not required param for scans
 - Support usage of scan meta param binaryLinks inside Options definition
 
-
-#### 1.0.0
+#### 1.0.*
 - Node JS and dependencies updates "node": ">= 8.12.0"
 
-#### 0.3.4 - 0.3.6
+#### 0.3.*
 - Improve variable usage and tasks migration
-
-#### 0.3.3
 - Support usage of scan meta params: branch and tag inside Options definition
-
-#### 0.3.2
 - Skip npmDependency without names
-
-#### 0.3.1
 - Update travis config
-
-#### 0.3.0
 - Update dependency to resolve vulnerabilities
 
-#### 0.2.5
+#### 0.2.*
 - Added proxy support and config
-
-#### 0.2.4
 - Update travis config
-
-#### 0.2.3
 - Updated README.md with `app.trustsource.io`
-
-#### 0.2.2
 - Updated default url to `app.trustsource.io`
-
-#### 0.2.1
 - Added windows support
 - Fixed json 
-
-#### 0.2.0
 - **Removed:**
     - options: **--credentials** and **--credentialsFile** instead you should use **--config**.
     - option **--baseUrl** instead you should use **--url**.

package/bin/ts-node-client.js

@@ -56,18 +56,13 @@ const getOptions = () => {
                 default: null,
                 describe: 'Proxy url like \'https://user:password@host:port\''
             },
-            version: {
-                alias: 'v',
-                default: false,
-                describe: 'Prints a version'
-            },
             saveAs: {
                 alias: 'o',
                 default: null,
                 describe: 'Save as file (file name prefix)'
             },
             saveAsFormat: {
-                alias: 'of',
+                alias: 'f',
                 default: null,
                 describe: 'Save as format (scan / cydx / spdx)'
             },
@@ -96,6 +91,7 @@ const getOptions = () => {
                 describe: 'includeDevDependencies'
             }
         })
+        .version()
         .usage(pckgJson.description)
         .help('help', 'Prints a usage statement')
         .fail((msg, err, yargsObject) => {

package/lib/npm-scanner.js

@@ -6,7 +6,7 @@
  *********************************************************/
 /* eslint-enable */
 
-const npm = require('global-npm');
+const npm = require('npm');
 const debuglog = (require('debuglog'))('ts-npm-scanner');
 const ScanResult = require('./scanresult');
 const { RestClient } = require('./rest-client');

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "ts-node-client",
   "description": "npm / node module to transfer dependency information to TrustSource server.",
-  "version": "1.8.6",
+  "version": "2.1.0",
   "private": false,
   "homepage": "https://app.trustsource.io/",
   "author": {
@@ -14,8 +14,7 @@
   },
   "license": "Apache-2.0",
   "engines": {
-    "node": ">= 8.9.0",
-    "npm": "< 8.0.0"
+    "node": ">= 8.9.0"
   },
   "main": "./lib/cli.js",
   "bin": {
@@ -23,20 +22,19 @@
   },
   "scripts": {
     "scan": "node ./bin/ts-node-client.js",
-    "scan-with-brakes": "node ./bin/ts-node-client.js --breakOnViolations true --breakOnWarnings true",
-    "scan-to-file": "node ./bin/ts-node-client.js --saveAsFormat cydx --saveAs test",
-    "scan-prod": "node ./bin/ts-node-client.js --debug true",
+    "scan-with-brakes": "node ./bin/ts-node-client.js --breakOnViolations true --breakOnWarnings false",
+    "scan-to-file": "node ./bin/ts-node-client.js --saveAs test --saveAsFormat cydx",
     "lint": "eslint bin lib test",
     "lint-fix": "eslint bin lib test --fix",
     "test": "mocha test",
     "precommit": "npm run lint && npm run test"
   },
   "dependencies": {
+    "npm": "6.14.17",
     "axios": "0.26.1",
     "debuglog": "1.0.1",
-    "global-npm": "0.5.0",
     "semver": "7.3.5",
-    "yargs": "^15.4.1"
+    "yargs": "^17.5.0"
   },
   "devDependencies": {
     "eslint": "^7.32.0",
@@ -52,6 +50,8 @@
     "meteor",
     "plugin",
     "opensource",
+    "cydx",
+    "spdx",
     "dependency-analysis"
   ]
 }