Merge pull request #9 from Dashlane/add-audit

chore(audit): add audit before push and in the CI
Dashlane · Jun 13, 2019 · 64e4169 · 64e4169
2 parents 662535a + bd04ce8
commit 64e4169
Show file tree

Hide file tree

Showing 4 changed files with 291 additions and 6 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -1,6 +1,6 @@
 language: node_js
 node_js:
-  - "7"
+  - "node"
 script:
   "npm run ci"
 sudo: false
diff --git a/meta/audit.js b/meta/audit.js
@@ -0,0 +1,8 @@
+const { exec } = require('child_process');
+
+exec('yarn audit --summary', (error, stdout) => {
+  console.log(stdout);
+  if (error && error.code >= 8) {
+    throw new Error('High severity vulnerabilities found');
+  }
+});
diff --git a/package.json b/package.json
@@ -7,6 +7,11 @@
   "files": [
     "build"
   ],
+  "husky": {
+    "hooks": {
+      "pre-push": "npm run ci"
+    }
+  },
   "directories": {
     "example": "examples"
   },
@@ -17,6 +22,7 @@
     "babel-core": "^6.26.0",
     "babel-loader": "^7.1.2",
     "babel-preset-env": "^1.6.1",
+    "husky": "^2.4.0",
     "mocha": "^4.0.1",
     "should": "^13.1.3",
     "sinon": "^4.1.5",
@@ -30,7 +36,7 @@
     "ws": "^3.3.2"
   },
   "scripts": {
-    "ci": "npm run validate:lint && npm run validate:format && npm run test",
+    "ci": "npm run validate:lint && npm run validate:format && npm run test && node ./meta/audit.js",
     "test": "mocha --require ts-node/register --inline-diffs --reporter spec --recursive ./test/**/*.ts",
     "prebuild": "yarn build:clean",
     "build": "webpack --config webpack.config.js",
@@ -60,5 +66,8 @@
     "typescript",
     "event-bus"
   ],
+  "resolutions": {
+    "js-yaml": ">=3.13.1"
+  },
   "license": "Apache-2.0"
 }