issues
search
IBM
/
audit-ci
Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found at or above a configurable threshold while ignoring allowlisted advisories
Apache License 2.0
263
stars
43
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Instability in audit pass/fail
#346
kf6kjg
opened
1 day ago
0
Audit not failing in GitLab CI pipeline
#345
MacPiston
opened
1 month ago
6
Bug: Does not work with bun
#344
Sukaato
closed
3 months ago
0
Tests failing when adding expiry to CVE.
#343
becker-finstreet
opened
3 months ago
0
fix: braces audit
#342
quinnturner
closed
4 months ago
0
Try yargs import
#341
quinnturner
closed
4 months ago
0
SyntaxError: The requested module 'yargs/yargs' does not provide an export named 'default'
#340
afdev82
closed
4 months ago
3
chore(deps-dev): bump braces from 3.0.2 to 3.0.3
#339
dependabot[bot]
closed
4 months ago
1
Bump audit-types to support Yarn v4
#338
quinnturner
closed
5 months ago
0
chore(deps): bump chownr from 1.0.0 to 1.1.0 in /test/yarn-4-low
#337
dependabot[bot]
closed
5 months ago
1
chore(deps): bump qs from 6.10.2 to 6.10.3 in /test/yarn-4-workspace/packages/yarn-high
#336
dependabot[bot]
closed
5 months ago
1
fix: add hideBin(process.argv) #334
#335
quinnturner
closed
5 months ago
0
v7 ignores command line arguments
#334
hwo411
closed
5 months ago
2
Update README.md
#333
quinnturner
closed
5 months ago
0
Support Yarn v4
#332
mistaecko
opened
6 months ago
6
chore(deps): bump undici from 5.19.1 to 5.28.4 in /test/yarn-moderate
#331
dependabot[bot]
closed
5 months ago
1
chore(deps-dev): bump vite from 5.0.7 to 5.2.8
#330
dependabot[bot]
closed
5 months ago
1
chore(deps): bump follow-redirects, axios and github-build in /test/npm-allowlisted-path
#329
dependabot[bot]
closed
5 months ago
1
chore(deps): bump axios from 0.15.3 to 0.28.0 in /test/npm-allowlisted-path
#328
dependabot[bot]
closed
8 months ago
1
chore(deps): bump undici from 5.19.1 to 5.28.3 in /test/yarn-moderate
#327
dependabot[bot]
closed
7 months ago
1
chore(deps-dev): bump vite from 5.0.7 to 5.0.12
#326
dependabot[bot]
closed
7 months ago
1
CI commands fail because no version 7
#325
DominicGBauer
closed
5 months ago
1
chore(deps): bump follow-redirects, axios and github-build in /test/npm-allowlisted-path
#324
dependabot[bot]
closed
8 months ago
1
fix: auditer -> auditor
#323
quinnturner
closed
11 months ago
0
fix: dist/bin.js path
#322
quinnturner
closed
11 months ago
0
Fix audits
#321
quinnturner
closed
11 months ago
0
Bun test runner
#320
quinnturner
closed
11 months ago
0
BREAKING: Require Node 18, support ESM and CJS
#319
quinnturner
closed
11 months ago
0
The audit report format changed?
#318
alexanderameye
closed
1 year ago
2
fix: fix types export in package.json
#317
kyletsang
closed
11 months ago
0
chore(deps): bump @builder.io/qwik from 0.16.1 to 0.21.0 in /test/yarn-moderate
#316
dependabot[bot]
closed
11 months ago
1
Replace event-stream with something secure and supported
#315
jeremywadsack
closed
5 months ago
4
fix: sort all outputs for cleanliness and consistency
#314
quinnturner
closed
1 year ago
0
chore: Add tslib dependency for smaller size
#313
quinnturner
closed
1 year ago
0
chore(deps): bump @builder.io/qwik from 0.16.1 to 0.16.2 in /test/yarn-moderate
#312
dependabot[bot]
closed
1 year ago
1
Support ESM
#311
quinnturner
closed
1 year ago
0
[BREAKING] Remove printing audit-ci version
#310
quinnturner
closed
1 year ago
0
feat: Improved CLI support and TypeScript tests & migrate to PNPM
#309
quinnturner
closed
1 year ago
0
packages starting with "@" are not working in allowlist
#308
WhatIfWeDigDeeper
closed
1 year ago
2
Release 6.6.1
#307
quinnturner
closed
1 year ago
0
fix(#301): Handle JSONStream.parse() errors more gracefully
#306
quinnturner
closed
1 year ago
0
Add files for Yarn 3
#305
quinnturner
closed
5 months ago
0
Update README.md for improved docs on extra-args
#304
quinnturner
closed
1 year ago
0
chore: Release 6.6.0
#303
quinnturner
closed
1 year ago
0
Tests should include all major Yarn versions
#302
sargunv
closed
5 months ago
2
Handle errors from Yarn Berry more gracefully
#301
sargunv
closed
1 year ago
2
Add `--extra-args` to fix #298
#300
sargunv
closed
1 year ago
6
chore(deps): bump json5 from 1.0.1 to 1.0.2
#299
dependabot[bot]
closed
1 year ago
0
Support Yarn's `--exclude`
#298
sargunv
closed
1 year ago
2
[BREAKING] feat: Improved scripting support and TypeScript tests
#297
quinnturner
closed
1 year ago
0
Next