search

IBM / audit-ci

Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found at or above a configurable threshold while ignoring allowlisted advisories
Apache License 2.0
264 stars 42 forks source link

BREAKING: Require Node 18, support ESM and CJS #319

Closed quinnturner closed 9 months ago

quinnturner commented 1 year ago

Drop support for Node <18. This is a security library; we must enforce secure Node.js versioning practices 😄

Are the types wrong report

audit-ci git:(esm-cjs) ✗ bunx attw ./audit-ci-7.0.0.tgz

audit-ci v7.0.0

Build tools:
- typescript@^5.3.3

 No problems found 🌟

"audit-ci"

node10: 🟢 
node16 (from CJS): 🟢 (CJS)
node16 (from ESM): 🟢 (ESM)
bundler: 🟢 

***********************************

"audit-ci/package.json"

node10: 🟢 (JSON)
node16 (from CJS): 🟢 (JSON)
node16 (from ESM): 🟢 (JSON)
bundler: 🟢 (JSON)

***********************************