Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NO-ISSUE] Scoped package #1

Merged
merged 1 commit into from
Dec 14, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 3 additions & 6 deletions .eslintrc.json
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@
{
"env": {
"es6": true,
"node": true,
"jest": true
"node": true
},
"extends": [
"eslint:recommended",
"plugin:import/recommended",
"plugin:jest/recommended",
"prettier"
],
"plugins": ["import", "jest", "prettier"],
"plugins": ["import", "prettier"],
"rules": {
"import/no-extraneous-dependencies": "error",
"no-underscore-dangle": "error",
Expand All @@ -25,7 +23,6 @@
"complexity": "off",
"import/unambiguous": "off",
"prefer-const": "error",
"no-var": "error",
"jest/no-identical-title": "warn"
"no-var": "error"
}
}
22 changes: 22 additions & 0 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
name: Publish

on:
release:
types: [created]

jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: 16
registry-url: https://registry.npmjs.org/
always-auth: true
- run: yarn install --frozen-lockfile
- run: yarn publish --access public
env:
SNYK_TOKEN: ${{secrets.SNYK_TOKEN}}
NODE_AUTH_TOKEN: ${{secrets.NODE_AUTH_TOKEN}}
CI: true
10 changes: 2 additions & 8 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,11 @@ on:
jobs:
build:
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [12.x]

steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
- uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
node-version: 16
- run: yarn install --frozen-lockfile
- run: yarn ci
env:
Expand Down
2 changes: 1 addition & 1 deletion .nvmrc
Original file line number Diff line number Diff line change
@@ -1 +1 @@
14
16
File renamed without changes.
5 changes: 5 additions & 0 deletions docs/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# ChangeLog

## [4.0.0] - 14-12-2021

- feat: upgrade dependencies to latest versions
- feat: move package to `@asos` scope

## [3.4.0] - 13-05-2021

- feat: snyk authentication errors are now captured and logged specifically
Expand Down
39 changes: 11 additions & 28 deletions docs/CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,49 +1,32 @@
# Contributing to this repository

First of all, thanks for taking the time to read this document and contributing to our codebase.

Please read each section carefully!
First of all, thanks for taking the time to read this document and contributing to our codebase! 🎉 🍻

## Getting started

The first thing to do before starting to work on your feature would be to have a conversation with the codeowners about it, we may have some pointers or examples that might make your life much easier!

The other thing you will need before you start is to create an issue describing what it is that you're set to do, or if its a bug make sure there are clear reproduction steps on the description.
If you're working on an existing issue then awesome! Let us know by dropping a comment in the issue.

Things to talk about in our first conversation:

- Planned implementation
- Test plan
- Q&A
If it's a new bug fix or feature that you would like to contribute, then please raise an issue so it can be tracked (and to help out others who are experiencing the same issue / want the new thing know that it's being looked at!). Be sure to check for existing issues before raising your own!

## Working on your feature

### Branching

On this project we follow mainline development (or trunk based development), and our default branch is `main`.

Therefore you need to branch from `main` and merge into `main`.

We use the following convention for branch names `feature/short-description`, where short description is to have an idea what the branch is about and the `feature` part is for features, but it can vary on other kinds of issues.

Here are some examples:

- `feature/new-icon`, a new feature.
- `fix/windows-bug`, a bug fix
- `chore/upgrade-eslint`, a chore is something that doesn't add functionality to the user but needs to be done.
Therefore you need to branch / fork from `main` and merge into `main`.

### Coding style

Generally try to match the style and conventions of the code around your changes. Ultimately we want code that is clear, concise, consistent and easy to read.

Broadly we're in-tune with the following style guides:
You can format the code with:

- JavaScript
- <https://github.com/prettier/prettier>
- <https://github.com/airbnb/javascript>
- <https://github.com/ryanmcdermott/clean-code-javascript>
```console
yarn lint
```

### Unit tests
### Tests

Before opening a PR, please run the following command to make sure your branch will build and pass all the tests:

Expand All @@ -55,8 +38,8 @@ yarn ci

Once you're confident your branch is ready to review, open a PR against `main` on this repo.

Please make sure you fill the PR template correctly.
Please use the PR template as a guide, but if your change doesn't quite fit it, feel free to customize! 🙃

## Merging and publishing

When your feature branch/PR has been tested and has an approval, it is then ready to merge. Please contact the maintainer to action the merge.
When your feature branch / PR has been tested and has an approval, it is then ready to merge. Please contact the maintainer to action the merge.
2 changes: 1 addition & 1 deletion docs/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,4 @@ Brief summary of PR purpose and code changes.
## CheckList

- [ ] PR starts with [_ISSUE_ID_].
- [ ] Has been tested (where required) before merge to develop.
- [ ] Has been tested (where required) before merge to `main`.
55 changes: 32 additions & 23 deletions package.json
Original file line number Diff line number Diff line change
@@ -1,56 +1,65 @@
{
"name": "snyker",
"version": "3.4.0",
"name": "@asos/snyker",
"version": "4.0.0",
"description": "An opinionated, heavy-handed wrapper around Snyk.",
"main": "lib/index.js",
"bin": "bin/snyker",
"license": "MIT",
"repository": {
"type": "git",
"url": "git+https://github.com/asos/snyker.git"
"author": {
"name": "Craig Morten",
"email": "[email protected]"
},
"license": "MIT",
"keywords": [
"snyk",
"security",
"vulnerabilities"
],
"author": "Craig Morten <[email protected]>",
"homepage": "https://github.com/asos/snyker#README",
"repository": {
"type": "git",
"url": "git+https://github.com/asos/snyker.git"
},
"bugs": {
"url": "https://github.com/asos/snyker/issues"
},
"homepage": "https://github.com/asos/snyker#README",
"directories": {
"doc": "docs",
"lib": "lib"
},
"main": "lib/index.js",
"bin": {
"snyker": "bin/snyker"
},
"scripts": {
"build": "cross-env BABEL_ENV=node rollup -c server.rollup.js",
"ci": "yarn clean && yarn lint && yarn build && yarn snyker && yarn snyker:npm",
"clean": "yarn clean:lib && yarn clean:lock",
"clean:lib": "rimraf lib",
"clean:lock": "rimraf package-lock.json",
"lint": "eslint ./src",
"lint:fix": "yarn lint --fix",
"snyker": "bin/snyker",
"snyker:npm": "bin/snyker --lockfile=package-lock.json && yarn clean:lock",
"prepublishOnly": "yarn ci"
},
"dependencies": {
"@yarnpkg/lockfile": "^1.1.0",
"js-yaml": "^3.14.0",
"snyk": "^1.520.0",
"yargs": "^15.3.0"
"js-yaml": "^4.1.0",
"snyk": "^1.790.0",
"yargs": "^17.3.0"
},
"devDependencies": {
"@babel/core": "^7.9.0",
"cross-env": "^7.0.2",
"eslint": "^7.16.0",
"eslint-config-prettier": "^6.10.1",
"eslint-plugin-import": "^2.20.2",
"eslint-plugin-jest": "^23.8.2",
"eslint-plugin-prettier": "^3.1.3",
"prettier": "^2.0.5",
"@babel/core": "^7.16.5",
"cross-env": "^7.0.3",
"eslint": "^8.4.1",
"eslint-config-prettier": "^8.3.0",
"eslint-plugin-import": "^2.25.3",
"eslint-plugin-prettier": "^4.0.0",
"prettier": "^2.5.1",
"rimraf": "^3.0.2",
"rollup": "^2.6.1",
"rollup": "^2.61.1",
"rollup-plugin-babel": "^4.4.0",
"rollup-plugin-commonjs": "^10.1.0",
"rollup-plugin-json": "^4.0.0",
"rollup-plugin-node-resolve": "^5.2.0",
"rollup-plugin-terser": "^6.0.0"
"rollup-plugin-terser": "^7.0.2"
}
}
13 changes: 6 additions & 7 deletions src/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ const updateSnykPolicyPatches = (patchablePackages) => {
),
};

const updatedPolicyFile = yaml.safeDump(updatedPolicy);
const updatedPolicyFile = yaml.dump(updatedPolicy);
fs.writeFileSync(".snyk", updatedPolicyFile);
};

Expand Down Expand Up @@ -256,7 +256,7 @@ const updateSnykPolicyWithPersistedVulnerabilityData = (originalPolicy) => {
),
};

const updatedPolicyFile = yaml.safeDump(updatedPolicy);
const updatedPolicyFile = yaml.dump(updatedPolicy);
fs.writeFileSync(".snyk", updatedPolicyFile);
};

Expand Down Expand Up @@ -321,7 +321,7 @@ const snyker = async () => {
console.log(
"\nMissingApiTokenError: `snyk` requires an authenticated account. Please run `snyk auth` and try again.\n\nRestoring Original Snyk Policy."
);
fs.writeFileSync(".snyk", yaml.safeDump(originalPolicy));
fs.writeFileSync(".snyk", yaml.dump(originalPolicy));
process.exit(1);
}

Expand Down Expand Up @@ -361,13 +361,12 @@ const snyker = async () => {
console.log(
"\nMissingApiTokenError: `snyk` requires an authenticated account. Please run `snyk auth` and try again.\n\nRestoring Original Snyk Policy."
);
fs.writeFileSync(".snyk", yaml.safeDump(originalPolicy));
fs.writeFileSync(".snyk", yaml.dump(originalPolicy));
process.exit(1);
}

const { vulnerabilities: finalVulnerabilities, error } = JSON.parse(
finalSnykTestOut
);
const { vulnerabilities: finalVulnerabilities, error } =
JSON.parse(finalSnykTestOut);

if (error) {
throw error;
Expand Down
Loading