Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

v2.0 #39

Merged
merged 10 commits into from
Jun 22, 2021
Merged

v2.0 #39

merged 10 commits into from
Jun 22, 2021

Conversation

jeemok
Copy link
Owner

@jeemok jeemok commented Jun 20, 2021
edited
Loading

You can install it by npm install better-npm-audit@next

Notable changes

  • Simplified the workflow and improved overall performance by running lesser in the process.
  • Added table module to display summaries (Initially used cli-table for its small size, however the issues in the repo concerns me in its display quality in other OS. Hence, chosen table module despite its package size is much bigger)
  • Added table display for security report
  • Added table display of exceptions from .nsprc file
  • Cleaned up test cases structure to be more straight forward and easier to maintain

Breaking changes

  • Renamed --ignore -i flag to --exclude -x for better clarity.
  • Removed --display-full flag that was used to ignore the maximum display limit. Now with the summary table it would be unlikely to display large size of information.
  • Removed --display-notes flag that was used for displaying exception notes. Now it is included in the exceptions table.
  • Renamed ignore field to active in .nsprc file for better clarity.
  • Renamed reason field to notes in .nsprc file for better clarity.

Others

  • Removed logging of flags used in the command
  • Added NPM audit into the CI pipeline
  • Added .github/FUNDING.yml
  • Updated README.md

Closed issues

  • #20 Provide more output when parsing exceptions file
  • #27 Hide excepted vulnerabilities from output
  • #28 Missing [ in truncation message

@jeemok jeemok added this to the v2 milestone Jun 20, 2021
@jeemok jeemok self-assigned this Jun 20, 2021
This was linked to issues Jun 21, 2021
Provide more output when parsing exceptions file #20
Closed
Hide excepted vulnerabilities from output #27
Closed
Missing [ in truncation message #28
Closed
@jeemok
Copy link
Owner Author

jeemok commented Jun 21, 2021

Trading size for quality...

Screen Shot 2021-06-21 at 11 22 24 AM

@jeemok
Copy link
Owner Author

jeemok commented Jun 21, 2021

Hey @alertme-edwin, I'm happy to present this next version to you that takes the suggestions you given in the past and made a few improvements too! Feel free to test this out and let me know what you think!

@alert-debug
Copy link

I've just been trying out version 2.0.3-rc and the experience is fantastic! This is great work, thank you!

The output is now really succinct and readable, which should help new users to instantly see the benefit of this tool.

If I can just offer a small correction, the string:

1 vulnerabilities where excluded but did not result in a vulnerabilities: XXX. They can be removed...

would perhaps be better if worded like this instead:

1 of the excluded vulnerabilities did not match any of the found vulnerabilities: XXX. It can be removed...

with "They can" being used if there is more than one.

@jeemok
Copy link
Owner Author

jeemok commented Jun 22, 2021

@alertme-edwin Glad to hear that! Thanks for the wording suggestion, let me add it in now 👍🏻

@jeemok jeemok merged commit b7eef78 into master Jun 22, 2021
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees

@jeemok jeemok

Labels
None yet
Projects
None yet
Milestone
v2
2 participants
@jeemok @alert-debug