Releases: NodeSecure/cli
Releases · NodeSecure/cli
v2.5.0
What's Changed
- ci(provenance): allow to manually trigger GA by @fraxken in #368
- ci(provenance): remove public after --provenance by @fraxken in #369
- docs: add SLSA badge by @fraxken in #371
- Refactor scorecard using @nodesecure/utils by @zikos2 in #375
- docs: add zikos2 as a contributor for code by @allcontributors in #376
- chore(deps): bump the github-actions group with 5 updates by @dependabot in #378
- feat(interface) : Allow to customize the theme for report export by @halcin in #380
- chore: update dependencies by @PierreDemailly in #392
- refactor(README): replace with HD UI preview by @fraxken in #395
- chore(eslint): use latest ecma version by @PierreDemailly in #396
- chore(deps-dev): bump esbuild from 0.22.0 to 0.23.0 in the development-dependencies group by @dependabot in #397
- chore(deps): bump @nodesecure/npm-registry-sdk from 2.1.1 to 3.0.0 in the nodesecure-dependencies group by @dependabot in #398
- fix(cli): scorecard visualizer url by @PierreDemailly in #400
- feat(searchbar): keyboard navigation by @PierreDemailly in #399
- refactor: remove window.disableShortcuts by @PierreDemailly in #401
- feat(cli): generate report by @PierreDemailly in #403
- chore(deps-dev): bump the development-dependencies group with 2 updates by @dependabot in #402
- feat(interface): friendly dependencies & legend by @PierreDemailly in #407
- chore(deps): bump the github-actions group with 5 updates by @dependabot in #405
- chore(deps-dev): bump @types/node from 20.14.13 to 22.0.0 in the development-dependencies group by @dependabot in #404
- chore: update dependencies by @PierreDemailly in #409
- docs: add missing GitHub blockquotes by @fraxken in #410
- chore: update scanner/vulnera and remove legacy hydrate-db command by @fraxken in #414
- fix: move server-destroy to devDependencies by @fraxken in #415
- feat(interface/settings): categorize and translate showFriendly checkbox by @PierreDemailly in #417
- fix(verify): inject undefined instead of null for a local scan by @fraxken in #418
- fix(summary): make it work with Scanner major v6 by @fraxken in #419
- refactor: new CLI commands documentation by @foucsi in #413
- docs: add foucsi as a contributor for doc by @allcontributors in #420
- docs: enhance CLI commands & usage examples by @fraxken in #421
New Contributors
Full Changelog: v2.4.0...v2.5.0
Contributors
fraxken, halcin, and 5 other contributors
Assets 2
v2.4.0
What's Changed
- feat(interface): prevent network navigation when wiki is opened by @FredGuiou in #324
- docs: add FredGuiou as a contributor for code by @allcontributors in #325
- feat(wiki): keyboard navigation by @PierreDemailly in #328
- fix(code-fetcher): improve multi-line code snippet by @PierreDemailly in #329
- make npmAvatar primary src by @kishore881 in #331
- feat(interface): navigate between locked nodes by @PierreDemailly in #340
- chore: update copyright by @fabnguess in #348
- feat: improve i18n by @PierreDemailly in #347
- feat(interface): download report by @PierreDemailly in #349
- chore: use dependabot groups by @PierreDemailly in #356
- chore: fix dependabot group name by @PierreDemailly in #357
- chore(deps): bump the github-actions group with 3 updates by @dependabot in #358
- chore(deps): bump the dependencies group with 2 updates by @dependabot in #359
- chore(deps): bump the nodesecure-dependencies group with 2 updates by @dependabot in #362
- chore(deps-dev): bump the development-dependencies group with 1 update by @dependabot in #360
- chore(http/report): remove co-body by @PierreDemailly in #363
- ci: setup npm provenance by @fraxken in #365
- 2.4.0 by @fraxken in #366
- ci(provenance): do not use npm ci by @fraxken in #367
New Contributors
- @FredGuiou made their first contribution in #324
Full Changelog: v2.3.1...v2.4.0
Contributors
fraxken, dependabot, and 5 other contributors
Assets 2
v2.3.1
What's Changed
- fix(build): missing i18n folder by @PierreDemailly in #322
- 2.3.1 by @PierreDemailly in #323
Full Changelog: v2.3.0...v2.3.1
Contributors
PierreDemailly
Assets 2
v2.3.0
What's Changed
- feat: implements ossf scorecard by @PierreDemailly in #125
- docs: add PierreDemailly as a contributor for code by @allcontributors in #126
- fix: remove import protocol for doc redirection by @PierreDemailly in #127
- feat: improve cliui design by @PierreDemailly in #129
- chore: fixing badges and adding back SECURITY.md by @fraxken in #130
- docs: add documentation for scorecards by @PierreDemailly in #132
- change the node.js favicon by our own logo by @Ineslujan in #137
- docs: add Ineslujan as a contributor for code by @allcontributors in #138
- Updating the URL of an avatar by @fabnguess in #136
- docs(badges): use for-the-badge style and remove downloads one by @fraxken in #139
- [Snyk] Upgrade cacache from 17.0.2 to 17.0.4 by @fraxken in #140
- Updating security policy by @fabnguess in #141
- ci: update and pin version with SHA-commit by @fraxken in #142
- feat: add dependabot yml configuration by @fraxken in #143
- [StepSecurity] Apply security best practices by @step-security-bot in #144
- CodeQL fix and remove root dependabot file by @fraxken in #147
- chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @dependabot in #145
- chore(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2 by @dependabot in #146
- chore(deps-dev): bump @myunisoft/httpie from 1.9.2 to 1.10.0 by @dependabot in #151
- chore(deps-dev): bump esbuild from 0.15.14 to 0.17.3 by @dependabot in #148
- docs: improve CONTRIBUTORS guide(s) by @fraxken in #153
- chore(deps-dev): bump @nodesecure/size-satisfies from 1.0.2 to 1.1.0 by @dependabot in #152
- chore: remove permanently package-lock.json by @fraxken in #157
- ci: remove lint stage and use coverage npm script by @fraxken in #158
- refactor: use latest spinner API and implement --silent mode by @fraxken in #162
- chore(deps): bump github/codeql-action from 2.1.39 to 2.2.0 by @dependabot in #161
- chore(deps): bump github/codeql-action from 2.2.0 to 2.2.1 by @dependabot in #163
- fix: searchbar helper redirect to the good section by @PierreDemailly in #166
- chore(deps): bump github/codeql-action from 2.2.1 to 2.2.3 by @dependabot in #168
- feat(cli): add scorecard command by @PierreDemailly in #164
- docs: add SofianD as a contributor for code by @allcontributors in #169
- chore(deps): bump github/codeql-action from 2.2.3 to 2.2.4 by @dependabot in #170
- feat: 3rd party tools links (Snyk & Socket.dev) by @PierreDemailly in #171
- chore(deps): bump step-security/harden-runner from 2.1.0 to 2.2.0 by @dependabot in #172
- fix(package.json): npm scripts using cross-env by @SofianD in #174
- Update dependabot frequency by @fabnguess in #175
- docs: add fabnguess as a contributor for maintenance by @allcontributors in #177
- chore(deps): bump github/codeql-action from 2.2.4 to 2.2.5 by @dependabot in #176
- chore: bump i18n by @PierreDemailly in #179
- refactor: transform to NPM monorepo by @fraxken in #178
- fix(security): add missing workflow top level permissions by @fraxken in #181
- chore(deps): bump ini from 3.0.1 to 4.0.0 by @dependabot in #182
- chore(deps): bump open from 8.4.2 to 9.1.0 by @dependabot in #183
- chore(deps): bump actions/checkout from 3.3.0 to 3.5.0 by @dependabot in #185
- chore(deps): bump github/codeql-action from 2.2.5 to 2.2.9 by @dependabot in #186
- chore(deps): bump step-security/harden-runner from 2.2.0 to 2.2.1 by @dependabot in #187
- chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #188
- chore: update dependencies by @fraxken in #184
- 2.2.0 by @fraxken in #189
- fix: move @openally/result from devDeps to deps by @PierreDemailly in #190
- 2.2.1 by @fraxken in #191
- chore(ci): run tests on Windows & Mac by @PierreDemailly in #192
- chore(deps): bump filenamify from 5.1.1 to 6.0.0 by @dependabot in #193
- refactor: migrate from tap to node test runner by @PierreDemailly in #202
- test: add missing tests by @PierreDemailly in #206
- chore(deps): bump github/codeql-action from 2.2.9 to 2.3.5 by @dependabot in #204
- chore: update dependencies by @PierreDemailly in #227
- fix: build error by @PierreDemailly in #230
- chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #232
- chore(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @dependabot in #231
- feat: apply settings on save by @PierreDemailly in #234
- feat: add scorecard visualizer external link by @PierreDemailly in #235
- chore: drop support for Node 16 by @fabnguess in #246
- refactor: split package component into multiple class by @fraxken in #247
- fix(network): missing type conversion by @PierreDemailly in #249
- fix: prevent update of current node by @PierreDemailly in #248
- Update documentation and dependencies by @fraxken in #251
- feat: add color to scorecard menu by @fraxken in #253
- feat(network): keyboard navigation by @PierreDemailly in #254
- fix: minors bugs in the package pannel by @fraxken in #256
- fix: package info does not shows by @PierreDemailly in #259
- Update scanner by @fraxken in #262
- chore: start working on home ossf scorecard by @fraxken in #261
- fix: package info not opening by @PierreDemailly in #260
- refactor(gauge): improve implementation & add optional chips by @fraxken in #263
- Avoid invalid GitHub crash by @fraxken in #268
- refactor(home.view): rework authors section by @fraxken in #267
- feat(scorecard): add support for GitLab by @PierreDemailly in #266
- feat(navigation): add simple anchor mecanism for views by @fraxken in #269
- feat: add clickable link to Gauge & add link to licenses by @fraxken in #274
- refactor: revamp flags position & fix unicode segmentation bug by @fraxken in #275
- fix(css): adapt package-container height by @fraxken in #277
- refactor: use node: namespace everywhere by @fraxken in #276
- feat: highlight suspicious scripts by @fraxken in #278
- refactor: use @topcli/prompts instead of qoa by @fraxken in #280
- fix: left menu not updated by @PierreDemailly in #282
- feat: create new header menu by @PierreDemailly in #283
- Fix bugs by @fraxken in #286
- refactor: improve wiki css by @fraxken in #281
- docs: update README by @fraxken in #287
- feat: verify payload scanner version & implement local i18n by @fraxken in #279
- feat(settings): hotkeys customisation by @PierreDemailly in #290
- feat: add wiki shortcut by @fraxken in #291
- feat: highlight suspicious packages by...
Contributors
fraxken, dependabot, and 7 other contributors
Assets 2
v2.2.1
What's Changed
- fix: move @openally/result from devDeps to deps by @PierreDemailly in #190
Full Changelog: v2.2.0...v2.2.1
Contributors
PierreDemailly
Assets 2
v2.2.0
What's Changed
- feat: implements ossf scorecard by @PierreDemailly in #125
- docs: add PierreDemailly as a contributor for code by @allcontributors in #126
- fix: remove import protocol for doc redirection by @PierreDemailly in #127
- feat: improve cliui design by @PierreDemailly in #129
- chore: fixing badges and adding back SECURITY.md by @fraxken in #130
- docs: add documentation for scorecards by @PierreDemailly in #132
- change the node.js favicon by our own logo by @Ineslujan in #137
- docs: add Ineslujan as a contributor for code by @allcontributors in #138
- Updating the URL of an avatar by @fabnguess in #136
- docs(badges): use for-the-badge style and remove downloads one by @fraxken in #139
- [Snyk] Upgrade cacache from 17.0.2 to 17.0.4 by @fraxken in #140
- Updating security policy by @fabnguess in #141
- ci: update and pin version with SHA-commit by @fraxken in #142
- feat: add dependabot yml configuration by @fraxken in #143
- [StepSecurity] Apply security best practices by @step-security-bot in #144
- CodeQL fix and remove root dependabot file by @fraxken in #147
- chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @dependabot in #145
- chore(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2 by @dependabot in #146
- chore(deps-dev): bump @myunisoft/httpie from 1.9.2 to 1.10.0 by @dependabot in #151
- chore(deps-dev): bump esbuild from 0.15.14 to 0.17.3 by @dependabot in #148
- docs: improve CONTRIBUTORS guide(s) by @fraxken in #153
- chore(deps-dev): bump @nodesecure/size-satisfies from 1.0.2 to 1.1.0 by @dependabot in #152
- chore: remove permanently package-lock.json by @fraxken in #157
- ci: remove lint stage and use coverage npm script by @fraxken in #158
- refactor: use latest spinner API and implement --silent mode by @fraxken in #162
- chore(deps): bump github/codeql-action from 2.1.39 to 2.2.0 by @dependabot in #161
- chore(deps): bump github/codeql-action from 2.2.0 to 2.2.1 by @dependabot in #163
- fix: searchbar helper redirect to the good section by @PierreDemailly in #166
- chore(deps): bump github/codeql-action from 2.2.1 to 2.2.3 by @dependabot in #168
- feat(cli): add scorecard command by @PierreDemailly in #164
- docs: add SofianD as a contributor for code by @allcontributors in #169
- chore(deps): bump github/codeql-action from 2.2.3 to 2.2.4 by @dependabot in #170
- feat: 3rd party tools links (Snyk & Socket.dev) by @PierreDemailly in #171
- chore(deps): bump step-security/harden-runner from 2.1.0 to 2.2.0 by @dependabot in #172
- fix(package.json): npm scripts using cross-env by @SofianD in #174
- Update dependabot frequency by @fabnguess in #175
- docs: add fabnguess as a contributor for maintenance by @allcontributors in #177
- chore(deps): bump github/codeql-action from 2.2.4 to 2.2.5 by @dependabot in #176
- chore: bump i18n by @PierreDemailly in #179
- refactor: transform to NPM monorepo by @fraxken in #178
- fix(security): add missing workflow top level permissions by @fraxken in #181
- chore(deps): bump ini from 3.0.1 to 4.0.0 by @dependabot in #182
- chore(deps): bump open from 8.4.2 to 9.1.0 by @dependabot in #183
- chore(deps): bump actions/checkout from 3.3.0 to 3.5.0 by @dependabot in #185
- chore(deps): bump github/codeql-action from 2.2.5 to 2.2.9 by @dependabot in #186
- chore(deps): bump step-security/harden-runner from 2.2.0 to 2.2.1 by @dependabot in #187
- chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #188
- chore: update dependencies by @fraxken in #184
New Contributors
- @Ineslujan made their first contribution in #137
- @fabnguess made their first contribution in #136
- @step-security-bot made their first contribution in #144
- @SofianD made their first contribution in #174
Full Changelog: v2.1.2...v2.2.0
Contributors
fraxken, dependabot, and 6 other contributors
Assets 2
v2.1.2
v2.1.1
What's Changed
- Update dependencies by @fraxken (fixing issue with missing tslib and deprecated npm package with
cacache). - Add a warning when NODE_SECURE_TOKEN is missing by @tekeuange23 in #115
- docs: add tekeuange23 as a contributor for code by @allcontributors in #120
New Contributors
- @tekeuange23 made their first contribution in #115
Full Changelog: v2.1.0...v2.1.1
Contributors
fraxken, tekeuange23, and allcontributors
Assets 2
v2.1.0
What's Changed
- fix: initialize fade with bin instead of old manifest name by @PierreDemailly in #110
- chore(deps): bump undici from 5.5.1 to 5.8.0 by @dependabot in #111
- Chore add command to manage runtime configuration by @Kawacrepe in #104
- docs: add Kawacrepe as a contributor for code, bug by @allcontributors in #112
- replacement of the @slimio/async-cli-spinner library by @topcli/spinner by @halcin in #114
- docs: add halcin as a contributor for code by @allcontributors in #116
- chore(deps): bump undici from 5.8.0 to 5.10.0 by @dependabot in #117
- fix: use info as default instead of overview by @fraxken in #119
New Contributors
- @PierreDemailly made their first contribution in #110
- @Kawacrepe made their first contribution in #104
- @halcin made their first contribution in #114
Full Changelog: v2.0.0...v2.1.0
Contributors
fraxken, halcin, and 4 other contributors
Assets 2
v1.0.0
What's Changed
- Move the project into the NodeSecure org and rename it
cli. - chore: fix ci by @tony-go in #94
- Add scanner v3.3.0 which add support for Workspaces by @fraxken.
Many thanks to the FrenchJavaScript community (ES-Community) that hosted the project for several years.
Full Changelog: v0.9.0...v1.0.0
Contributors
fraxken and tony-go