Skip to content

Commit

Permalink
Update audit script used by npm run test-security to skip vendor fo…
Browse files Browse the repository at this point in the history 
…lders which are not actively using node.js (ex: they may use node, but only for tests, etc)

Fixes #4075
  • Loading branch information
@bsclifton
bsclifton committed Apr 12, 2019
1 parent 1053d13 commit 4ccd506
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 3 deletions.
5 changes: 3 additions & 2 deletions scripts/audit.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,16 @@ const syncDir = path.join(braveDir, 'components', 'brave_sync', 'extension')
*/
function npmAudit (pathname) {
if (fs.existsSync(path.join(pathname, 'package.json')) &&
fs.existsSync(path.join(pathname, 'package-lock.json'))) {
fs.existsSync(path.join(pathname, 'package-lock.json')) &&
fs.existsSync(path.join(pathname, 'node_modules'))) {
console.log('Auditing', pathname)
let cmdOptions = {
cwd: pathname,
shell: process.platform === 'win32' ? true : false
}
util.run('npm', ['audit'], cmdOptions)
} else {
console.log('Skipping audit of', pathname)
console.log('Skipping audit of "' + pathname + '" (no package.json or node_modules directory found)')
}
}

Expand Down
2 changes: 1 addition & 1 deletion vendor/depot_tools
Submodule depot_tools updated from eb2767 to 1de3cd

0 comments on commit 4ccd506

Please sign in to comment.