1
0
mirror of https://github.com/SomboChea/ui synced 2024-11-24 06:54:27 +07:00

Merge pull request #139 from verdaccio/security-deps

chore(deps): bump detect-secrets for enhanced dev workflow
This commit is contained in:
Sergio Hg 2019-09-29 23:46:38 +02:00 committed by GitHub
commit ae6e479f16
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 59 additions and 5 deletions

40
.secrets-baseline Normal file
View File

@ -0,0 +1,40 @@
{
"exclude": {
"files": null,
"lines": null
},
"generated_at": "2019-09-29T18:19:50Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
},
{
"name": "ArtifactoryDetector"
},
{
"base64_limit": 4.5,
"name": "Base64HighEntropyString"
},
{
"name": "BasicAuthDetector"
},
{
"hex_limit": 3,
"name": "HexHighEntropyString"
},
{
"name": "KeywordDetector"
},
{
"name": "PrivateKeyDetector"
},
{
"name": "SlackDetector"
},
{
"name": "StripeDetector"
}
],
"results": {},
"version": "0.12.4"
}

View File

@ -26,14 +26,14 @@ We use `>=yarn@1.13.0`, keep on mind we use lock file.
For development run the following command, it will execute `webpack` and `verdaccio` to
```
```bash
yarn dev
```
The configuration file is located on `tools/_config.yaml`.
Run linting tooling and test to check your code is clean before commit.
```
```bash
yarn lint && yarn test
```

View File

@ -3,12 +3,14 @@
"version": "0.3.1",
"description": "Verdaccio User Interface",
"author": {
"name": "Verdaccio Core Team"
"name": "Verdaccio Core Team",
"email": "verdaccio.npm@gmail.com"
},
"repository": {
"type": "git",
"url": "git://github.com/verdaccio/ui"
},
"homepage": "https://verdaccio.org",
"main": "index.js",
"devDependencies": {
"@commitlint/cli": "8.2.0",
@ -35,6 +37,7 @@
"codecov": "3.6.1",
"concurrently": "4.1.2",
"cross-env": "6.0.0",
"detect-secrets": "1.0.4",
"css-loader": "3.2.0",
"date-fns": "1.30.1",
"emotion": "9.2.12",
@ -65,6 +68,7 @@
"js-base64": "2.5.1",
"js-yaml": "3.13.1",
"lint-staged": "8.2.1",
"lockfile-lint": "2.0.1",
"localstorage-memory": "1.0.3",
"mini-css-extract-plugin": "0.8.0",
"node-mocks-http": "1.8.0",
@ -149,9 +153,10 @@
"test:acceptance:server": "concurrently --kill-others \"npm run verdaccio:server\" \"npm run test:acceptance\"",
"test": "cross-env NODE_ENV=test BABEL_ENV=test TZ=UTC jest --config ./jest/jest.config.js --maxWorkers 2 --passWithNoTests",
"test:size": "bundlesize",
"lint": "npm run lint:js && npm run lint:css",
"lint": "npm run lint:js && npm run lint:css && npm run lint:lockfile",
"lint:js": "npm run type-check && eslint . --ext .js,.ts,.tsx",
"lint:css": "stylelint \"src/**/styles.ts\"",
"lint:lockfile": "lockfile-lint --path yarn.lock --type yarn --validate-https --allowed-hosts verdaccio npm yarn",
"coverage:publish": "codecov",
"pre:webpack": "rimraf static/*",
"prepublish": "in-publish && npm run build || not-in-publish",
@ -176,10 +181,11 @@
"relative": true,
"linters": {
"*.{js,tsx,ts}": [
"eslint",
"eslint .",
"prettier --write"
],
"*": [
"detect-secrets-launcher --baseline .secrets-baseline",
"git add"
]
},

View File

@ -4539,6 +4539,14 @@ detect-node@^2.0.4:
resolved "https://registry.verdaccio.org/detect-node/-/detect-node-2.0.4.tgz#014ee8f8f669c5c58023da64b8179c083a28c46c"
integrity sha512-ZIzRpLJrOj7jjP2miAtgqIfmzbxa4ZOr5jJc601zklsfEx9oTzmmj2nVpIPRpNlRTIh8lc1kyViIY7BWSGNmKw==
detect-secrets@1.0.4:
version "1.0.4"
resolved "https://registry.verdaccio.org/detect-secrets/-/detect-secrets-1.0.4.tgz#28dd8630d8577f6e5b508143272529eed34d2d7c"
integrity sha512-XfVywZNrmj5lJqJQb+L9a5C31+XLy7sgoBV5eySUL2oIUbZjdFbLLxVT0010OU1vSpnoLDbJxIEoDNR3iRq8ng==
dependencies:
debug "^4.1.0"
which "^1.3.1"
diacritic@0.0.2:
version "0.0.2"
resolved "https://registry.verdaccio.org/diacritic/-/diacritic-0.0.2.tgz#fc2a887b5a5bc0a0a854fb614c7c2f209061ee04"