Commit e737911f authored by SBassett's avatar SBassett
Browse files

More debugging of variable assignment and expansion

parent 69f2318f
Pipeline #1394 passed with stage
in 48 seconds
......@@ -10,11 +10,6 @@ npm_audit_dependency_check:
before_script:
- apt-get update -yqq && apt-get install -yqq git
- npm install -g audit-ci
- |
# check if alternative npm audit options were specified calling gitlab-ci.yml file
if [ ! -z ${WM_APPSEC_NPM_AUDIT_OPTIONS} ]; then
NPM_AUDIT_OPTIONS=${WM_APPSEC_NPM_AUDIT_OPTIONS}
fi
script:
- |
......@@ -22,6 +17,12 @@ npm_audit_dependency_check:
file_list=$(git diff-tree --no-commit-id --name-only -r $CI_COMMIT_SHA -- \
{*package.json,*package-lock.json,*/package.json,*/package-lock.json})
# check if alternative npm audit options were specified calling gitlab-ci.yml file
if [ ! -z ${WM_APPSEC_NPM_AUDIT_OPTIONS} ]; then
NPM_AUDIT_OPTIONS=${WM_APPSEC_NPM_AUDIT_OPTIONS}
fi
# find all modified package.json files and run audit-ci against them
TOTAL_EXIT_CODES=0
for f in $file_list; do
npm_dir="$(dirname "$f")"
......@@ -29,6 +30,7 @@ npm_audit_dependency_check:
npm install --package-lock-only
echo -e "\n "
echo -e "----- $f -----"
echo ${WM_APPSEC_NPM_AUDIT_OPTIONS}
echo ${NPM_AUDIT_OPTIONS}
echo -e "\n "
set -e
......@@ -36,6 +38,7 @@ npm_audit_dependency_check:
audit-ci ${NPM_AUDIT_OPTIONS} || EXIT_CODE=$?
TOTAL_EXIT_CODES=$(($TOTAL_EXIT_CODES + $EXIT_CODE))
done
if [ "$TOTAL_EXIT_CODES" -gt 0 ]; then
echo -e "\n "
echo -e "At least one package.json file contained vulnerable dependencies, please review."
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment