Commits · 7b5e07d4fbea02690ece354738cbbf540c5396f3 · repos / security / Gitlab CI Security Templates

17 Dec, 2021 15 commits
- Remove debug opts · 7b5e07d4
  SBassett authored Dec 17, 2021
  
  7b5e07d4
- Hopefully this works now given type in calling gitlab-ci.yml :/ · 2e306338
  SBassett authored Dec 17, 2021
  
  2e306338
- Test external env variable in variables: directive · b01c1170
  SBassett authored Dec 17, 2021
  
  b01c1170
- More testing of environment variables · 0f2c6345
  SBassett authored Dec 17, 2021
  
  0f2c6345
- More testing of variable expansion and assignment · fd43310b
  SBassett authored Dec 17, 2021
  
  fd43310b
- More testing of variable expansion and assignment · 70eecfc1
  SBassett authored Dec 17, 2021
  
  70eecfc1
- Try this debug output · 18541e68
  SBassett authored Dec 17, 2021
  
  18541e68
- More debugging of variable assignment and expansion · e737911f
  SBassett authored Dec 17, 2021
  
  e737911f
- See if gitlab ci likes this kind of variable expansion/assignment · 69f2318f
  SBassett authored Dec 17, 2021
  
  69f2318f
- Echo npm audit options var to make sure the override logic is actually working · ab38c3ae
  SBassett authored Dec 17, 2021
  
  ab38c3ae
- * One last attempt at echoing newlines in gitlab ci console output · fb7e8f6f
  SBassett authored Dec 17, 2021
```
* Re-work logic for npm audit options variable checks
```
  fb7e8f6f
- * This appears to be the only way to echo newlines for gitlab ci console output :/ · da3a63e1
  SBassett authored Dec 17, 2021
  
  da3a63e1
- * Add separate echo statements instead of newlines, which is apparently how... · f9198216
  SBassett authored Dec 17, 2021
```
* Add separate echo statements instead of newlines, which is apparently how this must be done in gitlab ci console output :/
* Add support for WM_APPSEC_NPM_AUDIT_OPTION variable to override default secteam npm audit options
```
  f9198216
- * Use env var to specify specific docker-registry.w.o image · b8605f6c
  SBassett authored Dec 17, 2021
```
* Try different approach to echo newlines (may not work)
* Add review msg if at least one vulnerable package.json exists
```
  b8605f6c
- More testing of trapping exit · ddf56264
  SBassett authored Dec 17, 2021
  
  ddf56264
16 Dec, 2021 6 commits
- More testing of exit code trapping · a230ad65
  SBassett authored Dec 16, 2021
  
  a230ad65
- More testing of trapping exit codes · 71e62164
  SBassett authored Dec 16, 2021
  
  71e62164
- More testing of exit code trapping · 1763c70f
  SBassett authored Dec 16, 2021
  
  1763c70f
- Continued testing of trapped exit codes for multiple package.jsons · de966d73
  SBassett authored Dec 16, 2021
  
  de966d73
- More testing of trapping of exit codes into cumulative var · d232dff7
  SBassett authored Dec 16, 2021
  
  d232dff7
- Try this method to trap exit codes... · a70594d9
  SBassett authored Dec 16, 2021
  
  a70594d9
14 Dec, 2021 17 commits
- Add echo of current package.json/package-lock.json file · 4a9d3380
  SBassett authored Dec 14, 2021
  
  4a9d3380
- Add echo of current package.json/package-lock.json file · 1dc1a8d4
  SBassett authored Dec 14, 2021
  
  1dc1a8d4
- Try another echo pattern, ugh. · f530631f
  SBassett authored Dec 14, 2021
  
  f530631f
- Try more dashes? · 33ca0b4c
  SBassett authored Dec 14, 2021
  
  33ca0b4c
- Separate echoes for newlines? · d32249b9
  SBassett authored Dec 14, 2021
  
  d32249b9
- Do more newlines work or no? · 1a6666b7
  SBassett authored Dec 14, 2021
  
  1a6666b7
- More formatting for echo of specific package.json/package-lock.json file · 79e0105b
  SBassett authored Dec 14, 2021
  
  79e0105b
- Echo specific package.json/package-lock.json file path above audit-ci run · 851affb3
  SBassett authored Dec 14, 2021
  
  851affb3
- * Add apt-get install for git · 235f7be0
  SBassett authored Dec 14, 2021
  
  235f7be0
- Try test-browser image... · e3acea6c
  SBassett authored Dec 14, 2021
  
  e3acea6c
- Update node14 image to -test · 4969d6f2
  SBassett authored Dec 14, 2021
  
  4969d6f2
- * Change image to correct node14 image · da6252da
  SBassett authored Dec 14, 2021
```
* Remove user commands as those aren't supported here, apparently (https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2750)
```
  da6252da
- * Add apt-get install git (apparently not included within node images?) · b3ece6f8
  SBassett authored Dec 14, 2021
```
* Add user root/nobody in before_script directive for better permissions control
```
  b3ece6f8
- Add support for multiple, nested package.json and package-lock.json files (Bug: T296806) · cd78b065
  SBassett authored Dec 14, 2021
  
  cd78b065
- Explicitly set default cli opts · 61bb6a78
  SBassett authored Dec 14, 2021
  
  61bb6a78
- Add support for multiple, nested package.json and package-lock.json files (Bug: T296806) · 54f9f536
  SBassett authored Dec 14, 2021
  
  54f9f536
- Add support for multiple, nested package.json and package-lock.json files (Bug: T296806) · 1b4ae4e0
  SBassett authored Dec 14, 2021
  
  1b4ae4e0
01 Dec, 2021 2 commits
- Set opts to empty string (seems to be a bug with check-outdated) · 895d1279
  SBassett authored Dec 01, 2021
  
  895d1279
- Set opts to empty string (seems to be a bug with check-outdated) · 8f6a7432
  SBassett authored Dec 01, 2021
  
  8f6a7432