v1.6.0

Features

• feat: add the ability to run with '--production' (#75) (42e6d27)

Commits

• update README & npm run all (3868af0)
• 1.6.0 (56422b6)
• feat: add the ability to run with '--production' (#75) (42e6d27)
• Bump @actions/core from 1.2.5 to 1.2.6 (#71) (107a3c4)
• use v1.5.2 (8658755)

Contributors

sgkiokas

v1.5.2

This is a minor security release.

v1.5.1

This is a bug fix release.

Commits

• v1.5.1 (#68) (75b1716)
• Catch errors thrown by Audit.run and increase child process buffer size (#67) (b0bc596)
• add Dockerfile to use VSCode Remote Container (4adc177)

Contributor

• Spencer Small

v1.5.0

Features

• support dedupe_issues. If 'true', action will not create a new issue when one is already open.

Commits

• update example & daily scan to use v1.5.0 with dedupe_issues=true (f6ba9be)
• 1.5.0 (711840e)
• Support de-duping issues (#65) (261cbab)

Contributor

• Spencer Small

v1.4.0

Features

• support working_directory. This can be used when package.json is not in the project root directory.

Commits

• update action.yml to support working_directory (1c3165e)
• update README.md (94ec1a7)
• bump version to v1.4.0 (6ca4ad5)
• support different working directory (#64) (5209022)
• update dependencies (#63) (277fc87)
• update @octokit/rest from 16.43.1 to 17.9.2 (#62) (161485c)
• bump version to v1.3.1 (49b1b8c)

v1.3.1

Security

• fixes CVE-2020-11021 (GHSA-9w6v-m7wp-jwg4)

Commits

• Bump @actions/http-client from 1.0.6 to 1.0.8 (#58) (081ab6e)
• npm update (#56) (79bd1d0)
• npm update dependencies (#59) (8e21576)

v1.3.0

New Features

• With audit_level, Action fails only if vulnerabilities more critical than audit_level value are found. (#36)

misc

• Update devDependencies to fix some vulnerabilities.

v1.2.0

Update dependencies

v1.1.0

Create a PR comment when action is triggered by PR and vulnerabilities are found.

v1.0.1

only set branding