3.1.22

fix(core): update
3.1.21
2019-02-24 22:50:12 +01:00 · 2019-02-24 22:50:12 +01:00 · 2018-12-24 02:13:05 +01:00 · 2018-12-24 02:13:04 +01:00 · 2018-12-23 18:57:15 +01:00 · 2018-12-23 18:57:15 +01:00
7 changed files with 77 additions and 39 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -34,6 +34,31 @@ snyk:
  - docker
  - notpriv

+sast:
+  stage: security
+  image: registry.gitlab.com/hosttoday/ht-docker-dbase:npmci
+  variables:
+    DOCKER_DRIVER: overlay2
+  allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command npm run build
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
+  artifacts:
+    reports:
+      sast: gl-sast-report.json
+  tags:
+  - docker
+  - priv
+
 # ====================
 # test stage
 # ====================
--- a/npmextra.json
+++ b/npmextra.json
@@ -1,16 +1,26 @@
 {
-    "npmts":{
-        "mode":"default",
-        "coverageTreshold": "70",
-        "cli": true
-    },
-    "npmci": {
-        "npmGlobalTools": [],
-        "npmAccessLevel": "public",
-        "npmRegistryUrl": "registry.npmjs.org"
-    },
-    "npmdocker":{
-        "baseImage":"hosttoday/ht-docker-node:npmci",
-        "command": "npmci test stable"
+  "npmts": {
+    "mode": "default",
+    "coverageTreshold": "70",
+    "cli": true
+  },
+  "npmci": {
+    "npmGlobalTools": [],
+    "npmAccessLevel": "public",
+    "npmRegistryUrl": "registry.npmjs.org"
+  },
+  "npmdocker": {
+    "baseImage": "hosttoday/ht-docker-node:npmci",
+    "command": "npmci test stable"
+  },
+  "gitzone": {
+    "module": {
+      "githost": "gitlab.com",
+      "gitscope": "shipzone",
+      "gitrepo": "npmci",
+      "shortDescription": "node and docker in gitlab ci on steroids",
+      "npmPackagename": "@shipzone/npmci",
+      "license": "MIT"
    }
+  }
 }
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
  "name": "@shipzone/npmci",
-  "version": "3.1.19",
+  "version": "3.1.22",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@shipzone/npmci",
-  "version": "3.1.19",
+  "version": "3.1.22",
  "private": false,
  "description": "node and docker in gitlab ci on steroids",
  "main": "dist/index.js",
--- a/readme.md
+++ b/readme.md
@@ -1,25 +1,20 @@
-# npmci
-
+# @shipzone/npmci
 node and docker in gitlab ci on steroids

-## Availabililty
-
-[![npm](https://shipzone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/@shipzone/npmci)
-[![git](https://shipzone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/shipzone/npmci)
-[![git](https://shipzone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/shipzone/npmci)
-[![docs](https://shipzone.gitlab.io/assets/repo-button-docs.svg)](https://shipzone.gitlab.io/npmci/)
+## Availabililty and Links
+* [npmjs.org (npm package)](https://www.npmjs.com/package/@shipzone/npmci)
+* [gitlab.com (source)](https://gitlab.com/shipzone/npmci)
+* [github.com (source mirror)](https://github.com/shipzone/npmci)
+* [docs (typedoc)](https://shipzone.gitlab.io/npmci/)

 ## Status for master
-
-[![build status](https://GitLab.com/shipzone/npmci/badges/master/build.svg)](https://GitLab.com/shipzone/npmci/commits/master)
-[![coverage report](https://GitLab.com/shipzone/npmci/badges/master/coverage.svg)](https://GitLab.com/shipzone/npmci/commits/master)
-[![npm downloads per month](https://img.shields.io/npm/dm/npmci.svg)](https://www.npmjs.com/package/@shipzone/npmci)
-[![Dependency Status](https://david-dm.org/shipzone/npmci.svg)](https://david-dm.org/shipzone/npmci)
-[![bitHound Dependencies](https://www.bithound.io/github/shipzone/npmci/badges/dependencies.svg)](https://www.bithound.io/github/shipzone/npmci/master/dependencies/npm)
-[![bitHound Code](https://www.bithound.io/github/shipzone/npmci/badges/code.svg)](https://www.bithound.io/github/shipzone/npmci)
-[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
-[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
+[![build status](https://gitlab.com/shipzone/npmci/badges/master/build.svg)](https://gitlab.com/shipzone/npmci/commits/master)
+[![coverage report](https://gitlab.com/shipzone/npmci/badges/master/coverage.svg)](https://gitlab.com/shipzone/npmci/commits/master)
+[![npm downloads per month](https://img.shields.io/npm/dm/@shipzone/npmci.svg)](https://www.npmjs.com/package/@shipzone/npmci)
+[![Known Vulnerabilities](https://snyk.io/test/npm/@shipzone/npmci/badge.svg)](https://snyk.io/test/npm/@shipzone/npmci)
+[![TypeScript](https://img.shields.io/badge/TypeScript->=%203.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
+[![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
+[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-prettier-ff69b4.svg)](https://prettier.io/)

 ## Usage

@@ -98,9 +93,9 @@ For further information read the linked docs at the top of this README.

 Use TypeScript for best in class instellisense.

-For further information read the linked docs at the top of this README.
+For further information read the linked docs at the top of this readme.

 > MIT licensed | **&copy;** [Lossless GmbH](https://lossless.gmbh)
-> | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
+| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)

-[![repo-footer](https://shipzone.gitlab.io/assets/repo-footer.svg)](https://push.rocks)
+[![repo-footer](https://shipzone.gitlab.io/assets/repo-footer.svg)](https://maintainedby.lossless.com)
--- a/ts/mod_git/index.ts
+++ b/ts/mod_git/index.ts
@@ -28,8 +28,14 @@ export let mirror = async () => {
  const githubToken = process.env.NPMCI_GIT_GITHUBTOKEN;
  const githubUser = process.env.NPMCI_GIT_GITHUBGROUP || repo.user;
  const githubRepo = process.env.NPMCI_GIT_GITHUB || repo.repo;
-  if(configObject.projectInfo.npm.packageJson.private === true) {
-    logger.log('warn', `refusing to mirror due to private property`);
+  if (
+    configObject.projectInfo.npm.packageJson.private === true ||
+    configObject.npmAccessLevel === 'private'
+  ) {
+    logger.log(
+      'warn',
+      `refusing to mirror due to private property use a private mirror location instead`
+    );
    return;
  }
  if (githubToken) {
--- a/ts/mod_npm/index.ts
+++ b/ts/mod_npm/index.ts
@@ -42,7 +42,9 @@ const prepare = async () => {
  await plugins.smartparam.forEachMinimatch(process.env, 'NPMCI_TOKEN_NPM*', npmEnvArg => {
    const npmRegistryUrl = npmEnvArg.split('|')[0];
    const npmToken = npmEnvArg.split('|')[1];
-    npmrcFileString += `//${npmRegistryUrl}/:_authToken="${plugins.smartstring.base64.decode(npmToken)}"\n`;
+    npmrcFileString += `//${npmRegistryUrl}/:_authToken="${plugins.smartstring.base64.decode(
+      npmToken
+    )}"\n`;
  });
  logger.log('info', `setting default npm registry to ${config.npmRegistryUrl}`);
  npmrcFileString += `registry=https://${config.npmRegistryUrl}\n`;
Author	SHA1	Message	Date
Phil Kunz	6f6ee6d799	3.1.22	2019-02-24 22:50:12 +01:00
Phil Kunz	e30cc3f5a0	fix(core): update	2019-02-24 22:50:12 +01:00
Phil Kunz	a4562d4d1b	3.1.21	2018-12-24 02:13:05 +01:00
Phil Kunz	524b405773	fix(core): update	2018-12-24 02:13:04 +01:00
Phil Kunz	0d19c1c68d	3.1.20	2018-12-23 18:57:15 +01:00
Phil Kunz	cff79bc3b4	fix(mirror): now refusing to mirror for private code	2018-12-23 18:57:15 +01:00