Skip to content

Commit 9f870a6

Browse files
droguljicdroguljic
authored
feat: explicitly ensure package manager in scan_dependencies (#9)
Install package manager explicitly using the `core/ensure_pkg_manager` command instead through the `core/install_dependencies` command since actual dependencies are not needed for the audit command, plus this should also benefit the performance.
1 parent 771ec18 commit 9f870a6

File tree

2 files changed

+11
-10
lines changed

2 files changed

+11
-10
lines changed

src/jobs/scan_dependencies.yml

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,13 @@ executor: core/node
66

77
parameters:
88
pkg_manager:
9-
type: enum
10-
enum: ['npm', 'pnpm']
11-
default: 'npm'
12-
description: Choose Node.js package manager to use.
9+
type: string
10+
default: $DEFAULT_PKG_MANAGER
11+
description: |
12+
Choose Node.js package manager to use. Supports npm and pnpm.
13+
The package manager must follow the format <name>[@<version|tag>].
14+
Omitting the version implies that the npm version is determined by the target Node.js environment,
15+
while pnpm will default to the latest version.
1316
pkg_json_dir:
1417
type: string
1518
default: '.'
@@ -25,13 +28,11 @@ parameters:
2528
2629
steps:
2730
- checkout
28-
- core/install_dependencies:
29-
pkg_manager: <<parameters.pkg_manager>>
30-
pkg_json_dir: <<parameters.pkg_json_dir>>
31+
- core/ensure_pkg_manager:
32+
ref: <<parameters.pkg_manager>>
3133
- run:
3234
name: Scan dependencies
3335
working_directory: <<parameters.pkg_json_dir>>
3436
environment:
35-
PKG_MANAGER: <<parameters.pkg_manager>>
3637
SCAN_CMD: <<parameters.scan_command>>
3738
command: <<include(scripts/scan-dependencies.sh)>>

src/scripts/scan-dependencies.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,10 @@
33
if [[ -n "$SCAN_CMD" ]]; then
44
echo "Running custom scan command: $SCAN_CMD"
55
eval "$SCAN_CMD"
6-
elif [[ "$PKG_MANAGER" == "npm" ]]; then
6+
elif [[ "$CURRENT_PKG_MANAGER" == "npm" ]]; then
77
echo "Running npm audit with high audit level omitting dev dependencies"
88
npm audit --audit-level=high --omit=dev
9-
elif [[ "$PKG_MANAGER" == "pnpm" ]]; then
9+
elif [[ "$CURRENT_PKG_MANAGER" == "pnpm" ]]; then
1010
echo "Running pnpm audit with high audit level on prod dependencies"
1111
pnpm audit --audit-level=high --prod
1212
fi

0 commit comments

Comments
 (0)