github oke-py/npm-audit-action v3.0.0
on GitHub

4 months ago

npm-audit-action v3.0.0 Release Notes

Major Changes

Runtime Environment

  • Node.js 20 Support: Updated minimum Node.js version from 16 to 20
  • ES Modules Migration: Converted codebase from CommonJS to ES Modules
  • Modern JavaScript: Modernized code to ES2020 standards

Development Infrastructure

  • Testing Framework: Migrated from Jest to Vitest
  • Linting: Upgraded to ESLint 9 with updated configurations
  • Build Process: Updated TypeScript configuration and build pipeline

Dependencies

  • Core Dependencies:
    • Updated @actions/core from 1.10.1 to 1.11.1
    • Updated @actions/github to v6.0.0
    • Updated @octokit/rest to v21.1.1
    • Replaced axios calls with Octokit
    • Updated strip-ansi to v7.1.0

GitHub Actions

  • Action Dependencies:
    • Bumped actions/checkout from v3 to v4
    • Bumped actions/setup-node from v3 to v4
    • Bumped stefanzweifel/git-auto-commit-action from v4 to v5

Breaking Changes

The upgrade to Node.js 20 may require users to update their GitHub Actions workflows if they're currently pinned to older Node.js versions. Update your workflow files to use a compatible runner that supports Node.js 20.

How to Upgrade

Update your GitHub Actions workflow to use the new version: 

- uses: oke-py/npm-audit-action@v3
  with:
    audit_level: moderate
    github_token: ${{ secrets.GITHUB_TOKEN }}
    issue_assignees: your-username
    issue_labels: vulnerability,security
    dedupe_issues: true

Full Changelog

For a complete list of changes, see the full changelog.

Check out latest releases or
releases around oke-py/npm-audit-action v3.0.0

Don't miss a new npm-audit-action release

NewReleases is sending notifications on new releases.

Get notifications