IBM / audit-ci
Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found at or above a configurable threshold while ignoring allowlisted advisories
☆263Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for audit-ci
- Lint an npm or yarn lockfile to analyze and detect security issues☆785Updated 2 months ago
- Detect if the current environment is a CI server☆384Updated 3 years ago
- Configurable linter for package.json files☆224Updated this week
- semantic-release plugin to publish a npm package☆248Updated this week
- ✨ JSON schema matcher for Jest☆171Updated 3 months ago
- Get details about the current Continuous Integration environment☆324Updated last week
- ☆121Updated last year
- ESLint rules for formatting test suites written for jest.☆156Updated last year
- Suppress existing violations of new eslint rules and get back to building stuff.☆184Updated this week
- 📦:🛠✨💥 – fully automated package publishing☆683Updated 7 months ago
- Additional ESLint rules for directive comments of ESLint.☆360Updated last year
- Apply semantic-release's automatic publishing to a monorepo.☆521Updated 3 months ago
- 📦 🚀 A slack bot for semantic-release notifying release statuses☆113Updated 2 months ago
- 🍺 dev only postinstall hooks (package.json)☆259Updated last year
- A Github Action which sets the base and head SHAs required for `nx affected` commands in CI☆162Updated last week
- 🌗 Mock `Date` when run unit test cases with jest. Make tests of Date easier.☆264Updated 7 months ago
- Jest watch plugin for filtering test by file name or test name☆408Updated this week
- Quickly migrate your hooks from husky v4 to husky@latest☆131Updated 5 months ago
- Fast eslint runner☆662Updated 2 months ago
- Wait for expectation to be true, useful for integration and end to end testing. Integral part of react-testing-library.☆294Updated last year
- semantic-release-plus monorepo to build and publish all semantic-release related repositories☆70Updated 5 months ago
- PR-based changelog generator with monorepo support☆805Updated this week
- Keep watch of your bundle size☆418Updated 2 months ago
- The missing `yarn audit fix`☆181Updated 3 weeks ago
- Setup automated semver compliant package publishing☆367Updated 5 months ago
- Build 🛠 and Bundle 📦 your local workspaces. Like Bazel, Buck, Pants and Please but for Yarn Berry. Build any language, mix javascript, …☆326Updated 8 months ago
- The goal of this project is to provide additional features on top of the existing npm audit options☆117Updated 2 months ago
- Proof of concept that wraps semantic-release to work with monorepos.☆203Updated this week
- ESLint rule that reports usage of deprecated code☆330Updated last month
- Prettier plugin for package.json☆318Updated this week