Uploaded image for project: 'Appcelerator CLI'
  1. Appcelerator CLI
  2. CLI-980

Add retire.js to build process to check for security issues

    Details

    • Type: Story
    • Status: Reopened
    • Priority: High
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: Release 6.0.0
    • Component/s: Verification
    • Labels:
      None

      Description

      Notes
      The appc-cli package, amongst others, utilizes the https://github.com/appcelerator-modules/grunt-appc-js(grunt-appc-js) task to run a grunt plugin for retire.js during its build. The configuration of the retire.js grunt plugin is not working though

      Steps to reproduce:

      1. Within the appc-cli package run: grunt

      Actual:
      retire.js does not check any source code, neither from appc-cli source nor any node modules.

      Running "retire:js" (retire) task
      Verifying property retire.js exists in config...OK
      File: [no files]
      Options: verbose, packageOnly=false, jsRepository="https://raw.github.com/RetireJS/retire.js/master/repository/jsrepository.json", nodeRepository="https://raw.github.com/RetireJS/retire.js/master/repository/npmrepository.json", logger=undefined, warnlogger=undefined, outputFile=false
      Ignoring []
      Options: verbose, packageOnly=false, jsRepository="https://raw.github.com/RetireJS/retire.js/master/repository/jsrepository.json", nodeRepository="https://raw.github.com/RetireJS/retire.js/master/repository/npmrepository.json", logger=undefined, warnlogger=undefined, outputFile=false, cachedir="/var/folders/mh/2_3ycdzx0v79p0wglc59lyrh0000gp/T/.retire-cache", ignore=[]
      Loading from cache: https://raw.github.com/RetireJS/retire.js/master/repository/jsrepository.json
      Reading /var/folders/mh/2_3ycdzx0v79p0wglc59lyrh0000gp/T/.retire-cache/1467763310826.json ...
      No vulnerabilities found.
      

      Expected:
      retire.js should check all module source code files and all node module dependencies.

        Attachments

          Activity

            People

            • Assignee:
              jvennemann Jan Vennemann
              Reporter:
              ingo Ingo Muschenetz
              Reviewer:
              Jared De La Cruz
            • Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:

                Git Source Code