Releases: NodeSecure/cli
Releases · NodeSecure/cli
v0.9.0
New release using the new NodeSecure back-end.
Highlights
- Now use ESM instead of CJS.
- Moving away from Jest to use tape for Unit testing.
- Use
@nodesecure/scanner
v3.0.0: https://github.com/NodeSecure/scanner/releases/tag/v3.0.0 - Use
@nodesecure/vis-network
: https://github.com/NodeSecure/vis-network - All CLI commands are now properly implemented in
./src/commands
. - The http server has been completely cleaned and separated into several files at
./src/http-server
.
Some enhancement from the new back-end:
- New trojan source detection on JS-X-Ray.
- Better support for npm resolvers (adding
github:
andgit:
). - Better management and retrieval of authors and maintainers.
- A lot of work around package vulnerabilities (now with a standard format). See NodeSecure/vuln.
Bug fix
- Fixed bundlephobia CORS issue.
- Fixed a bug where the http server would not open.
v0.8.0
Official v0.8.0 release of nsecure (not an npm pre-release this time).
Highlights
- Add a new flag to detect native addons/codes (#57) 🐲
- Several important code maintenances (flags, tarball analysis, metadata fetcher ..)
- fix(i18n): Add missing translation for global warnings (#63) by @kecsou
- feat: stdout global warnings by @CroquetMickael
- feat: add summary command (v1) (#62) by @tony-go
- refactor(build): replace webpack with esbuild
- feat: add version to nsecure json payload by @tony-go
- chore: replace Travis with GitHub actions by @targos
- enhance flags description
Thanks for all contributions.
Bug Fix
- fixed some edge cases with arborist
- fix: use proper npmUser.name instead of name for pkg publisher
v0.8.0-1
Highlights
- chore: update js-x-ray (2.0.3 to 2.2.0) (fewer false positives, reduced by 50% for Encoded-literals).
- feat: allow to search packages by size - 8baaf8f
- feat: allow to run verify cmd on local project - f16f76e
- feat: add a preview of the incriminated code during mouse over (#52) by Tony - 8af3a98
- fix(i18n): typos and consistency by Antoine - aa7aef9
Thanks @tony-go and @antoineneff for their contributions.
Bug fix
- fix(cwd): use exclude instead of store to allow re-link deps - e71bb2c
- fix(cwd): use latest if version is undefined or equal to '*' - dadd313
Thanks to RemyTinco (Nopoza) for testing and reporting some issues for this release.