Add task for running 'npm audit fix' for both client and backend sides

2018-10-21 15:39:05 +02:00 · 2018-10-21 15:39:05 +02:00 · cf7ce65b36
parent ed22e19215
commit cf7ce65b36
1 changed files with 8 additions and 0 deletions
--- a/8
+++ b/8
@ -27,3 +27,11 @@ update-package-locks:
 	sed -i 's/"resolved": "http:/"resolved": "https:/g' package-lock.json && \
 	cd ../distribution/client && $(NODE) npm install && \
 	sed -i 's/"resolved": "http:/"resolved": "https:/g' package-lock.json
+
+npm-audit-fix:
+	# Sigh, the sed for forcing https below is recommended by the npm registry team itself...
+	# https://npm.community/t/some-packages-have-dist-tarball-as-http-and-not-https/285/13
+	cd services/ &&	$(NODE) npm audit fix && \
+	sed -i 's/"resolved": "http:/"resolved": "https:/g' package-lock.json && \
+	cd ../distribution/client && $(NODE) npm audit fix && \
+	sed -i 's/"resolved": "http:/"resolved": "https:/g' package-lock.json