feat: add audit and fund flags to install

Closes #108
npm · Mar 31, 2022 · 0555d67 · 0555d67
1 parent ba5907b
commit 0555d67
Show file tree

Hide file tree

Showing 8 changed files with 22 additions and 22 deletions.
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
@@ -23,5 +23,5 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -30,7 +30,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -82,5 +82,5 @@ jobs:
         if: ${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
@@ -36,7 +36,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout ${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"

diff --git a/lib/content/audit.yml b/lib/content/audit.yml
@@ -12,5 +12,5 @@ jobs:
     steps:
       {{> setupGit}}
       {{> setupNode}}
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
diff --git a/lib/content/ci.yml b/lib/content/ci.yml
@@ -28,7 +28,7 @@ jobs:
     steps:
       {{> setupGit}}
       {{> setupNode}}
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
 
   test:
@@ -55,5 +55,5 @@ jobs:
     steps:
       {{> setupGit}}
       {{> setupNode useMatrix=true}}
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
diff --git a/lib/content/post-dependabot.yml b/lib/content/post-dependabot.yml
@@ -26,7 +26,7 @@ jobs:
           GITHUB_TOKEN: $\{{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout $\{{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"

diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs
@@ -153,7 +153,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
 
 .github/workflows/ci.yml
@@ -190,7 +190,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -242,7 +242,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
 
 .github/workflows/codeql-analysis.yml
@@ -332,7 +332,7 @@ jobs:
           GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout \${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
@@ -632,7 +632,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
 
 .github/workflows/ci-bbb.yml
@@ -673,7 +673,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint -w bbb
 
   test:
@@ -725,7 +725,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts -w bbb
 
 .github/workflows/ci-name-aaaa.yml
@@ -766,7 +766,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint -w @name/aaaa
 
   test:
@@ -818,7 +818,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts -w @name/aaaa
 
 .github/workflows/ci.yml
@@ -855,7 +855,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -907,7 +907,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
 
 .github/workflows/codeql-analysis.yml
@@ -997,7 +997,7 @@ jobs:
           GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout \${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"

diff --git a/tap-snapshots/test/check/diffs.js.test.cjs b/tap-snapshots/test/check/diffs.js.test.cjs
@@ -333,7 +333,7 @@ The repo file ci.yml needs to be updated:
   +        if: \${{ !startsWith(matrix.node-version, '10.') }}
   +        run: npm i --prefer-online --no-fund --no-audit -g npm@latest
   +      - run: npm -v
-  +      - run: npm i --ignore-scripts
+  +      - run: npm i --ignore-scripts --no-audit --no-fund
   +      - run: npm test --ignore-scripts
 
 To correct it: npx template-oss-apply --force
@@ -373,7 +373,7 @@ The repo file audit.yml needs to be updated:
         - name: Update npm to latest
           run: npm i --prefer-online --no-fund --no-audit -g npm@latest
         - run: npm -v
-        - run: npm i --ignore-scripts --package-lock
+        - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
         - run: npm audit