From 0555d670b6f4ebc5929e65af28daae1e34599369 Mon Sep 17 00:00:00 2001
From: Luke Karrys <luke@lukekarrys.com>
Date: Tue, 29 Mar 2022 21:45:28 -0700
Subject: [PATCH] feat: add audit and fund flags to install

Closes #108
---
 .github/workflows/audit.yml                   |  2 +-
 .github/workflows/ci.yml                      |  4 ++--
 .github/workflows/post-dependabot.yml         |  2 +-
 lib/content/audit.yml                         |  2 +-
 lib/content/ci.yml                            |  4 ++--
 lib/content/post-dependabot.yml               |  2 +-
 .../test/apply/full-content.js.test.cjs       | 24 +++++++++----------
 tap-snapshots/test/check/diffs.js.test.cjs    |  4 ++--
 8 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 549243ae..03dcd937 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -23,5 +23,5 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8067c86d..c04f4181 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -30,7 +30,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -82,5 +82,5 @@ jobs:
         if: ${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
index 3327db21..7ad2555d 100644
--- a/.github/workflows/post-dependabot.yml
+++ b/.github/workflows/post-dependabot.yml
@@ -36,7 +36,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout ${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
diff --git a/lib/content/audit.yml b/lib/content/audit.yml
index 3680e102..0bd4c704 100644
--- a/lib/content/audit.yml
+++ b/lib/content/audit.yml
@@ -12,5 +12,5 @@ jobs:
     steps:
       {{> setupGit}}
       {{> setupNode}}
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
diff --git a/lib/content/ci.yml b/lib/content/ci.yml
index 74a05f82..bc62aff3 100644
--- a/lib/content/ci.yml
+++ b/lib/content/ci.yml
@@ -28,7 +28,7 @@ jobs:
     steps:
       {{> setupGit}}
       {{> setupNode}}
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
 
   test:
@@ -55,5 +55,5 @@ jobs:
     steps:
       {{> setupGit}}
       {{> setupNode useMatrix=true}}
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts {{~#if isWorkspace}} -w {{pkgName}}{{/if}}
diff --git a/lib/content/post-dependabot.yml b/lib/content/post-dependabot.yml
index e1c0325a..81a58021 100644
--- a/lib/content/post-dependabot.yml
+++ b/lib/content/post-dependabot.yml
@@ -26,7 +26,7 @@ jobs:
           GITHUB_TOKEN: $\{{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout $\{{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
diff --git a/tap-snapshots/test/apply/full-content.js.test.cjs b/tap-snapshots/test/apply/full-content.js.test.cjs
index 94fe8015..33d01fdf 100644
--- a/tap-snapshots/test/apply/full-content.js.test.cjs
+++ b/tap-snapshots/test/apply/full-content.js.test.cjs
@@ -153,7 +153,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
 
 .github/workflows/ci.yml
@@ -190,7 +190,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -242,7 +242,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
 
 .github/workflows/codeql-analysis.yml
@@ -332,7 +332,7 @@ jobs:
           GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout \${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
@@ -632,7 +632,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
 
 .github/workflows/ci-bbb.yml
@@ -673,7 +673,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint -w bbb
 
   test:
@@ -725,7 +725,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts -w bbb
 
 .github/workflows/ci-name-aaaa.yml
@@ -766,7 +766,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint -w @name/aaaa
 
   test:
@@ -818,7 +818,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts -w @name/aaaa
 
 .github/workflows/ci.yml
@@ -855,7 +855,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -907,7 +907,7 @@ jobs:
         if: \${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
 
 .github/workflows/codeql-analysis.yml
@@ -997,7 +997,7 @@ jobs:
           GITHUB_TOKEN: \${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout \${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
diff --git a/tap-snapshots/test/check/diffs.js.test.cjs b/tap-snapshots/test/check/diffs.js.test.cjs
index 73f61c5f..83abafbc 100644
--- a/tap-snapshots/test/check/diffs.js.test.cjs
+++ b/tap-snapshots/test/check/diffs.js.test.cjs
@@ -333,7 +333,7 @@ The repo file ci.yml needs to be updated:
   +        if: \${{ !startsWith(matrix.node-version, '10.') }}
   +        run: npm i --prefer-online --no-fund --no-audit -g npm@latest
   +      - run: npm -v
-  +      - run: npm i --ignore-scripts
+  +      - run: npm i --ignore-scripts --no-audit --no-fund
   +      - run: npm test --ignore-scripts
 
 To correct it: npx template-oss-apply --force
@@ -373,7 +373,7 @@ The repo file audit.yml needs to be updated:
         - name: Update npm to latest
           run: npm i --prefer-online --no-fund --no-audit -g npm@latest
         - run: npm -v
-        - run: npm i --ignore-scripts --package-lock
+        - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
         - run: npm audit