Merge pull request #712 from xeroxinteractive/AL-deps

Move @pnpm/audit to deps
xeroxinteractive · Dec 1, 2022 · 5d6e4a7 · 5d6e4a7
2 parents ab28e54 + 5cbbaa2
commit 5d6e4a7
Show file tree

Hide file tree

Showing 15 changed files with 155 additions and 24 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -15,7 +15,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [14.x, 16.x]
+        node-version: [16.x, 18.x]
 
     steps:
       - uses: actions/checkout@v3

diff --git a/__tests__/npm-vulnerable-allow-function/package.json b/__tests__/npm-vulnerable-allow-function/package.json
@@ -1,6 +1,7 @@
 {
   "name": "npm-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }
-}
+}
diff --git a/__tests__/npm-vulnerable-allow-pkg/package.json b/__tests__/npm-vulnerable-allow-pkg/package.json
@@ -1,6 +1,7 @@
 {
   "name": "npm-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }
-}
+}
diff --git a/__tests__/npm-vulnerable/package.json b/__tests__/npm-vulnerable/package.json
@@ -1,6 +1,7 @@
 {
   "name": "npm-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }
-}
+}
diff --git a/__tests__/npm/package.json b/__tests__/npm/package.json
@@ -1,6 +1,7 @@
 {
   "name": "npm",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "4.0.0"
   }
-}
+}
diff --git a/__tests__/pnpm-vulnerable-allow-function/package.json b/__tests__/pnpm-vulnerable-allow-function/package.json
@@ -1,5 +1,6 @@
 {
   "name": "pnpm-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }

diff --git a/__tests__/pnpm-vulnerable-allow-pkg/package.json b/__tests__/pnpm-vulnerable-allow-pkg/package.json
@@ -1,5 +1,6 @@
 {
   "name": "pnpm-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }

diff --git a/__tests__/pnpm-vulnerable/package.json b/__tests__/pnpm-vulnerable/package.json
@@ -1,5 +1,6 @@
 {
   "name": "pnpm-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }

diff --git a/__tests__/pnpm/package.json b/__tests__/pnpm/package.json
@@ -1,5 +1,6 @@
 {
   "name": "pnpm",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "4.0.0"
   }

diff --git a/__tests__/yarn-vulnerable-allow-function/package.json b/__tests__/yarn-vulnerable-allow-function/package.json
@@ -1,5 +1,6 @@
 {
   "name": "yarn-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }

diff --git a/__tests__/yarn-vulnerable-allow-pkg/package.json b/__tests__/yarn-vulnerable-allow-pkg/package.json
@@ -1,5 +1,6 @@
 {
   "name": "yarn-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }

diff --git a/__tests__/yarn-vulnerable/package.json b/__tests__/yarn-vulnerable/package.json
@@ -1,5 +1,6 @@
 {
   "name": "yarn-vulnerable",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "3.0.1"
   }

diff --git a/__tests__/yarn/package.json b/__tests__/yarn/package.json
@@ -1,5 +1,6 @@
 {
   "name": "yarn",
+  "version": "1.0.0",
   "dependencies": {
     "mem": "4.0.0"
   }

diff --git a/package.json b/package.json
@@ -67,7 +67,6 @@
   },
   "devDependencies": {
     "@auto-it/slack": "10.37.6",
-    "@pnpm/audit": "5.0.2",
     "@types/jest": "29.2.3",
     "@types/node": "18.11.9",
     "@xerox/eslint-config": "5.0.2",
@@ -83,8 +82,9 @@
   },
   "dependencies": {
     "@antfu/ni": "0.18.6",
-    "execa": "^5.1.1",
-    "pkg-dir": "^5.0.0"
+    "@pnpm/audit": "6.0.1",
+    "execa": "5.1.1",
+    "pkg-dir": "5.0.0"
   },
   "resolutions": {
     "set-value": ">=2.0.1",
@@ -168,4 +168,4 @@
       }
     ]
   }
-}
+}