deps: npm-audit-report@3.0.0

 * properly track which vuln was printed to remove duplicates

6 files changed, 45 insertions, 30 deletions

diff --git a/node_modules/npm-audit-report/lib/colors.js b/node_modules/npm-audit-report/lib/colors.js
index ad76870fd..2fbf5c360 100644
--- a/node_modules/npm-audit-report/lib/colors.js
+++ b/node_modules/npm-audit-report/lib/colors.js
@@ -19,6 +19,6 @@ module.exports = color => {
     magenta,
     yellow,
     white,
-    severity
+    severity,
   }
 }
diff --git a/node_modules/npm-audit-report/lib/exit-code.js b/node_modules/npm-audit-report/lib/exit-code.js
index 7a32ac6db..fcb580b51 100644
--- a/node_modules/npm-audit-report/lib/exit-code.js
+++ b/node_modules/npm-audit-report/lib/exit-code.js
@@ -5,7 +5,7 @@ const severities = new Map(Object.entries([
   'moderate',
   'high',
   'critical',
-  'none'
+  'none',
 ]).map(s => s.reverse()))
 
 module.exports = (data, level) =>
diff --git a/node_modules/npm-audit-report/lib/index.js b/node_modules/npm-audit-report/lib/index.js
index 9ee86be79..63063f925 100644
--- a/node_modules/npm-audit-report/lib/index.js
+++ b/node_modules/npm-audit-report/lib/index.js
@@ -4,7 +4,7 @@ const reporters = {
   install: require('./reporters/install'),
   detail: require('./reporters/detail'),
   json: require('./reporters/json'),
-  quiet: require('./reporters/quiet')
+  quiet: require('./reporters/quiet'),
 }
 
 const exitCode = require('./exit-code.js')
@@ -20,20 +20,22 @@ module.exports = Object.assign((data, options = {}) => {
   // CLI defaults this to `null` so the defaulting method above doesn't work
   const auditLevel = options.auditLevel || 'low'
 
-  if (!data)
+  if (!data) {
     throw Object.assign(
       new TypeError('ENOAUDITDATA'),
       {
         code: 'ENOAUDITDATA',
-        message: 'missing audit data'
+        message: 'missing audit data',
       }
     )
+  }
 
-  if (typeof data.toJSON === 'function')
+  if (typeof data.toJSON === 'function') {
     data = data.toJSON()
+  }
 
   return {
     report: reporters[reporter](data, { color, unicode, indent }),
-    exitCode: exitCode(data, auditLevel)
+    exitCode: exitCode(data, auditLevel),
   }
 }, { reporters })
diff --git a/node_modules/npm-audit-report/lib/reporters/detail.js b/node_modules/npm-audit-report/lib/reporters/detail.js
index 50451f057..ba2f01383 100644
--- a/node_modules/npm-audit-report/lib/reporters/detail.js
+++ b/node_modules/npm-audit-report/lib/reporters/detail.js
@@ -6,7 +6,7 @@ const install = require('./install.js')
 module.exports = (data, { color }) => {
   const summary = install.summary(data, { color })
   const none = data.metadata.vulnerabilities.total === 0
-  return none ? summary : fullReport(data, {color, summary})
+  return none ? summary : fullReport(data, { color, summary })
 }
 
 const fullReport = (data, { color, summary }) => {
@@ -14,10 +14,11 @@ const fullReport = (data, { color, summary }) => {
   const output = [c.white('# npm audit report'), '']
 
   const printed = new Set()
-  for (const [name, vuln] of Object.entries(data.vulnerabilities)) {
+  for (const [, vuln] of Object.entries(data.vulnerabilities)) {
     // only print starting from the top-level advisories
-    if (vuln.via.filter(v => typeof v !== 'string').length !== 0)
-      output.push(printVuln(vuln, c, data.vulnerabilities))
+    if (vuln.via.filter(v => typeof v !== 'string').length !== 0) {
+      output.push(printVuln(vuln, c, data.vulnerabilities, printed))
+    }
   }
 
   output.push(summary)
@@ -25,9 +26,10 @@ const fullReport = (data, { color, summary }) => {
   return output.join('\n')
 }
 
-const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') => {
-  if (printed.has(vuln))
+const printVuln = (vuln, c, vulnerabilities, printed, indent = '') => {
+  if (printed.has(vuln)) {
     return null
+  }
 
   printed.add(vuln)
   const output = []
@@ -59,7 +61,7 @@ const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') =
           `${c.yellow('fix available')} via \`npm audit fix --force\``,
           `Will install ${fa.name}@${fa.version}` +
           `, which is ${fa.isSemVerMajor ? 'a breaking change' :
-            'outside the stated dependency range' }`
+            'outside the stated dependency range'}`
         )
       }
     }
@@ -70,10 +72,10 @@ const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') =
   }
 
   for (const effect of vuln.effects) {
-    const vuln = vulnerabilities[effect]
-    const e = printVuln(vuln, c, vulnerabilities, printed, '  ')
-    if (e)
+    const e = printVuln(vulnerabilities[effect], c, vulnerabilities, printed, '  ')
+    if (e) {
       output.push(...e.split('\n'))
+    }
   }
 
   if (indent === '') {
diff --git a/node_modules/npm-audit-report/lib/reporters/install.js b/node_modules/npm-audit-report/lib/reporters/install.js
index fe53be3ad..cb8a24969 100644
--- a/node_modules/npm-audit-report/lib/reporters/install.js
+++ b/node_modules/npm-audit-report/lib/reporters/install.js
@@ -3,7 +3,7 @@ const colors = require('../colors.js')
 const calculate = (data, { color }) => {
   const c = colors(color)
   const output = []
-  const { metadata: { vulnerabilities }} = data
+  const { metadata: { vulnerabilities } } = data
   const vulnCount = vulnerabilities.total
 
   let someFixable = false
@@ -14,7 +14,7 @@ const calculate = (data, { color }) => {
   if (vulnCount === 0) {
     output.push(`found ${c.green('0')} vulnerabilities`)
   } else {
-    for (const [name, vuln] of Object.entries(data.vulnerabilities)) {
+    for (const [, vuln] of Object.entries(data.vulnerabilities)) {
       const { fixAvailable } = vuln
       someFixable = someFixable || fixAvailable === true
       someUnfixable = someUnfixable || fixAvailable === false
@@ -45,7 +45,7 @@ const calculate = (data, { color }) => {
     if (someFixable) {
       output.push('', 'To address ' +
         (someForceFixable || someUnfixable ? 'issues that do not require attention'
-          : 'all issues') + ', run:\n  npm audit fix')
+        : 'all issues') + ', run:\n  npm audit fix')
     }
 
     if (someForceFixable) {
@@ -66,10 +66,10 @@ const calculate = (data, { color }) => {
   return {
     summary,
     report: vulnCount > 0 ? `${summary}\n\nRun \`npm audit\` for details.`
-      : summary
+    : summary,
   }
 }
 
 module.exports = Object.assign((data, opt) => calculate(data, opt).report, {
-  summary: (data, opt) => calculate(data, opt).summary
+  summary: (data, opt) => calculate(data, opt).summary,
 })
diff --git a/node_modules/npm-audit-report/package.json b/node_modules/npm-audit-report/package.json
index c819b9608..8749c1458 100644
--- a/node_modules/npm-audit-report/package.json
+++ b/node_modules/npm-audit-report/package.json
@@ -1,6 +1,6 @@
 {
   "name": "npm-audit-report",
-  "version": "2.1.5",
+  "version": "3.0.0",
   "description": "Given a response from the npm security api, render it into a variety of security reports",
   "main": "lib/index.js",
   "scripts": {
@@ -8,7 +8,12 @@
     "snap": "tap",
     "preversion": "npm test",
     "postversion": "npm publish",
-    "prepublishOnly": "git push origin --follow-tags"
+    "prepublishOnly": "git push origin --follow-tags",
+    "lint": "eslint \"**/*.js\"",
+    "postlint": "template-oss-check",
+    "template-oss-apply": "template-oss-apply --force",
+    "lintfix": "npm run lint -- --fix",
+    "posttest": "npm run lint"
   },
   "tap": {
     "check-coverage": true,
@@ -20,14 +25,16 @@
     "report",
     "audit"
   ],
-  "author": "Adam Baldwin",
+  "author": "GitHub Inc.",
   "license": "ISC",
   "dependencies": {
     "chalk": "^4.0.0"
   },
   "devDependencies": {
+    "@npmcli/eslint-config": "^3.0.1",
+    "@npmcli/template-oss": "3.1.2",
     "require-inject": "^1.4.4",
-    "tap": "^14.10.7"
+    "tap": "^16.0.0"
   },
   "directories": {
     "lib": "lib",
@@ -35,18 +42,22 @@
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/npm/npm-audit-report.git"
+    "url": "https://github.com/npm/npm-audit-report.git"
   },
   "bugs": {
     "url": "https://github.com/npm/npm-audit-report/issues"
   },
   "homepage": "https://github.com/npm/npm-audit-report#readme",
   "files": [
-    "index.js",
-    "lib",
+    "bin/",
+    "lib/",
     "reporters"
   ],
   "engines": {
-    "node": ">=10"
+    "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
+  },
+  "templateOSS": {
+    "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
+    "version": "3.1.2"
   }
 }