fix: audit

pnpm · Oct 22, 2022 · 844b1da · 844b1da
1 parent 1d73663
commit 844b1da
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 0 deletions.
diff --git a/packages/audit/src/index.ts b/packages/audit/src/index.ts
@@ -35,6 +35,9 @@ export default async function audit (
     retry: opts.retry,
     timeout: opts.timeout,
   })
+  if (res.status === 404) {
+    throw new AuditEndpointNotExistsError(auditUrl)
+  }
   if (res.status !== 200) {
     throw new PnpmError('AUDIT_BAD_RESPONSE', `The audit endpoint (at ${auditUrl}) responded with ${res.status}: ${await res.text()}`)
   }

diff --git a/packages/plugin-commands-audit/src/audit.ts b/packages/plugin-commands-audit/src/audit.ts
@@ -171,6 +171,8 @@ export async function handler (
         output: err.message,
       }
     }
+
+    throw err
   }
   if (opts.fix) {
     const newOverrides = await fix(opts.dir, auditReport)

diff --git a/packages/plugin-commands-audit/test/fix.ts b/packages/plugin-commands-audit/test/fix.ts
@@ -10,6 +10,9 @@ const f = fixtures(__dirname)
 const registries = {
   default: 'https://registry.npmjs.org/',
 }
+const rawConfig = {
+  registry: registries.default,
+}
 
 test('overrides are added for vulnerable dependencies', async () => {
   const tmp = f.prepare('has-vulnerabilities')
@@ -22,6 +25,8 @@ test('overrides are added for vulnerable dependencies', async () => {
     auditLevel: 'moderate',
     dir: tmp,
     fix: true,
+    userConfig: {},
+    rawConfig,
     registries,
   })
 
@@ -44,6 +49,8 @@ test('no overrides are added if no vulnerabilities are found', async () => {
     auditLevel: 'moderate',
     dir: tmp,
     fix: true,
+    userConfig: {},
+    rawConfig,
     registries,
   })
 

diff --git a/packages/plugin-commands-audit/test/index.ts b/packages/plugin-commands-audit/test/index.ts
@@ -1,12 +1,16 @@
 import path from 'path'
 import { audit } from '@pnpm/plugin-commands-audit'
+import { AuditEndpointNotExistsError } from '@pnpm/audit'
 import nock from 'nock'
 import stripAnsi from 'strip-ansi'
 import * as responses from './utils/responses'
 
 const registries = {
   default: 'https://registry.npmjs.org/',
 }
+const rawConfig = {
+  registry: registries.default,
+}
 
 test('audit', async () => {
   nock(registries.default)
@@ -15,6 +19,8 @@ test('audit', async () => {
 
   const { output, exitCode } = await audit.handler({
     dir: path.join(__dirname, 'fixtures/has-vulnerabilities'),
+    userConfig: {},
+    rawConfig,
     registries,
   })
   expect(exitCode).toBe(1)
@@ -30,6 +36,8 @@ test('audit --dev', async () => {
     dir: path.join(__dirname, 'fixtures/has-vulnerabilities'),
     dev: true,
     production: false,
+    userConfig: {},
+    rawConfig,
     registries,
   })
 
@@ -45,6 +53,8 @@ test('audit --audit-level', async () => {
   const { output, exitCode } = await audit.handler({
     auditLevel: 'moderate',
     dir: path.join(__dirname, 'fixtures/has-vulnerabilities'),
+    userConfig: {},
+    rawConfig,
     registries,
   })
 
@@ -59,6 +69,8 @@ test('audit: no vulnerabilities', async () => {
 
   const { output, exitCode } = await audit.handler({
     dir: path.join(__dirname, '../../../fixtures/has-outdated-deps'),
+    userConfig: {},
+    rawConfig,
     registries,
   })
 
@@ -74,6 +86,8 @@ test('audit --json', async () => {
   const { output, exitCode } = await audit.handler({
     dir: path.join(__dirname, 'fixtures/has-vulnerabilities'),
     json: true,
+    userConfig: {},
+    rawConfig,
     registries,
   })
 
@@ -91,6 +105,8 @@ test.skip('audit does not exit with code 1 if the found vulnerabilities are havi
     auditLevel: 'high',
     dir: path.join(__dirname, 'fixtures/has-vulnerabilities'),
     dev: true,
+    userConfig: {},
+    rawConfig,
     registries,
   })
 
@@ -109,6 +125,8 @@ test('audit does not exit with code 1 if the registry responds with a non-200 re
     fetchRetries: 0,
     ignoreRegistryErrors: true,
     production: false,
+    userConfig: {},
+    rawConfig,
     registries,
   })