Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid truncated logs by using spawnSync to inherit stdio streams #16

Merged
merged 6 commits into from
Apr 2, 2021
Merged

Avoid truncated logs by using spawnSync to inherit stdio streams #16

merged 6 commits into from
Apr 2, 2021

Conversation

curvedriver
Copy link
Contributor

Replaced exec calls with spawnSync to ensure that huge logs will not be truncated.

child_process.exec uses a buffer for stdio and stderr which causes truncated logs if npm audit logs thousands of security vulnerabilities.

shell: true is necessary to avoid ENOENT in case of npx and npm because these are CMD files with a *.cmd extension.

@curvedriver
Add missing semicolon
cd2e0b2
@curvedriver
Use spawnSync to avoid truncated logs
73ec08f 
Replaced child_process.exec with child_process.spawnSync.

Reason: child_process.exec uses a buffer for stdio and 
stderr which causes truncated logs if `npm audit` logs
thousands of security vulnerabilities.

shell: true is necessary to avoid ENOENT in case of npx and npm
because these are CMD files with a *.cmd extension.
@curvedriver
Regression - Check for auditResult.status to fix
6a38dfa 
Execute npm audit fix if auditResult.status!=0 and argv.fix==true.
Base automatically changed from master to main February 19, 2021 07:55
@curvedriver
Copy link
Contributor Author

Hi @tnobody ,
I updated this PR to 1.3.1. Do you have any plans to merge this PR?

@curvedriver
Copy link
Contributor Author

Hi @tnobody ,
I updated this PR to 1.3.1. Do you have any plans to merge this PR?

@svettwer are you able to merge this PR?

@svettwer
Copy link
Collaborator

Hi @curvedriver 👋
Yes, I'll take a look at it next week when I'm on vacation. 👍

@curvedriver
Copy link
Contributor Author

thanks @svettwer !

@svettwer svettwer merged commit 9c92681 into tnobody:main Apr 2, 2021
@curvedriver curvedriver deleted the use-spawnSync branch April 2, 2021 17:50
@curvedriver
Copy link
Contributor Author

@svettwer , thanks for merging!

@svettwer
Copy link
Collaborator

svettwer commented Apr 2, 2021

You're welcome and thx for your contribution! Your changes have been released under version 1.3.2.
Happy auditing! 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@curvedriver @svettwer