Merge branch 'jeemok:master' into master

jeemok · Sep 3, 2024 · 5503a3f · 5503a3f
2 parents a0eb2a1 + 3a997eb
commit 5503a3f
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,8 @@
+## 3.9.0 (September 2, 2024)
+
+- [5df4120](https://github.com/jeemok/better-npm-audit/commit/5df4120aeadb5dc1d8750c4d863eee3bd6e1aab6) Bump micromatch from 4.0.4 to 4.0.8
+- [8820f03](https://github.com/jeemok/better-npm-audit/commit/8820f035a6ec93f402085d81f680443dd81b3906) Fix getting npm version through CLI
+
 ## 3.8.1 - 3.8.3 (August 17, 2024)
 
 - [607f16e](https://github.com/jeemok/better-npm-audit/commit/607f16edd1eebf2c022a8e6279d8061d9529ebd7) fix(build): ensure lib/index.js is executable after build

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "better-npm-audit",
-  "version": "3.8.3",
+  "version": "3.9.0",
   "author": "Jee Mok <[email protected]>",
   "description": "Reshape into a better npm audit for the community and encourage more people to include security audit into their process.",
   "license": "MIT",

diff --git a/src/utils/npm.ts b/src/utils/npm.ts
@@ -1,11 +1,10 @@
-import { exec } from 'child_process';
-import { Readable } from 'stream';
+import { execSync } from 'child_process';
 
 /**
  * Get the current npm version
  * @return {String} The npm version
  */
 export function getNpmVersion(): string {
-  const version = exec('npm --version');
-  return (version.stdout as Readable).toString();
+  const version = execSync('npm --version');
+  return version.toString();
 }
diff --git a/test/handlers/flags.test.ts b/test/handlers/flags.test.ts
@@ -1,7 +1,9 @@
 import sinon from 'sinon';
 import { expect } from 'chai';
+import * as semver from 'semver';
 import { CommandOptions } from '../../src/types';
 import handleInput from '../../src/handlers/handleInput';
+import { getNpmVersion } from '../../src/utils/npm';
 
 describe('Flags', () => {
   describe('default', () => {
@@ -92,7 +94,9 @@ describe('Flags', () => {
     it('should be able to set production mode from the command flag correctly', () => {
       const callbackStub = sinon.stub();
       const options = { production: true };
-      const auditCommand = 'npm audit --omit=dev';
+      const npmVersion = getNpmVersion();
+      const flag = semver.satisfies(npmVersion, '<=8.13.2') ? '--production' : '--omit=dev';
+      const auditCommand = `npm audit ${flag}`;
       const auditLevel = 'info';
       const exceptionIds: string[] = [];