v2.1.1

What's Changed

• Update dependencies by @fraxken (fixing issue with missing tslib and deprecated npm package with cacache).
• Add a warning when NODE_SECURE_TOKEN is missing by @tekeuange23 in #115
• docs: add tekeuange23 as a contributor for code by @allcontributors in #120

New Contributors

• @tekeuange23 made their first contribution in #115

Full Changelog: v2.1.0...v2.1.1

v2.1.0

What's Changed

• fix: initialize fade with bin instead of old manifest name by @PierreDemailly in #110
• chore(deps): bump undici from 5.5.1 to 5.8.0 by @dependabot in #111
• Chore add command to manage runtime configuration by @Kawacrepe in #104
• docs: add Kawacrepe as a contributor for code, bug by @allcontributors in #112
• replacement of the @slimio/async-cli-spinner library by @topcli/spinner by @halcin in #114
• docs: add halcin as a contributor for code by @allcontributors in #116
• chore(deps): bump undici from 5.8.0 to 5.10.0 by @dependabot in #117
• fix: use info as default instead of overview by @fraxken in #119

New Contributors

• @PierreDemailly made their first contribution in #110
• @Kawacrepe made their first contribution in #104
• @halcin made their first contribution in #114

Full Changelog: v2.0.0...v2.1.0

v1.0.0

What's Changed

• Move the project into the NodeSecure org and rename it cli.
• chore: fix ci by @tony-go in #94
• Add scanner v3.3.0 which add support for Workspaces by @fraxken.

Many thanks to the FrenchJavaScript community (ES-Community) that hosted the project for several years.

Full Changelog: v0.9.0...v1.0.0

v0.9.0

New release using the new NodeSecure back-end.

Highlights

• Now use ESM instead of CJS.
• Moving away from Jest to use tape for Unit testing.
• Use @nodesecure/scanner v3.0.0: https://github.com/NodeSecure/scanner/releases/tag/v3.0.0
• Use @nodesecure/vis-network: https://github.com/NodeSecure/vis-network
• All CLI commands are now properly implemented in ./src/commands.
• The http server has been completely cleaned and separated into several files at ./src/http-server.

Some enhancement from the new back-end:

• New trojan source detection on JS-X-Ray.
• Better support for npm resolvers (adding github: and git:).
• Better management and retrieval of authors and maintainers.
• A lot of work around package vulnerabilities (now with a standard format). See NodeSecure/vuln.

Bug fix

• Fixed bundlephobia CORS issue.
• Fixed a bug where the http server would not open.

v0.8.0

Official v0.8.0 release of nsecure (not an npm pre-release this time).

Highlights

• Add a new flag to detect native addons/codes (#57) 🐲
• Several important code maintenances (flags, tarball analysis, metadata fetcher ..)
• fix(i18n): Add missing translation for global warnings (#63) by @kecsou
• feat: stdout global warnings by @CroquetMickael
• feat: add summary command (v1) (#62) by @tony-go
• refactor(build): replace webpack with esbuild
• feat: add version to nsecure json payload by @tony-go
• chore: replace Travis with GitHub actions by @targos
• enhance flags description

Thanks for all contributions.

Bug Fix

• fixed some edge cases with arborist
• fix: use proper npmUser.name instead of name for pkg publisher

v0.8.0-1

Highlights

• chore: update js-x-ray (2.0.3 to 2.2.0) (fewer false positives, reduced by 50% for Encoded-literals).
• feat: allow to search packages by size - 8baaf8f
• feat: allow to run verify cmd on local project - f16f76e
• feat: add a preview of the incriminated code during mouse over (#52) by Tony - 8af3a98
• fix(i18n): typos and consistency by Antoine - aa7aef9

Thanks @tony-go and @antoineneff for their contributions.

Bug fix

• fix(cwd): use exclude instead of store to allow re-link deps - e71bb2c
• fix(cwd): use latest if version is undefined or equal to '*' - dadd313

Thanks to RemyTinco (Nopoza) for testing and reporting some issues for this release.