11cb0ef41Sopenharmony_ci/* IMPORTANT 21cb0ef41Sopenharmony_ci * This snapshot file is auto-generated, but designed for humans. 31cb0ef41Sopenharmony_ci * It should be checked into source control and tracked carefully. 41cb0ef41Sopenharmony_ci * Re-generate by setting TAP_SNAPSHOT=1 and running tests. 51cb0ef41Sopenharmony_ci * Make sure to inspect the output below. Do not ignore changes! 61cb0ef41Sopenharmony_ci */ 71cb0ef41Sopenharmony_ci'use strict' 81cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit fix - bulk endpoint > lockfile has test-dep-a@1.0.1 1`] = ` 91cb0ef41Sopenharmony_ci{ 101cb0ef41Sopenharmony_ci "name": "test-dep", 111cb0ef41Sopenharmony_ci "version": "1.0.0", 121cb0ef41Sopenharmony_ci "lockfileVersion": 2, 131cb0ef41Sopenharmony_ci "requires": true, 141cb0ef41Sopenharmony_ci "packages": { 151cb0ef41Sopenharmony_ci "": { 161cb0ef41Sopenharmony_ci "name": "test-dep", 171cb0ef41Sopenharmony_ci "version": "1.0.0", 181cb0ef41Sopenharmony_ci "dependencies": { 191cb0ef41Sopenharmony_ci "test-dep-a": "*" 201cb0ef41Sopenharmony_ci } 211cb0ef41Sopenharmony_ci }, 221cb0ef41Sopenharmony_ci "node_modules/test-dep-a": { 231cb0ef41Sopenharmony_ci "version": "1.0.1", 241cb0ef41Sopenharmony_ci "resolved": "https://registry.npmjs.org/test-dep-a/-/test-dep-a-1.0.1.tgz" 251cb0ef41Sopenharmony_ci } 261cb0ef41Sopenharmony_ci }, 271cb0ef41Sopenharmony_ci "dependencies": { 281cb0ef41Sopenharmony_ci "test-dep-a": { 291cb0ef41Sopenharmony_ci "version": "1.0.1", 301cb0ef41Sopenharmony_ci "resolved": "https://registry.npmjs.org/test-dep-a/-/test-dep-a-1.0.1.tgz" 311cb0ef41Sopenharmony_ci } 321cb0ef41Sopenharmony_ci } 331cb0ef41Sopenharmony_ci} 341cb0ef41Sopenharmony_ci 351cb0ef41Sopenharmony_ci` 361cb0ef41Sopenharmony_ci 371cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit fix - bulk endpoint > must match snapshot 1`] = ` 381cb0ef41Sopenharmony_ci 391cb0ef41Sopenharmony_ciadded 1 package, and audited 2 packages in xxx 401cb0ef41Sopenharmony_ci 411cb0ef41Sopenharmony_cifound 0 vulnerabilities 421cb0ef41Sopenharmony_ci` 431cb0ef41Sopenharmony_ci 441cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures ignores optional dependencies > must match snapshot 1`] = ` 451cb0ef41Sopenharmony_ciaudited 1 package in xxx 461cb0ef41Sopenharmony_ci 471cb0ef41Sopenharmony_ci1 package has a verified registry signature 481cb0ef41Sopenharmony_ci 491cb0ef41Sopenharmony_ci` 501cb0ef41Sopenharmony_ci 511cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures json output with invalid and missing signatures > must match snapshot 1`] = ` 521cb0ef41Sopenharmony_ci{ 531cb0ef41Sopenharmony_ci "invalid": [ 541cb0ef41Sopenharmony_ci { 551cb0ef41Sopenharmony_ci "code": "EINTEGRITYSIGNATURE", 561cb0ef41Sopenharmony_ci "message": "kms-demo@1.0.0 has an invalid registry signature with keyid: SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA and signature: bogus", 571cb0ef41Sopenharmony_ci "integrity": "sha512-QqZ7VJ/8xPkS9s2IWB7Shj3qTJdcRyeXKbPQnsZjsPEwvutGv0EGeVchPcauoiDFJlGbZMFq5GDCurAGNSghJQ==", 581cb0ef41Sopenharmony_ci "keyid": "SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA", 591cb0ef41Sopenharmony_ci "location": "node_modules/kms-demo", 601cb0ef41Sopenharmony_ci "name": "kms-demo", 611cb0ef41Sopenharmony_ci "registry": "https://registry.npmjs.org/", 621cb0ef41Sopenharmony_ci "resolved": "https://registry.npmjs.org/kms-demo/-/kms-demo-1.0.0.tgz", 631cb0ef41Sopenharmony_ci "signature": "bogus", 641cb0ef41Sopenharmony_ci "type": "dependencies", 651cb0ef41Sopenharmony_ci "version": "1.0.0" 661cb0ef41Sopenharmony_ci } 671cb0ef41Sopenharmony_ci ], 681cb0ef41Sopenharmony_ci "missing": [ 691cb0ef41Sopenharmony_ci { 701cb0ef41Sopenharmony_ci "location": "node_modules/async", 711cb0ef41Sopenharmony_ci "name": "async", 721cb0ef41Sopenharmony_ci "registry": "https://registry.npmjs.org/", 731cb0ef41Sopenharmony_ci "resolved": "https://registry.npmjs.org/async/-/async-1.1.1.tgz", 741cb0ef41Sopenharmony_ci "version": "1.1.1" 751cb0ef41Sopenharmony_ci } 761cb0ef41Sopenharmony_ci ] 771cb0ef41Sopenharmony_ci} 781cb0ef41Sopenharmony_ci` 791cb0ef41Sopenharmony_ci 801cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures json output with invalid attestations > must match snapshot 1`] = ` 811cb0ef41Sopenharmony_ci{ 821cb0ef41Sopenharmony_ci "invalid": [ 831cb0ef41Sopenharmony_ci { 841cb0ef41Sopenharmony_ci "code": "EATTESTATIONVERIFY", 851cb0ef41Sopenharmony_ci "message": "sigstore@1.0.0 failed to verify attestation: artifact signature verification failed", 861cb0ef41Sopenharmony_ci "integrity": "sha512-e+qfbn/zf1+rCza/BhIA//Awmf0v1pa5HQS8Xk8iXrn9bgytytVLqYD0P7NSqZ6IELTgq+tcDvLPkQjNHyWLNg==", 871cb0ef41Sopenharmony_ci "keyid": "", 881cb0ef41Sopenharmony_ci "location": "node_modules/sigstore", 891cb0ef41Sopenharmony_ci "name": "sigstore", 901cb0ef41Sopenharmony_ci "registry": "https://registry.npmjs.org/", 911cb0ef41Sopenharmony_ci "resolved": "https://registry.npmjs.org/sigstore/-/sigstore-1.0.0.tgz", 921cb0ef41Sopenharmony_ci "signature": "MEYCIQD10kAn3lC/1rJvXBtSDckbqkKEmz369gPDKb4lG4zMKQIhAP1+RhbMcASsfXhxpXKNCAjJb+3Av3Br95eKD7VL/BEB", 931cb0ef41Sopenharmony_ci "predicateType": "https://slsa.dev/provenance/v0.2", 941cb0ef41Sopenharmony_ci "type": "dependencies", 951cb0ef41Sopenharmony_ci "version": "1.0.0" 961cb0ef41Sopenharmony_ci } 971cb0ef41Sopenharmony_ci ], 981cb0ef41Sopenharmony_ci "missing": [] 991cb0ef41Sopenharmony_ci} 1001cb0ef41Sopenharmony_ci` 1011cb0ef41Sopenharmony_ci 1021cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures json output with invalid signatures > must match snapshot 1`] = ` 1031cb0ef41Sopenharmony_ci{ 1041cb0ef41Sopenharmony_ci "invalid": [ 1051cb0ef41Sopenharmony_ci { 1061cb0ef41Sopenharmony_ci "code": "EINTEGRITYSIGNATURE", 1071cb0ef41Sopenharmony_ci "message": "kms-demo@1.0.0 has an invalid registry signature with keyid: SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA and signature: bogus", 1081cb0ef41Sopenharmony_ci "integrity": "sha512-QqZ7VJ/8xPkS9s2IWB7Shj3qTJdcRyeXKbPQnsZjsPEwvutGv0EGeVchPcauoiDFJlGbZMFq5GDCurAGNSghJQ==", 1091cb0ef41Sopenharmony_ci "keyid": "SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA", 1101cb0ef41Sopenharmony_ci "location": "node_modules/kms-demo", 1111cb0ef41Sopenharmony_ci "name": "kms-demo", 1121cb0ef41Sopenharmony_ci "registry": "https://registry.npmjs.org/", 1131cb0ef41Sopenharmony_ci "resolved": "https://registry.npmjs.org/kms-demo/-/kms-demo-1.0.0.tgz", 1141cb0ef41Sopenharmony_ci "signature": "bogus", 1151cb0ef41Sopenharmony_ci "type": "dependencies", 1161cb0ef41Sopenharmony_ci "version": "1.0.0" 1171cb0ef41Sopenharmony_ci } 1181cb0ef41Sopenharmony_ci ], 1191cb0ef41Sopenharmony_ci "missing": [] 1201cb0ef41Sopenharmony_ci} 1211cb0ef41Sopenharmony_ci` 1221cb0ef41Sopenharmony_ci 1231cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures json output with valid signatures > must match snapshot 1`] = ` 1241cb0ef41Sopenharmony_ci{ 1251cb0ef41Sopenharmony_ci "invalid": [], 1261cb0ef41Sopenharmony_ci "missing": [] 1271cb0ef41Sopenharmony_ci} 1281cb0ef41Sopenharmony_ci` 1291cb0ef41Sopenharmony_ci 1301cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures multiple registries with keys and signatures > must match snapshot 1`] = ` 1311cb0ef41Sopenharmony_ciaudited 2 packages in xxx 1321cb0ef41Sopenharmony_ci 1331cb0ef41Sopenharmony_ci2 packages have verified registry signatures 1341cb0ef41Sopenharmony_ci 1351cb0ef41Sopenharmony_ci` 1361cb0ef41Sopenharmony_ci 1371cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures omit dev dependencies with missing signature > must match snapshot 1`] = ` 1381cb0ef41Sopenharmony_ciaudited 1 package in xxx 1391cb0ef41Sopenharmony_ci 1401cb0ef41Sopenharmony_ci1 package has a verified registry signature 1411cb0ef41Sopenharmony_ci 1421cb0ef41Sopenharmony_ci` 1431cb0ef41Sopenharmony_ci 1441cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures output details about missing signatures > must match snapshot 1`] = ` 1451cb0ef41Sopenharmony_ciaudited 1 package in xxx 1461cb0ef41Sopenharmony_ci 1471cb0ef41Sopenharmony_ci1 package has a missing registry signature but the registry is providing signing keys: 1481cb0ef41Sopenharmony_ci 1491cb0ef41Sopenharmony_cikms-demo@1.0.0 (https://registry.npmjs.org/) 1501cb0ef41Sopenharmony_ci` 1511cb0ef41Sopenharmony_ci 1521cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures third-party registry with invalid signatures errors > must match snapshot 1`] = ` 1531cb0ef41Sopenharmony_ciaudited 1 package in xxx 1541cb0ef41Sopenharmony_ci 1551cb0ef41Sopenharmony_ci1 package has an invalid registry signature: 1561cb0ef41Sopenharmony_ci 1571cb0ef41Sopenharmony_ci@npmcli/arborist@1.0.14 (https://verdaccio-clone.org/) 1581cb0ef41Sopenharmony_ci 1591cb0ef41Sopenharmony_ciSomeone might have tampered with this package since it was published on the registry! 1601cb0ef41Sopenharmony_ci 1611cb0ef41Sopenharmony_ci` 1621cb0ef41Sopenharmony_ci 1631cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures third-party registry with keys and missing signatures errors > must match snapshot 1`] = ` 1641cb0ef41Sopenharmony_ciaudited 1 package in xxx 1651cb0ef41Sopenharmony_ci 1661cb0ef41Sopenharmony_ci1 package has a missing registry signature but the registry is providing signing keys: 1671cb0ef41Sopenharmony_ci 1681cb0ef41Sopenharmony_ci@npmcli/arborist@1.0.14 (https://verdaccio-clone.org/) 1691cb0ef41Sopenharmony_ci` 1701cb0ef41Sopenharmony_ci 1711cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures third-party registry with keys and signatures > must match snapshot 1`] = ` 1721cb0ef41Sopenharmony_ciaudited 1 package in xxx 1731cb0ef41Sopenharmony_ci 1741cb0ef41Sopenharmony_ci1 package has a verified registry signature 1751cb0ef41Sopenharmony_ci 1761cb0ef41Sopenharmony_ci` 1771cb0ef41Sopenharmony_ci 1781cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures third-party registry with sub-path (trailing slash) > must match snapshot 1`] = ` 1791cb0ef41Sopenharmony_ciaudited 1 package in xxx 1801cb0ef41Sopenharmony_ci 1811cb0ef41Sopenharmony_ci1 package has a verified registry signature 1821cb0ef41Sopenharmony_ci 1831cb0ef41Sopenharmony_ci` 1841cb0ef41Sopenharmony_ci 1851cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures third-party registry with sub-path > must match snapshot 1`] = ` 1861cb0ef41Sopenharmony_ciaudited 1 package in xxx 1871cb0ef41Sopenharmony_ci 1881cb0ef41Sopenharmony_ci1 package has a verified registry signature 1891cb0ef41Sopenharmony_ci 1901cb0ef41Sopenharmony_ci` 1911cb0ef41Sopenharmony_ci 1921cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with both invalid and missing signatures > must match snapshot 1`] = ` 1931cb0ef41Sopenharmony_ciaudited 2 packages in xxx 1941cb0ef41Sopenharmony_ci 1951cb0ef41Sopenharmony_ci1 package has a missing registry signature but the registry is providing signing keys: 1961cb0ef41Sopenharmony_ci 1971cb0ef41Sopenharmony_ciasync@1.1.1 (https://registry.npmjs.org/) 1981cb0ef41Sopenharmony_ci 1991cb0ef41Sopenharmony_ci1 package has an invalid registry signature: 2001cb0ef41Sopenharmony_ci 2011cb0ef41Sopenharmony_cikms-demo@1.0.0 (https://registry.npmjs.org/) 2021cb0ef41Sopenharmony_ci 2031cb0ef41Sopenharmony_ciSomeone might have tampered with this package since it was published on the registry! 2041cb0ef41Sopenharmony_ci 2051cb0ef41Sopenharmony_ci` 2061cb0ef41Sopenharmony_ci 2071cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with bundled and peer deps and no signatures > must match snapshot 1`] = ` 2081cb0ef41Sopenharmony_ciaudited 1 package in xxx 2091cb0ef41Sopenharmony_ci 2101cb0ef41Sopenharmony_ci1 package has a verified registry signature 2111cb0ef41Sopenharmony_ci 2121cb0ef41Sopenharmony_ci` 2131cb0ef41Sopenharmony_ci 2141cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with invalid attestations > must match snapshot 1`] = ` 2151cb0ef41Sopenharmony_ciaudited 1 package in xxx 2161cb0ef41Sopenharmony_ci 2171cb0ef41Sopenharmony_ci1 package has an invalid attestation: 2181cb0ef41Sopenharmony_ci 2191cb0ef41Sopenharmony_cisigstore@1.0.0 (https://registry.npmjs.org/) 2201cb0ef41Sopenharmony_ci 2211cb0ef41Sopenharmony_ciSomeone might have tampered with this package since it was published on the registry! 2221cb0ef41Sopenharmony_ci 2231cb0ef41Sopenharmony_ci` 2241cb0ef41Sopenharmony_ci 2251cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with invalid signatures > must match snapshot 1`] = ` 2261cb0ef41Sopenharmony_ciaudited 1 package in xxx 2271cb0ef41Sopenharmony_ci 2281cb0ef41Sopenharmony_ci1 package has an invalid registry signature: 2291cb0ef41Sopenharmony_ci 2301cb0ef41Sopenharmony_cikms-demo@1.0.0 (https://registry.npmjs.org/) 2311cb0ef41Sopenharmony_ci 2321cb0ef41Sopenharmony_ciSomeone might have tampered with this package since it was published on the registry! 2331cb0ef41Sopenharmony_ci 2341cb0ef41Sopenharmony_ci` 2351cb0ef41Sopenharmony_ci 2361cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with invalid signtaures and color output enabled > must match snapshot 1`] = ` 2371cb0ef41Sopenharmony_ciaudited 1 package in xxx 2381cb0ef41Sopenharmony_ci 2391cb0ef41Sopenharmony_ci1 package has an [1m[31minvalid[39m[22m registry signature: 2401cb0ef41Sopenharmony_ci 2411cb0ef41Sopenharmony_ci[31mkms-demo@1.0.0[39m (https://registry.npmjs.org/) 2421cb0ef41Sopenharmony_ci 2431cb0ef41Sopenharmony_ciSomeone might have tampered with this package since it was published on the registry! 2441cb0ef41Sopenharmony_ci 2451cb0ef41Sopenharmony_ci` 2461cb0ef41Sopenharmony_ci 2471cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with key fallback to legacy API > must match snapshot 1`] = ` 2481cb0ef41Sopenharmony_ciaudited 1 package in xxx 2491cb0ef41Sopenharmony_ci 2501cb0ef41Sopenharmony_ci1 package has a verified registry signature 2511cb0ef41Sopenharmony_ci 2521cb0ef41Sopenharmony_ci` 2531cb0ef41Sopenharmony_ci 2541cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with keys but missing signature > must match snapshot 1`] = ` 2551cb0ef41Sopenharmony_ciaudited 1 package in xxx 2561cb0ef41Sopenharmony_ci 2571cb0ef41Sopenharmony_ci1 package has a missing registry signature but the registry is providing signing keys: 2581cb0ef41Sopenharmony_ci 2591cb0ef41Sopenharmony_cikms-demo@1.0.0 (https://registry.npmjs.org/) 2601cb0ef41Sopenharmony_ci` 2611cb0ef41Sopenharmony_ci 2621cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with multiple invalid attestations > must match snapshot 1`] = ` 2631cb0ef41Sopenharmony_ciaudited 2 packages in xxx 2641cb0ef41Sopenharmony_ci 2651cb0ef41Sopenharmony_ci2 packages have invalid attestations: 2661cb0ef41Sopenharmony_ci 2671cb0ef41Sopenharmony_cisigstore@1.0.0 (https://registry.npmjs.org/) 2681cb0ef41Sopenharmony_cituf-js@1.0.0 (https://registry.npmjs.org/) 2691cb0ef41Sopenharmony_ci 2701cb0ef41Sopenharmony_ciSomeone might have tampered with these packages since they were published on the registry! 2711cb0ef41Sopenharmony_ci 2721cb0ef41Sopenharmony_ci` 2731cb0ef41Sopenharmony_ci 2741cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with multiple invalid signatures > must match snapshot 1`] = ` 2751cb0ef41Sopenharmony_ciaudited 2 packages in xxx 2761cb0ef41Sopenharmony_ci 2771cb0ef41Sopenharmony_ci2 packages have invalid registry signatures: 2781cb0ef41Sopenharmony_ci 2791cb0ef41Sopenharmony_ciasync@1.1.1 (https://registry.npmjs.org/) 2801cb0ef41Sopenharmony_cikms-demo@1.0.0 (https://registry.npmjs.org/) 2811cb0ef41Sopenharmony_ci 2821cb0ef41Sopenharmony_ciSomeone might have tampered with these packages since they were published on the registry! 2831cb0ef41Sopenharmony_ci 2841cb0ef41Sopenharmony_ci` 2851cb0ef41Sopenharmony_ci 2861cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with multiple missing signatures > must match snapshot 1`] = ` 2871cb0ef41Sopenharmony_ciaudited 2 packages in xxx 2881cb0ef41Sopenharmony_ci 2891cb0ef41Sopenharmony_ci2 packages have missing registry signatures but the registry is providing signing keys: 2901cb0ef41Sopenharmony_ci 2911cb0ef41Sopenharmony_ciasync@1.1.1 (https://registry.npmjs.org/) 2921cb0ef41Sopenharmony_cikms-demo@1.0.0 (https://registry.npmjs.org/) 2931cb0ef41Sopenharmony_ci` 2941cb0ef41Sopenharmony_ci 2951cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with multiple valid signatures and one invalid > must match snapshot 1`] = ` 2961cb0ef41Sopenharmony_ciaudited 3 packages in xxx 2971cb0ef41Sopenharmony_ci 2981cb0ef41Sopenharmony_ci2 packages have verified registry signatures 2991cb0ef41Sopenharmony_ci 3001cb0ef41Sopenharmony_ci1 package has an invalid registry signature: 3011cb0ef41Sopenharmony_ci 3021cb0ef41Sopenharmony_cinode-fetch@1.6.0 (https://registry.npmjs.org/) 3031cb0ef41Sopenharmony_ci 3041cb0ef41Sopenharmony_ciSomeone might have tampered with this package since it was published on the registry! 3051cb0ef41Sopenharmony_ci 3061cb0ef41Sopenharmony_ci` 3071cb0ef41Sopenharmony_ci 3081cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with valid and missing signatures > must match snapshot 1`] = ` 3091cb0ef41Sopenharmony_ciaudited 2 packages in xxx 3101cb0ef41Sopenharmony_ci 3111cb0ef41Sopenharmony_ci1 package has a verified registry signature 3121cb0ef41Sopenharmony_ci 3131cb0ef41Sopenharmony_ci1 package has a missing registry signature but the registry is providing signing keys: 3141cb0ef41Sopenharmony_ci 3151cb0ef41Sopenharmony_ciasync@1.1.1 (https://registry.npmjs.org/) 3161cb0ef41Sopenharmony_ci` 3171cb0ef41Sopenharmony_ci 3181cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with valid attestations > must match snapshot 1`] = ` 3191cb0ef41Sopenharmony_ciaudited 1 package in xxx 3201cb0ef41Sopenharmony_ci 3211cb0ef41Sopenharmony_ci1 package has a verified registry signature 3221cb0ef41Sopenharmony_ci 3231cb0ef41Sopenharmony_ci1 package has a verified attestation 3241cb0ef41Sopenharmony_ci 3251cb0ef41Sopenharmony_ci` 3261cb0ef41Sopenharmony_ci 3271cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with valid signatures > must match snapshot 1`] = ` 3281cb0ef41Sopenharmony_ciaudited 1 package in xxx 3291cb0ef41Sopenharmony_ci 3301cb0ef41Sopenharmony_ci1 package has a verified registry signature 3311cb0ef41Sopenharmony_ci 3321cb0ef41Sopenharmony_ci` 3331cb0ef41Sopenharmony_ci 3341cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures with valid signatures using alias > must match snapshot 1`] = ` 3351cb0ef41Sopenharmony_ciaudited 1 package in xxx 3361cb0ef41Sopenharmony_ci 3371cb0ef41Sopenharmony_ci1 package has a verified registry signature 3381cb0ef41Sopenharmony_ci 3391cb0ef41Sopenharmony_ci` 3401cb0ef41Sopenharmony_ci 3411cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures workspaces verifies registry deps and ignores local workspace deps > must match snapshot 1`] = ` 3421cb0ef41Sopenharmony_ciaudited 3 packages in xxx 3431cb0ef41Sopenharmony_ci 3441cb0ef41Sopenharmony_ci3 packages have verified registry signatures 3451cb0ef41Sopenharmony_ci 3461cb0ef41Sopenharmony_ci` 3471cb0ef41Sopenharmony_ci 3481cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP audit signatures workspaces verifies registry deps when filtering by workspace name > must match snapshot 1`] = ` 3491cb0ef41Sopenharmony_ciaudited 2 packages in xxx 3501cb0ef41Sopenharmony_ci 3511cb0ef41Sopenharmony_ci2 packages have verified registry signatures 3521cb0ef41Sopenharmony_ci 3531cb0ef41Sopenharmony_ci` 3541cb0ef41Sopenharmony_ci 3551cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP fallback audit > must match snapshot 1`] = ` 3561cb0ef41Sopenharmony_ci# npm audit report 3571cb0ef41Sopenharmony_ci 3581cb0ef41Sopenharmony_citest-dep-a 1.0.0 3591cb0ef41Sopenharmony_ciSeverity: high 3601cb0ef41Sopenharmony_ciTest advisory 100 - https://github.com/advisories/GHSA-100 3611cb0ef41Sopenharmony_cifix available via \`npm audit fix\` 3621cb0ef41Sopenharmony_cinode_modules/test-dep-a 3631cb0ef41Sopenharmony_ci 3641cb0ef41Sopenharmony_ci1 high severity vulnerability 3651cb0ef41Sopenharmony_ci 3661cb0ef41Sopenharmony_ciTo address all issues, run: 3671cb0ef41Sopenharmony_ci npm audit fix 3681cb0ef41Sopenharmony_ci` 3691cb0ef41Sopenharmony_ci 3701cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP json audit > must match snapshot 1`] = ` 3711cb0ef41Sopenharmony_ci{ 3721cb0ef41Sopenharmony_ci "auditReportVersion": 2, 3731cb0ef41Sopenharmony_ci "vulnerabilities": { 3741cb0ef41Sopenharmony_ci "test-dep-a": { 3751cb0ef41Sopenharmony_ci "name": "test-dep-a", 3761cb0ef41Sopenharmony_ci "severity": "high", 3771cb0ef41Sopenharmony_ci "isDirect": true, 3781cb0ef41Sopenharmony_ci "via": [ 3791cb0ef41Sopenharmony_ci { 3801cb0ef41Sopenharmony_ci "source": 100, 3811cb0ef41Sopenharmony_ci "name": "test-dep-a", 3821cb0ef41Sopenharmony_ci "dependency": "test-dep-a", 3831cb0ef41Sopenharmony_ci "title": "Test advisory 100", 3841cb0ef41Sopenharmony_ci "url": "https://github.com/advisories/GHSA-100", 3851cb0ef41Sopenharmony_ci "severity": "high", 3861cb0ef41Sopenharmony_ci "cwe": [ 3871cb0ef41Sopenharmony_ci "cwe-0" 3881cb0ef41Sopenharmony_ci ], 3891cb0ef41Sopenharmony_ci "cvss": { 3901cb0ef41Sopenharmony_ci "score": 0 3911cb0ef41Sopenharmony_ci }, 3921cb0ef41Sopenharmony_ci "range": "*" 3931cb0ef41Sopenharmony_ci } 3941cb0ef41Sopenharmony_ci ], 3951cb0ef41Sopenharmony_ci "effects": [], 3961cb0ef41Sopenharmony_ci "range": "*", 3971cb0ef41Sopenharmony_ci "nodes": [ 3981cb0ef41Sopenharmony_ci "node_modules/test-dep-a" 3991cb0ef41Sopenharmony_ci ], 4001cb0ef41Sopenharmony_ci "fixAvailable": false 4011cb0ef41Sopenharmony_ci } 4021cb0ef41Sopenharmony_ci }, 4031cb0ef41Sopenharmony_ci "metadata": { 4041cb0ef41Sopenharmony_ci "vulnerabilities": { 4051cb0ef41Sopenharmony_ci "info": 0, 4061cb0ef41Sopenharmony_ci "low": 0, 4071cb0ef41Sopenharmony_ci "moderate": 0, 4081cb0ef41Sopenharmony_ci "high": 1, 4091cb0ef41Sopenharmony_ci "critical": 0, 4101cb0ef41Sopenharmony_ci "total": 1 4111cb0ef41Sopenharmony_ci }, 4121cb0ef41Sopenharmony_ci "dependencies": { 4131cb0ef41Sopenharmony_ci "prod": 2, 4141cb0ef41Sopenharmony_ci "dev": 0, 4151cb0ef41Sopenharmony_ci "optional": 0, 4161cb0ef41Sopenharmony_ci "peer": 0, 4171cb0ef41Sopenharmony_ci "peerOptional": 0, 4181cb0ef41Sopenharmony_ci "total": 1 4191cb0ef41Sopenharmony_ci } 4201cb0ef41Sopenharmony_ci } 4211cb0ef41Sopenharmony_ci} 4221cb0ef41Sopenharmony_ci` 4231cb0ef41Sopenharmony_ci 4241cb0ef41Sopenharmony_ciexports[`test/lib/commands/audit.js TAP normal audit > must match snapshot 1`] = ` 4251cb0ef41Sopenharmony_ci# npm audit report 4261cb0ef41Sopenharmony_ci 4271cb0ef41Sopenharmony_citest-dep-a 1.0.0 4281cb0ef41Sopenharmony_ciSeverity: high 4291cb0ef41Sopenharmony_ciTest advisory 100 - https://github.com/advisories/GHSA-100 4301cb0ef41Sopenharmony_cifix available via \`npm audit fix\` 4311cb0ef41Sopenharmony_cinode_modules/test-dep-a 4321cb0ef41Sopenharmony_ci 4331cb0ef41Sopenharmony_ci1 high severity vulnerability 4341cb0ef41Sopenharmony_ci 4351cb0ef41Sopenharmony_ciTo address all issues, run: 4361cb0ef41Sopenharmony_ci npm audit fix 4371cb0ef41Sopenharmony_ci` 438