Grunt-retire crashes when finding a vulnerable dependency
CalldiDoctor opened this issue · 4 comments
Hi,
I've been testing the retire.js plugin for Grunt, and I have always found the same problem.
Every time I analyse a project, and the plugin finds a vulnerable dependency, it crashes showing the following message and stopping the execution.
Warning: Task "retire:js" failed. Use --force to continue.
I've tried to find some log file, but I haven't found it.
Has anyone been stuck with the same problem?
Thanks!
Can you share relevant parts of your gruntfile?
Sure. Below you can find the modifications I made on the Gruntfile.
retire: {
js: ['src/**/*.js'], /** Which js-files to scan. **/
node: ['path_to_packaje.json'], /** Which node directories to scan (containing package.json). **/
options: {
verbose: true,
packageOnly: true,
jsRepository: 'https://raw.github.com/RetireJS/retire.js/master/repository/jsrepository.json',
nodeRepository: 'https://raw.github.com/RetireJS/retire.js/master/repository/npmrepository.json',
outputFile: './retire-output.json',
ignore: 'documents,java'
}
}
grunt.loadNpmTasks('grunt-retire');
grunt.registerTask('dependencies',['retire']);
Is there any problem with this configuration?
Well, I'm doesn't actually crash, but instead fails the build. So in that sense it does what it's supposed to. If you don't believe the findings are important, you can add them to a .retireignore file.