--ignore does not ignore given application subdirectory

Question

michaelfranzl opened this issue a year ago · comments

Retire.js version: (retire --version): 4.3.2

node version: (node --version): 14.17.0

Description: --ignore does not ignore given application subdirectory

Expected behaviour: --ignore ignores given application subdirectory

I have an application with a subdirectory named vendor. I would like to ignore this entire directory.

Steps to reproduce:

npm i retire
mkdir test
cp vulnerable.js test # copy any vulnerable javascript file into the test directory
./node_modules/.bin/retire --ignore test

The vulnerable file is still reported and the command exits with non-zero code.

Michael Franzl · Answer 1 · Tue Sep 05 2023 16:18:42 GMT+0800 (China Standard Time)

Thanks for fixing it. When will this be released?

Erlend Oftedal · Answer 2 · Tue Sep 05 2023 16:19:17 GMT+0800 (China Standard Time)

Thank you. Fixed in 4.3.3

Erlend Oftedal · Answer 3 · Tue Sep 05 2023 18:51:51 GMT+0800 (China Standard Time)

(which is already released) :)