From 9b0b0bfac30eae6649923fcbaae8edf8f0b509a1 Mon Sep 17 00:00:00 2001
From: Liran Tal <liran.tal@gmail.com>
Date: Sun, 25 Aug 2019 19:37:25 +0300
Subject: [PATCH] build: Lint the lockfile for security policies (#1444)

* feat: lint lockfiles

* fix: update secrets baseline
---
 .secrets-baseline |   4 ++--
 package.json      |   4 +++-
 yarn.lock         | Bin 362651 -> 364900 bytes
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.secrets-baseline b/.secrets-baseline
index 8d2322851..a92cd4e2a 100644
--- a/.secrets-baseline
+++ b/.secrets-baseline
@@ -3,7 +3,7 @@
     "files": null,
     "lines": null
   },
-  "generated_at": "2019-08-10T11:40:14Z",
+  "generated_at": "2019-08-20T08:33:48Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -2973,5 +2973,5 @@
       }
     ]
   },
-  "version": "0.12.4"
+  "version": "0.12.2"
 }
diff --git a/package.json b/package.json
index d07fcf455..51461c043 100644
--- a/package.json
+++ b/package.json
@@ -36,6 +36,7 @@
     "js-yaml": "3.13.1",
     "jsonwebtoken": "8.5.1",
     "kleur": "3.0.3",
+    "lockfile-lint": "2.0.1",
     "lodash": "4.17.14",
     "lunr-mutable-indexes": "2.3.2",
     "marked": "0.7.0",
@@ -112,8 +113,9 @@
     "test:all": "npm run test && npm run test:functional && npm run test:e2e",
     "pre:ci": "npm run lint",
     "coverage:publish": "codecov",
-    "lint": "npm run type-check && npm run lint:ts",
+    "lint": "npm run type-check && npm run lint:ts && npm run lint:lockfile",
     "lint:ts": "eslint . --ext .js,.ts",
+    "lint:lockfile": "lockfile-lint --path yarn.lock --type yarn --validate-https --allowed-hosts verdaccio npm yarn",
     "format": "prettier --single-quote --trailing-comma none --write \"{src,test}/**/*.ts\"",
     "dev:start": "cross-env BABEL_ENV=registry babel-node --extensions \".ts,.tsx\" src/lib/cli",
     "code:build": "cross-env BABEL_ENV=registry babel src/ --out-dir build/ --copy-files --extensions \".ts,.tsx\" --source-maps inline",
diff --git a/yarn.lock b/yarn.lock
index 26ebf16bf078ed0d38891c3c750dbebbfea740e1..cc58b26a24a3dd6ae2568ae74e0496b6f4209a1a 100644
GIT binary patch
delta 1466
zcmZWpO>Em#99KTPjg_)?lhUndQkLE568rht&kmYI^U>zpX`47ra+vn~mBvk+#Bn|v
z2{8d<;s)gK4oH<i+?d1;hzPU^ap8!x3x{!FLU7=?3n#>I(hX_MK3Mv{zwQ6;>;LJ;
zf!{w5-1^#c@A`UZ^9b8k_pm{?I_ja(Z0VafKm<gX5b*^3fV}am_pJ0%4;}umJ-q0S
zIE~3wT@Y|oFcb}Pydoe?ge=GFnyLXogHfmeg#(5Hr?Jz4N~&8L4UeitwODLb1ZJpM
z6Vv33eSW-8Z)@^4vUax|uq7P{ZLXeBCrz+HD}#!>6YI58MsH&Ei+j@cL@t=BQ_gfn
z9CZeX-Pzsip7uMZTFpUo^9G6h=tBztZ>jT&JM`ii<|B-I&nMP&-B1lpVReyV1d+oS
zat4PC%!oRJL>{PuqA2Rr^C%$i)bvzotKCi)&}7)r4R$1!cP1^{lDgH5S#EY~IYDG<
z{ZTu!6CIl4wuWjfhKV?v>mxcQi&EOG4;s~BM;yV<eu3>-qbl)S@LnXZ^{I0{7y+d7
z)W3F-b;&;)bgz+(yJ2kgo59cxJ_7DsxbK-=xbLNYI}>g-Ehmh-1oWsi^7z;jTHvfa
z*YNrI9P>-Hu=|5&_#wg!z$~XlIRmLY;sk|3kO2s4NHGL#KsBlWf`9O>$+lI*xl}ii
zw&{d1;ka0GlEqPD9GjHWiL50;r$mp_wBTfVdQRenSbf{>b{MlE6fo1O*s7@?M0qPa
z+%U_9ZG=k$E?b#C`DlIh{|*dIf1xg)JNv@mn`HG5&xxAF7Y<%RI7bH->ME?NY69RP
zW3VCun1fI?bQLO5O;>=Z%%Q8iPIiCx1muG<lI$_7kIGKFPD?On;;n8TR|jUgoiWv%
z4B4(asIpA<Ak{c5SN7vA87j%c%)v&!qX<$8O_EU*D;4EDa%gQ=#$t4T`sB-t<Yv)(
zhAf4>OW_v=cjcQ4yAb0<Z<mKg-z@<cVI$m~<zwG$`PhH?Ci&uT{|YJXQUUUy>4}iX
zPyMH6oqzoGGp}9?_8q%<;u7+`*Y%S0jh`kf6ty-Bo~Ev}$b(bV>*UYdz7vO#cWo-b
zxMq500AOgqKmrSSjaQJy7`iTqfZ-9t0L4&Hlv5d~kk5`?1MDUM-IQpS-rK2Ud9#)i
z<0;26`H2Yg?NY8iREBnSM@r=Dr7Z=rxm+cgO}6Ml(P1S9^kg<oZy!#!aC9f<bU?h9
zG#yPKt1aIp^3zwIWzv1*Un1ZB<vmBH@B3HD+fV(k%!EEAEC;Ry7u1Bi*zW7LyP({x
zM8M3tMct*=UCtI2m$EnA*bH^M-|Sey5P;K%OIH`UnD4Jf-*w8#XWZA}GyI&2cmeag
z&Imehu&NQ|1Vh9SAsz`T!(m2q7nnGG_%I-|x_&UQXfc-G7t8rhrX>_Acu%$)8%GIC
zw+3RIJB+vX#wJW<Q^}kRiVdM(a2aWXc<rbFlErMhT<2=KL`$Rba6_zS`!c!miSN?#
jd_65f?gleN?s49A61+{Frxso&EALU?&CY*7edzrcD@N5e

delta 102
zcmV-s0Ga>fq86Kx7J#$?uspZJJppNdhkL#Ow|l+<|KW!_qXV})qXZIQmsth`50}nr
z0Wg;^0tFnmy#obA2$z_61rL{Ry96<p@DT+Cmp}^z61Qs%1tDy=>3Ib$4Yw?Z1*`?P
I<BkP^0vqool>h($