MCPcopy Index your code
hub / github.com/darkreader/darkreader / checkoutVersion

Function checkoutVersion

tasks/cli.js:98–117  ·  view source on GitHub ↗

* Checks out a particular revision of source code and dependencies, * audits dependencies and applies fixes to vulnerabilities. * Fixes for vulnerabilities should not affect build output since most * vulnerabilities reside in code which never gets reached during build. * However, fixing the vuln

(version, fixVulnerabilities)

Source from the content-addressed store, hash-verified

96 * @param {boolean} fixVulnerabilities Whether of not to attempt to fix known vulnerabilities
97 */
98async function checkoutVersion(version, fixVulnerabilities) {
99 log.ok(`Checking out version ${version}`);
100 // Use -- to disambiguate the tag (release version) and file paths
101 await rm('src', {force: true, recursive: true});
102 await execute(`git restore --source v${version} -- package.json package-lock.json src/ tasks/`);
103 log.ok(`Installing dependencies`);
104 await execute('npm install --ignore-scripts');
105 if (!fixVulnerabilities) {
106 log.ok(`Skipping dependency audit`);
107 return;
108 }
109 log.ok(`Dependency audit`);
110 const deps = JSON.parse(await execute('npm audit fix --force --ignore-scripts --json'));
111 if (deps.audit.auditReportVersion !== 2) {
112 throw new Error('Could not audit dependencies');
113 }
114 if (deps.audit.metadata.vulnerabilities.total !== 0) {
115 throw new Error('Dependency vulnerability without a fix found, please audit manually');
116 }
117}
118
119async function checkoutHead() {
120 // Restore current files

Callers 1

runFunction · 0.85

Calls 1

executeFunction · 0.90

Tested by

no test coverage detected