Skip to content

Commit

Permalink
Merge pull request #1263 from glensc/es-includes
Browse files Browse the repository at this point in the history
Docs: Use Array.prototype.includes in tutorial
  • Loading branch information
orta authored Mar 23, 2022
2 parents 0007ac4 + f92ee28 commit f32395b
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions docs/tutorials/dependencies.html.md
Original file line number Diff line number Diff line change
@@ -63,7 +63,7 @@ schedule(async () => {

if (packageDiff.dependencies) {
const newDependencies = packageDiff.dependencies.added
if (includes(newDependencies, blacklist)) {
if (newDependencies.includes(blacklist)) {
fail(`Do not add ${blacklist} to our dependencies, see CVE #23")
}
}
@@ -107,12 +107,11 @@ dependency is one that comes in as a dependency of a dependency, one which isn't

```js
import fs from "fs"
import includes from "lodash.includes"
const blacklist = "spaced-between"
const lockfile = fs.readFileSync("yarn.lock").toString()
if (includes(lockfile, blacklist)) {
if (lockfile.includes(blacklist)) {
const message = `${blacklist} was added to our dependencies, see CVE #23`
const hint = `To find out what introduced it, use \`yarn why ${blacklist}\`.`
fail(`${message}<br/>${hint}`)

0 comments on commit f32395b

Please sign in to comment.