NO-ISSUE --audit-level moderate

Yang-33 · Yang-33 · commit ac55540cb799 · 2025-08-05T18:12:33.000+09:00
diff --git a/scripts/npm-audit.sh b/scripts/npm-audit.sh
@@ -1,20 +1,28 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-errors=0
+IFS=$'\n'
+locks=($(find . -path '*/node_modules' -prune -o -name package-lock.json -print))
+unset IFS
 
-find . -name package-lock.json -not -path "./node_modules/*" -print0 |
-  xargs -0 -n1 dirname | sort -u |
-  while IFS= read -r dir; do
-    printf '\n\n\n'
-    printf '\033[1;34m==> %s\033[0m\n' "$dir"
-    (cd "$dir" && npm audit) || errors=1
-  done
+declare -a failed=()
 
-if [ "$errors" -eq 0 ]; then
-  echo "npm audit passed: no vulnerabilities detected"
+for lock in "${locks[@]}"; do
+  dir=$(dirname "$lock")
+  printf '\n\n\033[1;34m==> %s\033[0m\n' "$dir"
+
+  pushd "$dir" >/dev/null
+  if ! npm audit --audit-level moderate; then
+    failed+=("$dir")
+  fi
+  popd >/dev/null
+done
+
+if ((${#failed[@]})); then
+  echo -e "\n\033[0;31mnpm audit reported vulnerabilities in:\033[0m"
+  printf '  - %s\n' "${failed[@]}"
+  exit 1
 else
-  echo "npm audit reported vulnerabilities. Fix all vulnerabilities before committing."
+  echo "npm audit passed: no vulnerabilities detected"
+  exit 0
 fi
-
-exit "$errors"
