feat: enable package-lock-only by default

closes #23

src/main/ts/index.ts

@@ -59,14 +59,27 @@ const yarnLockToPkgLock: TCallback = ({temp}) => {
  */
 const npmAuditFix: TCallback = ({temp, flags, cwd, manifest}) => {
   const requireNpmBeta = !!manifest.workspaces
-  const inheritNpm = flags['inherit-npm']
+  const npm = getNpm(requireNpmBeta, flags['inherit-npm'])
+  const defaultFlags = {
+    'package-lock-only': true,
+  }
+  const auditFlags = formatFlags({...defaultFlags, ...flags},
+'package-lock-only',
+    'verbose',
+    'loglevel',
+    'only',
+    'force',
+    'audit-level',
+    'silent',
+  )
   const auditArgs = [
     'audit',
     'fix',
-    ...formatFlags(flags, 'package-lock-only', 'verbose', 'loglevel', 'only', 'force', 'audit-level', 'silent'),
+    ...auditFlags,
+    `--prefix=${temp}`,
   ]
 
-  invoke(getNpm(requireNpmBeta, inheritNpm), [...auditArgs, `--prefix=${temp}`], temp, flags.silent)
+  invoke(npm, auditArgs, temp, flags.silent)
 }
 
 /**

src/main/ts/util.ts

@@ -17,8 +17,8 @@ export const invoke = (cmd: string, args: string[], cwd: string, silent= false)
 
 export const parseFlags = (argv: string[]) => minimist(argv, {'--': true})
 
-const checkByLists = (value: any, omitlist: any[], picklist: any[]): boolean =>
-  !omitlist.includes(value) && (!picklist.length || picklist.includes(value))
+const checkValue = (key: string, value: any, omitlist: any[], picklist: any[]): boolean =>
+  value !== 'false' && !omitlist.includes(key) && (!picklist.length || picklist.includes(key))
 
 const formatFlag = (key: string): string => (key.length === 1 ? '-' : '--') + key
 
@@ -28,7 +28,7 @@ export const formatFlags = (flags: Record<string, any>, ...picklist: string[]):
     const value = flags[key]
     const flag = formatFlag(key)
 
-    if (checkByLists(key, omitlist, picklist)) {
+    if (checkValue(key, value, omitlist, picklist)) {
       memo.push(flag)
 
       if (value !== true) {

src/test/ts/index.ts

@@ -39,7 +39,7 @@ describe('yarn-audit-fix', () => {
   afterAll(jest.resetAllMocks)
 
   describe('flow', () => {
-    const checkFlow = () => {
+    const checkFlow = (skipPkgLockOnly?: boolean) => {
       const temp = findCacheDir({name: 'yarn-audit-fix', create: true}) + ''
       const cwd = process.cwd()
       const stdio = ['inherit', 'inherit', 'inherit']
@@ -49,19 +49,18 @@ describe('yarn-audit-fix', () => {
       expect(fs.copyFileSync).toHaveBeenCalledWith('yarn.lock', join(temp, 'yarn.lock'))
       expect(fs.copyFileSync).toHaveBeenCalledWith('package.json', join(temp, 'package.json'))
       expect(fs.createSymlinkSync).toHaveBeenCalledWith(join(cwd, 'node_modules'), join(temp, 'node_modules'), 'dir')
-      // expect(fs.createSymlinkSync).toHaveBeenCalledWith(join(cwd, 'packages/foo'), join(temp, 'packages/foo'), 'dir')
 
       // Generating package-lock.json from yarn.lock...
       expect(fs.removeSync).toHaveBeenCalledWith(join(temp, 'yarn.lock'))
 
       // Applying npm audit fix...
-      expect(cp.spawnSync).toHaveBeenCalledWith(getNpm(), [
+      expect(cp.spawnSync).toHaveBeenCalledWith(getNpm(), ([
         'audit',
         'fix',
+        skipPkgLockOnly ? null : '--package-lock-only',
         '--verbose',
-        '--package-lock-only',
         `--prefix=${temp}`,
-      ], {cwd: temp, stdio})
+      ]).filter(v => v !== null), {cwd: temp, stdio})
 
       // Updating yarn.lock from package-lock.json...
       expect(fs.copyFileSync).toHaveBeenCalledWith(join(temp, 'yarn.lock'), 'yarn.lock')
@@ -98,10 +97,10 @@ describe('yarn-audit-fix', () => {
     describe('cli', () => {
       it('invokes cmd queue with proper args', () => {
         jest.isolateModules(() => {
-          process.argv.push('--verbose', '--package-lock-only')
+          process.argv.push('--verbose', '--package-lock-only=false')
           require('../../main/ts/cli')
         })
-        checkFlow()
+        checkFlow(true)
       })
 
       describe('on error', () => {