From e379afda2c0cd03f12d7d244338582c29f05ee4d Mon Sep 17 00:00:00 2001
From: Richard Dunlap <richard.dunlap@sparkpost.com>
Date: Thu, 16 Apr 2020 13:58:31 -0400
Subject: [PATCH 1/2] Changed hook to use pre-commit.

`pre-push` cannot guarantee a new commit is added before the push.

Updated some syntax to be more safe and up-to-date.
---
 README.md    |  8 ++++----
 bin/audit.sh | 23 ++++++++++++-----------
 2 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/README.md b/README.md
index 96329d9..3990738 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ with a commit message of `<branch-name> npm audit fix`. This will fix any proble
 
 # Example with Husky
 
-This will run auditing as a pre-push hook using [husky](https://www.npmjs.com/package/husky):
+This will run auditing as a pre-commit hook using [husky](https://www.npmjs.com/package/husky):
 
 ```json
 {
@@ -19,7 +19,7 @@ This will run auditing as a pre-push hook using [husky](https://www.npmjs.com/pa
   "main": "index.js",
   "husky": {
     "hooks": {
-      "pre-push": "auditmated"
+      "pre-commit": "auditmated"
     }
   },
   "devDependencies": {
@@ -29,7 +29,7 @@ This will run auditing as a pre-push hook using [husky](https://www.npmjs.com/pa
 }
 ```
 
-If you are using Husky v0, define as a `prepush` script.
+If you are using Husky v0.14, define as a `precommit` script.
 
 ```json
 {
@@ -37,7 +37,7 @@ If you are using Husky v0, define as a `prepush` script.
   "version": "1.0.0",
   "main": "index.js",
   "scripts": {
-    "prepush": "auditmated"
+    "precommit": "auditmated"
   },
   "devDependencies": {
     "auditmated": "0.1.0",
diff --git a/bin/audit.sh b/bin/audit.sh
index e4dfffb..58e80c7 100755
--- a/bin/audit.sh
+++ b/bin/audit.sh
@@ -1,18 +1,19 @@
-#!/bin/bash
-BRANCH=`git rev-parse --abbrev-ref HEAD`
+#!/bin/env bash
+
+BRANCH="$(git rev-parse --abbrev-ref HEAD)"
 MESSAGE="$BRANCH npm audit fix"
 
-if [[ $BRANCH = 'master' ]] || [[ $BRANCH = 'develop' ]] ; then
-  echo 'skipping audit on '$BRANCH' branch'
+if [[ $BRANCH = 'master' ]] || [[ $BRANCH = 'develop' ]]; then
+  echo 'skipping audit on '"$BRANCH"' branch'
   exit 0
 fi
 
-npm audit fix
-git add package.json package-lock.json
-git commit --no-verify -m "$MESSAGE"
-
-# if audit fix didn't change anything the commit will exit with non-0 exit code
-# catch that error code and exit successfully
-if [[ $? -ne 0 ]] ; then
+if [[ "$(npm audit fix)" ]]; then
+  # if audit fix didn't change anything the commit will exit with non-0 exit code
+  # catch that error code and exit successfully
   echo 'audit: minor and patch version of deps have no known security issues'
+  exit 0
 fi
+
+git add package.json package-lock.json &&
+git commit --no-verify -m "$MESSAGE"

From ba0c575c05cc0d227c78ec8091fdb2417a7b72bd Mon Sep 17 00:00:00 2001
From: Richard Dunlap <richard.dunlap@sparkpost.com>
Date: Thu, 16 Apr 2020 14:03:12 -0400
Subject: [PATCH 2/2] Fixed conditional

---
 bin/audit.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/audit.sh b/bin/audit.sh
index 58e80c7..60ddbac 100755
--- a/bin/audit.sh
+++ b/bin/audit.sh
@@ -8,7 +8,7 @@ if [[ $BRANCH = 'master' ]] || [[ $BRANCH = 'develop' ]]; then
   exit 0
 fi
 
-if [[ "$(npm audit fix)" ]]; then
+if [[ ! "$(npm audit fix)" ]]; then
   # if audit fix didn't change anything the commit will exit with non-0 exit code
   # catch that error code and exit successfully
   echo 'audit: minor and patch version of deps have no known security issues'
@@ -16,4 +16,4 @@ if [[ "$(npm audit fix)" ]]; then
 fi
 
 git add package.json package-lock.json &&
-git commit --no-verify -m "$MESSAGE"
+  git commit --no-verify -m "$MESSAGE"