From 45d1ee8dbfb4936087a970ae778321274ebfb0a7 Mon Sep 17 00:00:00 2001
From: Davide Morri <davide.morri@mondora.com>
Date: Fri, 24 Jun 2016 11:09:47 +0900
Subject: [PATCH 1/2] add retire task and watch to check dependencies
 vulnerabilities

---
 .gitignore        |  1 +
 gulpfile.babel.js | 32 +++++++++++++++++++++++++++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index c674757..3754684 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 node_modules/
 npm-debug.log
 gulpfile.js
+.idea
diff --git a/gulpfile.babel.js b/gulpfile.babel.js
index 5b4d8e8..920380d 100644
--- a/gulpfile.babel.js
+++ b/gulpfile.babel.js
@@ -1,6 +1,6 @@
 import {promisify} from "bluebird";
 import browserSync from "browser-sync";
-import {execSync} from "child_process";
+import {execSync, spawn} from "child_process";
 import history from "connect-history-api-fallback";
 import dotenv from "dotenv";
 import fs from "fs";
@@ -24,6 +24,7 @@ const testDir = `${process.cwd()}/test`;
 const appDir = `${process.cwd()}/app`;
 const buildDir = `${process.cwd()}/build`;
 const depsPath = `${process.cwd()}/deps.json`;
+const packagePath = `${process.cwd()}/package.json`;
 const npmDir = `${process.cwd()}/node_modules/.bin`;
 
 
@@ -195,6 +196,29 @@ gulp.task("lint", () => {
 
 
 
+/*
+ *   Retire
+ */
+
+gulp.task("retire", function () {
+    // Spawn Retire.js as a child process
+    // You can optionally add option parameters to the second argument (array)
+    var child = spawn("retire", [], {cwd: process.cwd()});
+
+    child.stdout.setEncoding("utf8");
+    child.stdout.on("data", function (data) {
+        gp.util.log(data);
+    });
+
+    child.stderr.setEncoding("utf8");
+    child.stderr.on("data", function (data) {
+        gp.util.log(gp.util.colors.red(data));
+        gp.util.beep();
+    });
+});
+
+gulp.task("retire", proGulp.task("retire"));
+
 /*
 *   Testers
 */
@@ -279,12 +303,17 @@ proGulp.task("setupWatchers", () => {
         depsPath,
         proGulp.parallel(["buildAllScripts", "buildVendorFonts", "buildVendorStyles", "test"])
     );
+    gulp.watch(
+        [`${appDir}/**/*.js`, packagePath],
+        proGulp.task("retire")
+    );
 });
 
 gulp.task("dev", proGulp.sequence([
     "build",
     "config",
     "test",
+    "retire",
     "setupDevServer",
     "setupWatchers"
 ]));
@@ -306,5 +335,6 @@ gulp.task("default", () => {
     gp.util.log("  " + gp.util.colors.green("lint") + "     lint application source code");
     gp.util.log("  " + gp.util.colors.green("test") + "     run tests");
     gp.util.log("  " + gp.util.colors.green("coverage") + " run tests and calculate coverage");
+    gp.util.log("  " + gp.util.colors.green("retire") + "   check dependencies vulnerabilities");
     gp.util.log("");
 });

From a196a66757f38d54daa4390fe61047dbec6e4212 Mon Sep 17 00:00:00 2001
From: Davide Morri <davide.morri@mondora.com>
Date: Fri, 24 Jun 2016 14:30:28 +0900
Subject: [PATCH 2/2] add doc for retire task

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 896da65..e3e7bd3 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,7 @@ Opinionated builder for react web projects.
 * `sd-builder lint` lints files with eslint
 * `sd-builder test` runs tests
 * `sd-builder coverage` runs tests and calculates coverage
+* `sd-builder retire` checks dependencies vulnerabilities
 
 ## Main conventions