The latest version [email protected] uses coveralls@^2.11.1. However, coveralls@^2.11.1 has a vulnerability which is introduced by [email protected]. More information is here:

https://nodesecurity.io/advisories/566
https://snyk.io/vuln/npm:hoek:20180212

Could you please update coveralls to the latest version to solve the vulnerability? Thank you so much.

Hi,
I just followed your instruction but it fails for a couple of problems but it fails:
it doesn't like lodash, and components ask for different grunt version. ANy idea? TIA

~/testProject$ sudo npm install lodash@'~2.4.1' -g
[email protected] /usr/local/lib/node_modules/lodash
~/testProject$ sudo npm install grunt-coveralls --save-dev
npm WARN unmet dependency /home/pdipietro/testProject/node_modules/sails-disk/node_modules/waterline-cursor requires lodash@'~2.4.1' but will load
npm WARN unmet dependency undefined,
npm WARN unmet dependency which is version undefined
npm ERR! peerinvalid The package grunt does not satisfy its siblings' peerDependencies requirements!
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.1
npm ERR! peerinvalid Peer [email protected] wants grunt@^0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.0
npm ERR! peerinvalid Peer [email protected] wants grunt@~0.4.5

npm ERR! System Linux 3.13.0-39-generic
npm ERR! command "/usr/local/bin/node" "/usr/local/bin/npm" "install" "grunt-coveralls" "--save-dev"
npm ERR! cwd /home/pdipietro/testProject
npm ERR! node -v v0.13.0-pre
npm ERR! npm -v 1.4.28
npm ERR! code EPEERINVALID
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /home/pdipietro/testProject/npm-debug.log
npm ERR! not ok code 0

since the peer dependency is of >=0.4.0, new grunt version (1.x.x) is not supported.
Can you please update the needed?

Currently we have to override coveralls.getOptions to ensure it doesn't try and read from process.argv, because that's what it does by default.

That's not a good default; node-coveralls should probably be updated to provide a library API that doesn't make these assumptions, and a simple command-line wrapper that does, so we can use the library API directly and safely here.

Hello, I'm trying to setup my project to work with trevor ci + coveralls.

When I try to execute grunt coveralls here is the output:

But nothing happens on coveralls website.

Hey,
I've been trying grunt-coveralls for a few days and It's been a great task!
I've set up grunt coveralls to run on after_success.
However, it's always failing, for apparently no reason:

[warn] "2014-06-19T16:29:29.704Z"  'Repo token could not be determined.  Continuing without it.'
[warn] "2014-06-19T16:29:29.720Z"  'Repo token could not be determined.  Continuing without it.'
[warn] "2014-06-19T16:29:29.733Z"  'Repo token could not be determined.  Continuing without it.'
>> Failed to submit coverage results to coveralls

However, when I look into the coveralls page, the builds are there.

Any suspects? I thought of adding a .coveralls.yml file, but that doesn't seem to be the case, as it never really failed.
Also, I'm sending 3 lcov files, one for each browser I'm testing. Could this be related?

coverall.js support pass a base if sources are not linked correctly

cat ./coverage/coverage.lcov | ./node_modules/coveralls/bin/coveralls.js src

How can we configure proxy

Look at the README - Usage

coveralls: {
    options: {
      // LCOV coverage file relevant to every target
      src: 'coverage-results/lcov.info',

      // When true, grunt-coveralls will only print a warning rather than
      // an error, to prevent CI builds from failing unnecessarily (e.g. if
      // coveralls.io is down). Optional, defaults to false.
      force: false
 }
}

I think it should be

coveralls: {
     // LCOV coverage file relevant to every target
    src: 'coverage-results/lcov.info',
    options: {
      // When true, grunt-coveralls will only print a warning rather than
      // an error, to prevent CI builds from failing unnecessarily (e.g. if
      // coveralls.io is down). Optional, defaults to false.
      force: false
    }
}

I see some warnings with Node.js 0.10 as follows.

$ npm install --save-dev grunt-coveralls                                                                                         
npm WARN engine [email protected]: wanted: {"node":">=0.8.6","npm":"1.1.65"} (current: {"node":"0.10.29","npm":"1.4.21"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.29","npm":"1.4.21"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.29","npm":"1.4.21"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.29","npm":"1.4.21"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.29","npm":"1.4.21"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.29","npm":"1.4.21"})
[email protected] node_modules/grunt-coveralls
└── [email protected] ([email protected], [email protected], [email protected], [email protected])

Could you publish the latest package into npmjs.org?