Miss any of our Open RFC calls?Watch the recordings here! »

@laruiss/npm-audit-ci-wrapper

2.4.5 • Public • Published

NPM Audit Continuous Integration Wrapper

Build Status Quality Gate Code Coverage Bugs Quality Known Vulnerabilities

This utility is a wrapper around npm audit --json which allows for finer grained control over what will cause a CI build to fail. Options include setting the severity threshold and ignoring dev dependencies.

Installation

npm install --save-dev npm-audit-ci-wrapper

OR

npm install -g npm-audit-ci-wrapper

Usage

Usage: index.js [options]

    --help, -h
            Displays help information about this script
            'index.js -h' or 'index.js --help'

    --threshold, -t
            The threshold at which the audit should fail the build (low, moderate, high, critical)
            'npm-audit-ci-wrapper --threshold=high' or 'npm-audit-ci-wrapper -t high'

    --ignore-dev-dependencies, -p
            Tells the tool to ignore dev dependencies and only fail the build on runtime dependencies which exceed the threshold
            'npm-audit-ci-wrapper -p' or 'npm-audit-ci-wrapper --ignore-dev-dependencies'

    --json, -j
            Do not fail, just output the filtered JSON data which matches the specified threshold/scope (useful in combination with `npm-audit-html`)
            'npm-audit-ci-wrapper --threshold=high -p --json' or 'npm-audit-ci-wrapper -j'

    --registry, -r
            Submit the dependency report to and get the list of vulnerabilities from this npm registry. Useful when your default npm regsitry (i.e. npm config set registry) does not support the npm audit command.
            'npm-audit-ci-wrapper --registry=https://registry.npmjs.org/'

    --whitelist, -w
            Whitelist the given dependency at the specified version or all versions (Can be specified multiple times).
            'npm-audit-ci-wrapper -w https-proxy-agent' or 'npm-audit-ci-wrapper -w https-proxy-agent:*' or 'npm-audit-ci-wrapper --whitelist=https-proxy-agent:1.0.0'

Install

npm i @laruiss/npm-audit-ci-wrapper

DownloadsWeekly Downloads

3

Version

2.4.5

License

Apache-2.0

Unpacked Size

75.6 kB

Total Files

17

Last publish

Collaborators

  • avatar