Miss any of our Open RFC calls?Watch the recordings here! »

npm-audit-ci-wrapper

3.0.1 • Public • Published

NPM Audit Continuous Integration Wrapper

Quality Gate Status Coverage Bugs Maintainability Rating Known Vulnerabilities

This utility is a wrapper around npm audit --json which allows for finer grained control over what will cause a CI build to fail. Options include setting the severity threshold and ignoring dev dependencies.

Installation

npm install --save-dev npm-audit-ci-wrapper

OR

npm install -g npm-audit-ci-wrapper

OR

npx npm-audit-ci-wrapper@latest

Usage

Usage: npm-audit-ci-wrapper [options]

    --help, -h
        Displays help information about this script
        'npm-audit-ci-wrapper -h' or 'npm-audit-ci-wrapper --help'

    --threshold, -t
        The threshold at which the audit should fail the build (low, moderate, high, critical)
        'npm-audit-ci-wrapper --threshold=high' or 'npm-audit-ci-wrapper -t high'

    --ignore-dev-dependencies, -p
        Tells the tool to ignore dev dependencies and only fail the build on runtime dependencies which exceed the threshold
        'npm-audit-ci-wrapper -p' or 'npm-audit-ci-wrapper --ignore-dev-dependencies'

    --json, -j
        Do not fail, just output the filtered JSON data which matches the specified threshold/scope (useful in combination with `npm-audit-html`)
        'npm-audit-ci-wrapper --threshold=high -p --json' or 'npm-audit-ci-wrapper -j'

    --registry, -r
        Set an alternate NPM registry server. Useful when your default npm regsitry (i.e. npm config set registry) does not support the npm audit command.
        'npm-audit-ci-wrapper --registry=https://registry.npmjs.org/'

    --whitelist, -w
        Whitelist the given dependency at the specified version or all versions (Can be specified multiple times).
        'npm-audit-ci-wrapper -w https-proxy-agent' or 'npm-audit-ci-wrapper -w https-proxy-agent:*' or 'npm-audit-ci-wrapper --whitelist=https-proxy-agent:1.0.0'

    --version, -v
        Output the version of npm-audit-ci-wrapper and then exit
        'npm-audit-ci-wrapper -v' or 'npm-audit-ci-wrapper --version'

Install

npm i npm-audit-ci-wrapper

DownloadsWeekly Downloads

9,328

Version

3.0.1

License

Apache-2.0

Unpacked Size

47.6 kB

Total Files

8

Last publish

Collaborators

  • avatar