npm
Sign UpSign In

This package has been deprecated

Author message:

Renamed to audit-cache

@medic/audit-dependencies

1.0.0 • Public • Published

Intro

npm audit is great but...

  1. there's no way to whitelist advisories so you don't see them again, and
  2. if you run it all the time (eg: as part of CI) it'll block you.

Usage

  1. Run npx @medic/audit-dependencies audit. This will run npm audit. If you have any advisories, either fix them, or add the IDs to the permitted array in the .auditrc.json file, then run audit again.
  2. In your CI add a step for npx @medic/audit-dependencies check. This will check your package-lock.json against the one that's been verified and fail if it's changed.

Readme

Keywords

Package Sidebar

Install

npm i @medic/audit-dependencies

Repository

github.com/medic/audit-dependencies

Homepage

github.com/medic/audit-dependencies#readme

Weekly Downloads

2

Version

1.0.0

License

Apache-2.0

Unpacked Size

22 kB

Total Files

11

Last publish

Collaborators

  • derickl
  • inromualdo
  • ernestoteo
  • medic-ci
  • craig_modules
  • njuguna-medic
  • garethbowen
  • hgalemayehu
  • abbyad
  • twd
  • kennsippell
Try on RunKit
Report malware