Erlend Oftedal

It currently reports every file it find that contains a certain vulnerability (or every module) and there is no way to filter that, because they are actually separate findings.

@mathuriga Maybe we could add a flag that would merge redundant findings... Is this something you need for console output, or JSON output ?

I can certainly see how this could be useful, and we could always add "Informational" as a severity. The biggest issues I see though is the need to maintain the...

Good idea. If we do this, we should add it as an new command line parameter (`--color`), because people may rely on the current output

@sorezzz Would you mind testing [email protected] and see if that works for you?

Yeah, I agree the second option is the best. Would you care to submit a Pull request?

You are right. Looks like it has been refactored out. Do you need this functionality or can I just drop "dropexternal" ?

Ouch. I forgot about this. I appologize. The original idea behind --jsRepo was to allow users in an airgapped/firewalled network, to copy the jsrepository.json from github and put it in...

Yes, I can do that. I would like to remove `dropExternal` and modify the `jsRepo` and `nodeRepo` to support comma separated lists of repos. `node --jsRepo 'central',https://example.com/myRepo.json,/some/local/path/repo.json` `'central'` is a...

Good idea. We should be able to add that