better-npm-audit icon indicating copy to clipboard operation
better-npm-audit copied to clipboard

Published 20 hours ago verified publisher icon jeemok

Audit should provide info if it affects dev dependency or production

Open florianbader opened this issue 3 years ago • 3 comments

Really like the package. The only thing that kind of bothers me that running the audit doesn't show you if it affects a dev dependency or a production dependency. When running the audit it would be great to have a separate column that indicates if the found vulnerability only affects a dev dependency or also a production dependency. This makes it easier to decide if it should be excluded e.g. high severity on dev dependency is probably not as problematic as on production dependencies.

florianbader avatar Jan 28 '22 12:01 florianbader

@jeemok Hey! Is help still needed on this issue?

bencivjan avatar Apr 11 '22 14:04 bencivjan

hey @bencivjan, yes please! :)

jeemok avatar Apr 12 '22 10:04 jeemok

@jeemok Hey would you like this to be added as a column or a another table?

dchahuan avatar May 12 '22 09:05 dchahuan