better-npm-audit
better-npm-audit copied to clipboard
jeemok
The goal of this project is to provide additional features on top of the existing npm audit options
**Description** When using NPM version >= 8 the --omit=dev option is not passed through. Running the command `better-npm-audit audit -p` results in a warning by NPM advising you to use...
Hi, If in package.json github url is included then better-npm-audit throwing below error, any way is it possible to handle this scenario. package.json `{ "name": "my application", "version": "1.0.0", "description":...
I've added basic support for writing YAML in the nsprc configuration file. This was requested in issue #70. The basic idea was to use the package [yaml](https://www.npmjs.com/package/yaml) to parse the...
I and @dchahuan have implemented the specification of dev dependencies and production dependencies in the audit. This was requested in [issue #67](https://github.com/jeemok/better-npm-audit/issues/67). We completed this by always running a npm...
Really like the package. The only thing that kind of bothers me that running the audit doesn't show you if it affects a dev dependency or a production dependency. When...
Using the option `-m` can only ignore vulnerabilities in a specific package. It would be nice if we could ignore a whole package and it's child dependencies (packages installed by...
It would be very handy for us if we could target specific package versions in the --module-ignore flag so that we don't have to come back and manually update our...
It would be nice to be able to use YAML in `.nsprc` config file.
When an error occurs parsing the json from `npm audit` result while running `better-npm-audit audit`, the error message is: ``` Failed parsing .nsprc file: SyntaxError: Unexpected end of JSON input...
As mentioned in discussion #53, the `npm audit security report` table sometimes has unexpected spaces and missing letters. For example, a package with a dependency on `ansi-regex` (version 3.0.0 or...
