auditjs icon indicating copy to clipboard operation
auditjs copied to clipboard

Published 20 hours ago verified publisher icon sonatype-nexus-community

[FEATURE] Show only vulnerable dependencies by default

Open DarthHater opened this issue 4 years ago • 0 comments

  • What are you trying to do?

In our user testing we have noticed that people usually just want to see the dependencies (and vulnerabilities) that are vulnerable, not an entire list. We've switched some of the tools over to doing this, and added a --loud or some equivalent to output EVERYTHING.

  • What feature or behavior is this required for?

It basically just makes the tool get right to the point, which is handy!

  • How could we solve this issue? (Not knowing is okay!)

Output should be something like (in default mode):

  • AuditJS banner
  • AuditJS Version
  • Status Updates
  • Vulnerable Dependencies Found
  • Summary Table of how many dependencies scanned, how many vulnerable dependencies found

For a loud output:

  • AuditJS banner
  • AuditJS Version
  • Status Updates
  • Non Vulnerable Dependencies Found
  • Vulnerable Dependencies Found
  • Summary Table of how many dependencies scanned, how many vulnerable dependencies found
  • Anything else?

Have fun! Ask questions, I can easily provide more information if need be!

cc @bhamail / @DarthHater / @allenhsieh / @ken-duck

DarthHater avatar Oct 05 '20 21:10 DarthHater