yarn icon indicating copy to clipboard operation
yarn copied to clipboard
verified publisher icon yarnpkg

Allow any registry to be used for auditing

Open cheesestringer opened this issue 7 years ago • 5 comments

Summary

Allow auditing against any registry. This is useful for auditing against a private or whitelisted registry. For example, in our organisation npmjs is allowed while yarnpkg is blocked :(

Test plan

Command: yarn audit Output: An unexpected error occurred: "https://registry.yarnpkg.com/-/npm/v1/security/audits: getaddrinfo ENOTFOUND registry.yarnpkg.com registry.yarnpkg.com:443".

Command: yarn audit --registry https://registry.npmjs.org Output: 0 vulnerabilities found - Packages audited: 46500

Command: yarn audit --registry https://artifactory.dev.company/artifactory/api/npm/npm-dev Output: error Your configured registry "https://artifactory.dev.company/artifactory/api/npm/npm-dev" does not support audit requests.

cheesestringer avatar Oct 04 '18 06:10 cheesestringer

Also experiencing this same problem

adamscybot avatar Feb 07 '19 13:02 adamscybot

Duplicate of #7263.

Hi @cheesestringer, I suggest you closing this pull request and applying your knowledge on reviewing the #7263

eugenesimakin avatar Sep 05 '19 14:09 eugenesimakin

Forgot all about this. Fixed the conflicts but happy to close this for the newer PR.

cheesestringer avatar Sep 08 '19 09:09 cheesestringer

Any updates regarding this?

HansAarneLiblik avatar May 29 '23 06:05 HansAarneLiblik

greetings from 2025

GeorgeWL avatar Apr 25 '25 16:04 GeorgeWL