LinuxCommandLibrary

npm-audit

scans for security vulnerabilities

TLDR

Audit dependencies

$ npm audit
copy
Fix vulnerabilities
$ npm audit fix
copy
Force fix (breaking changes)
$ npm audit fix --force
copy
Output as JSON
$ npm audit --json
copy
Audit production only
$ npm audit --production
copy
Set audit level
$ npm audit --audit-level=[high]
copy

SYNOPSIS

npm audit [options]

DESCRIPTION

npm audit scans for security vulnerabilities. Checks packages against known issues.
The command reports security advisories. Can automatically fix some issues.

PARAMETERS

fix

Automatically fix issues.
--force
Force updates (may break).
--json
JSON output format.
--production
Production deps only.
--audit-level LEVEL
Minimum severity.
--help
Display help information.

CAVEATS

Requires network. May suggest breaking updates. Review before force fixing.

HISTORY

npm audit was added to npm 6 to provide automated security vulnerability scanning.

SEE ALSO

npm(1), npm-fund(1), snyk(1)

> TERMINAL_GEAR

Curated for the Linux community

Copied to clipboard

> TERMINAL_GEAR

Curated for the Linux community