NPM Audit Plus Plus

This is a tool to help report npm audit in xml format for e.g. CI/CD for gitlab.

npm audit --json | npx npm-audit-plus-plus > npm-audit-plus-plus.xml
npm audit --production --json | npx npm-audit-plus-plus > npm-audit-plus-plus.xml
npm audit --omit=dev --json | npx npm-audit-plus-plus > npm-audit-plus-plus.xml

The tool is similar to npm-audit-plus but splits npm audit execution to be able to run npm audit with custom arguments.

node version <= 14

Instead of npx you could use npm i -D npm-audit-plus-plus@latest -f to force to run it. Command has a limitation in package.json that it needs Node>16. But it seems to run fine with Node 14. Add a script to package.json:

{
  "scripts": {
    "ci:audit": "npm audit --json --production | npm-audit-plus-plus > npm-audit.junit.xml"
  }
}

Developing

npm i - to install dependencies
npm t - to parse all json files in test/fixtures. See if the changes are still valid.

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
.vscode		.vscode
dist		dist
docs		docs
fixtures		fixtures
src		src
.DS_Store		.DS_Store
.babelrc		.babelrc
.gitignore		.gitignore
README.md		README.md
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.vscode

.vscode

dist

dist

docs

docs

fixtures

fixtures

src

src

.DS_Store

.DS_Store

.babelrc

.babelrc

.gitignore

.gitignore

README.md

README.md

package-lock.json

package-lock.json

package.json

package.json

tsconfig.json

tsconfig.json

Repository files navigation

NPM Audit Plus Plus

node version <= 14

Developing

Docs

About

Releases

Packages

Languages

rkristelijn/npm-audit-plus-plus

Folders and files

Latest commit

History

Repository files navigation

NPM Audit Plus Plus

node version <= 14

Developing

Docs

About

Resources

Stars

Watchers

Forks

Languages