Skip to content

What does the N and Y letters mean at the end of npm audit --parseable in npm 6? #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Uko opened this issue Sep 21, 2020 · 1 comment
Closed

What does the N and Y letters mean at the end of npm audit --parseable in npm 6? #44

Uko opened this issue Sep 21, 2020 · 1 comment

Comments

@Uko
Copy link

Uko commented Sep 21, 2020

Hi, as many other people I'm using npm 6. When I run npm audit --parseable I get a nice tabular output which has Y, N or nothing in the end of each line. Can someone explain to me what that means, because I couldn't figure that out from the source code.

Hare is an example of the output:

update  bl  high    npm update bl --depth 4 Remote Memory Exposure  https://npmjs.com/advisories/1555   exceljs>archiver>tar-stream>bl  N
review  cryptiles   high    >=4.1.2 Insufficient Entropy    https://npmjs.com/advisories/1464   uko-solr-client>request>hawk>cryptiles
install exceljs moderate    npm install exceljs@4.1.1   Cross-Site Scripting    https://npmjs.com/advisories/733    exceljs Y
review  hoek    moderate    > 4.2.0 < 5.0.0 || >= 5.0.3 Prototype Pollution https://npmjs.com/advisories/566    uko-solr-client>request>hawk>boom>hoek
@wraithgar
Copy link
Member

It indicates that a breaking change is required to resolve the advisory

npm-audit-report/reporters/parseable.js

Line 27 in 1390024

l.breaking = recommendation.isBreaking ? 'Y' : 'N'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wraithgar @Uko