diff options
author | Leonard Martin <leonard.martin@gmail.com> | 2018-08-03 19:17:52 +0300 |
---|---|---|
committer | Kat Marchán <kzm@zkat.tech> | 2018-08-03 19:17:52 +0300 |
commit | 792c8c709dc7a445687aa0c8cba5c50bc4ed83fd (patch) | |
tree | 8217d5b351c7fe53970a49684027c67297f7a4f3 /doc | |
parent | 32e6947c60db865257a0ebc2f7e754fedf7a6fc9 (diff) |
audit: configurable audit level for non-zero exit (#31)
`npm audit` currently exits with exit code 1 if any vulnerabilities are found of any level.
Add a flag of `--audit-level` to `npm audit` to allow it to pass if only vulnerabilities below a certain level are found.
Example: `npm audit --audit-level=high` will exit with 0 if only low or moderate level vulns are detected.
Fixes: https://npm.community/t/245
PR-URL: https://github.com/npm/cli/pull/31
Credit: @lennym
Reviewed-By: @zkat
Diffstat (limited to 'doc')
-rw-r--r-- | doc/misc/npm-config.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/misc/npm-config.md b/doc/misc/npm-config.md index e2f0a847a..098693423 100644 --- a/doc/misc/npm-config.md +++ b/doc/misc/npm-config.md @@ -164,6 +164,14 @@ When "true" submit audit reports alongside `npm install` runs to the default registry and all registries configured for scopes. See the documentation for npm-audit(1) for details on what is submitted. +### audit-level + +* Default: `"low"` +* Type: `'low'`, `'moderate'`, `'high'`, `'critical'` + +The minimum level of vulnerability for `npm audit` to exit with +a non-zero exit code. + ### auth-type * Default: `'legacy'` |