diff options
| author | Leonard Martin <leonard.martin@gmail.com> | 2018-08-03 19:17:52 +0300 |
|---|---|---|
| committer | Kat Marchán <kzm@zkat.tech> | 2018-08-03 19:17:52 +0300 |
| commit | 792c8c709dc7a445687aa0c8cba5c50bc4ed83fd (patch) | |
| tree | 8217d5b351c7fe53970a49684027c67297f7a4f3 /lib | |
| parent | 32e6947c60db865257a0ebc2f7e754fedf7a6fc9 (diff) | |
audit: configurable audit level for non-zero exit (#31)
`npm audit` currently exits with exit code 1 if any vulnerabilities are found of any level.
Add a flag of `--audit-level` to `npm audit` to allow it to pass if only vulnerabilities below a certain level are found.
Example: `npm audit --audit-level=high` will exit with 0 if only low or moderate level vulns are detected.
Fixes: https://npm.community/t/245
PR-URL: https://github.com/npm/cli/pull/31
Credit: @lennym
Reviewed-By: @zkat
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/audit.js | 10 | ||||
| -rw-r--r-- | lib/config/defaults.js | 2 |
2 files changed, 7 insertions, 5 deletions
diff --git a/lib/audit.js b/lib/audit.js index d1beb046f..06852610e 100644 --- a/lib/audit.js +++ b/lib/audit.js @@ -257,11 +257,11 @@ function auditCmd (args, cb) { }) }) } else { - const vulns = - auditResult.metadata.vulnerabilities.low + - auditResult.metadata.vulnerabilities.moderate + - auditResult.metadata.vulnerabilities.high + - auditResult.metadata.vulnerabilities.critical + const levels = ['low', 'moderate', 'high', 'critical'] + const minLevel = levels.indexOf(npm.config.get('audit-level')) + const vulns = levels.reduce((count, level, i) => { + return i < minLevel ? count : count + (auditResult.metadata.vulnerabilities[level] || 0) + }, 0) if (vulns > 0) process.exitCode = 1 if (npm.config.get('parseable')) { return audit.printParseableReport(auditResult) diff --git a/lib/config/defaults.js b/lib/config/defaults.js index 21c652657..920910677 100644 --- a/lib/config/defaults.js +++ b/lib/config/defaults.js @@ -110,6 +110,7 @@ Object.defineProperty(exports, 'defaults', {get: function () { 'always-auth': false, also: null, audit: true, + 'audit-level': 'low', 'auth-type': 'legacy', 'bin-links': true, @@ -257,6 +258,7 @@ exports.types = { 'always-auth': Boolean, also: [null, 'dev', 'development'], audit: Boolean, + 'audit-level': ['low', 'moderate', 'high', 'critical'], 'auth-type': ['legacy', 'sso', 'saml', 'oauth'], 'bin-links': Boolean, browser: [null, String], |