Issue
I want to fail the packaging script for my application if the npm install shows vulnerabilities with high severity.
Example:
added 137 packages from 151 contributors and audited 4041 packages in 8.689s
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
What I have now I'm doing it with grep, but this does not sound like a good solution because minor output adjustments of the audit can break it without finding it out immediately.
function npm-prod-install-audit() {
if npm install --no-optional --only=prod | grep "high severity";then
echo "Audit failed! 🖐 Please update your packages."
exit 1
else
echo "Audit passed ✅";
fi
}
Is there any proper solution on this?
Solution
You can use npm audit
https://docs.npmjs.com/cli/audit. It will exit with non-zero return code if there are vulnerabilities found. You can control on which level you want to fail by using --audit-level=(low|moderate|high|critical)
.
Answered By - Bibick Answer Checked By - David Marino (WPSolving Volunteer)