Settings

Theme

Show HN: NPM-Audit-to-Report

github.com

5 points by yehors a year ago · 5 comments

Reader
thangngoc89 a year ago

The README is kinda light on details. This is a utility written in Go that convert yarn’s audit file from json to Markdown for reporting as part of the CI pipeline.

I’m wondering if yarn’s audit is better than npm’s audit?

  • yehorsOP a year ago

    Actually, it's the same. As I understand they use one database.

cluckindan a year ago

Why not use

    npm audit --json
and just pass it to a template?
  • yehorsOP a year ago

    Not easy it sounds. Generated file has JSONL and each has summary or advisory lines. My script just processes them to a Markdown in Go.

  • thangngoc89 a year ago

    The script seems to be invoking yarn audit --json and does the templating.

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection