Show HN: NPM-Audit-to-Report
github.comThe README is kinda light on details. This is a utility written in Go that convert yarn’s audit file from json to Markdown for reporting as part of the CI pipeline.
I’m wondering if yarn’s audit is better than npm’s audit?
Actually, it's the same. As I understand they use one database.
Why not use
npm audit --json
Not easy it sounds. Generated file has JSONL and each has summary or advisory lines. My script just processes them to a Markdown in Go.
The script seems to be invoking yarn audit --json and does the templating.