@deviceinsight/vulnerability-scan

``` yarn add @deviceinsight/vulnerability-scan --dev npm install @deviceinsight/vulnerability-scan --save-dev ```

Usage no npm install needed!

<script type="module">
  import deviceinsightVulnerabilityScan from 'https://cdn.skypack.dev/@deviceinsight/vulnerability-scan';
</script>

README

Installation

yarn add @deviceinsight/vulnerability-scan --dev
npm install @deviceinsight/vulnerability-scan --save-dev

Usage

scripts: {
  "vulnerability-scan": "vulnerability-scan --config vulnerability-scan.json",
}

Configuration

Vulnerability-scan uses audit-ci to provide the possibilitiy to set severity levels, advisory exclusions or even whitelists for moduless.

An error is returned if any results are found by the given configuration.

A config file can be passed by using the --config <path-to-file> flag.

The following configurations are possible:

{
    // [Optional] defaults `[]`
    "advisories": <number[]>,
    // [Optional] defaults `false`
    "pretty-print": <boolean>,
    // [Optional] defaults `undefined`
    "registry": <string>,
    // [Optional] defaults `high`
    "severity": <low|moderate|high|critical>,
    // [Optional] defaults `[]`
    "whitelist": <string[]>
}