README
pnpm
CI tools forThis project provides packages that allow certain pnpm commands to be used in a CI/CD environment.
Build Status
Audit
This package provides a command that allows pnpm audit to be used in a CI/CD environment.
This project was inspired by similar tools available for npm and yarn
Check for all advisories.
pnpx pnpm-ci-tools audit
Set the Minimum Severity Level of Advisories (--audit-level)
Only advisories that meet the minimum severity level are reported.
pnpx pnpm-ci-tools audit --audit-level=[low,moderate,high,critical]
Ignore Specific Advisories (--ignore-advisories, -i)
Advisories with the specified id
values are not reported.
pnpx pnpm-ci-tools audit -i 123,456
or
pnpx pnpm-ci-tools audit -i 123 -i 456
Strict Mode (--strict)
In this mode, any advisory that is ignored using --ignore-advisories
but is not detected by the audit will cause the command to fail.
pnpx pnpm-ci-tools audit -i 123,456 --strict
Local Installation
As an alternative to using pnpx
, this package can be installed as a dev dependency in a project and run from an npm script.
pnpm add -D pnpm-ci-tools
If installing this package in a monorepo that uses pnpm workspaces then install it in the workspace root using:
pnpm add -D -w pnpm-ci-tools