Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found at or above a configurable threshold while ignoring allowlisted advisories
335 fixes this issue. Thank you for reporting. We haven't had coverage on the command line parser; we should add that. I've released v7.0.1 with this fix and highlighted in our release notes to skip v7.0.0.
After updating to v7 command line arguments are ignored
e.g.,
npx audit-ci@^7 --help
audit-ci --help
and any others perform scan and return results, e.g.
That happen with any argument, e.g., including config.
OS: MacOS 14.5 @ ARM Node: v18.19.1
That also happens inside docker images.
Version 6 works properly on the same machine.