InfoSec812 / npm-audit-ci-wrapper

A wrapper for 'npm audit' which can be configurable for use in a CI/CD tool like Jenkins

Apache License 2.0

13 stars 11 forks source link

Issue 72: npm version update breaking dev dependency filter #73

Closed InfoSec812 closed 4 years ago

InfoSec812 commented 4 years ago

Resolves #72

Description

The "dev" field which used to be in the advisories section of the npm audit JSON output has been removed in newer NPM versions. This change allows that information to be gleaned from the "Actions" information in the npm audit data.

jland-redhat commented 4 years ago

I was able to follow along, and the logic looks sound to me.