NightLore
commented
4 years ago Does not seem to help:
npm-audit-report does not lookup the packages, simply runs npm audit on a given package.json
npm-audit-resolver -- not from npm, simply adds more commands for managing audit information
npm-audit-html -- not from npm, adds a command to take in audit information and output it in html format
audit-ci, npm-audit-ci -- not from npm, adds ability to connect audit to Travis-CI
npm-audit-helper -- supports the audit command by making it easier to resolve vulnerabilities
Article on npm audit limitations: https://blog.sonatype.com/beyond-npm-audit Sounds like npm audit uses OSS Index: https://ossindex.sonatype.org/doc/rest