Open gabrielcipriano opened 1 year ago
Hey Gabriel, thanks for reaching out to me. Interesting case you have there! Your first solution makes the most sense to me since it allows for flexibility in other potential situations in the future. I'll add the support for that in a new release. I should have something releasable in a couple of days :)
Thats great! if there is anything that I could help, please reach me out
I recently added a private npm package to my project. Now when I run
package-audit
, it gives the following error:This happens because some private registries doesn't supports
npm audit yet
(in my case, azure devOps artifacts)azure's documentation suggests to run
npm audit
only on public packages :but when using
npm-audit
we are not able to pass arguments to thenpm audit
called internally.Possible solutions:
allow users to pass aditional arguments to the
npm audit
call:obs: note the same syntax of passing aditional args to a
npm run
command (with everything after--
being passed to thenpm audit
command directly.solve only this particular case with a new flag (maybe
--publicOnly
), that internally adds--registry=https://registry.npmjs.org/
to thenpm audit
call: