When running the tool in a CI workflow there are situations where we need to ignore findings. npm audit does not have a native ignore option. An option to add packages, versions, heirarchy, and reason for ignoring to a config file, possibly even with an expiration date, would be ideal. Or even only a CLI option would be useful. Thanks!
khastation
commented
2 weeks ago
When running the tool in a CI workflow there are situations where we need to ignore findings. npm audit does not have a native ignore option. An option to add packages, versions, heirarchy, and reason for ignoring to a config file, possibly even with an expiration date, would be ideal. Or even only a CLI option would be useful. Thanks!