Open nprail opened 4 years ago
Hello,
If I could suggest two more features:
auditReportVersion:2
JSON format (in case anyone like me generate the NPM audit JSON report with @npmcli/arborist
and npm-audit-report
Anyway your library is nice, wish you the best
Best regards,
@cguy Thanks for the ideas!
Technically, you actually could use npm-audit-html
's API directly. It is just undocumented. And lib/reporter.js
should probably be set as the main
file in the package.json
.
Adding support for auditReportVersion:2
is definitely a must as well.
@nprail Thank you for your answer.
Actually, I already checked the reporter file. My concern is it always writes a file on the file system, however through API I could be excepting to get the HTML String :)
Regarding version 2 of the report version, it's quite simple, there is only one layer added after vulnerabilities (the new name of "adventories").
I forked your project for immediate need (added my own ugly code), but it works.
@cguy Ah, I see. I think it makes sense to move the actual file writing to the CLI and keep the reporter more abstracted from the system.
Yeah, I took a look at the version 2 spec and it doesn't look too bad at all. I'm planning on making a way for there to be various "adapters" for different audit specs like Yarn (#36), v1 and v2.
The second major version of
npm-audit-html
will have a few major new features.npm-audit
clients such as Yarn. - #36auditReportVersion
2 - #43Join the conversation on Slack!
https://slack.event1.io