Skip to content

deviceinsight/vulnerability-scan

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Installation

yarn add @deviceinsight/vulnerability-scan --dev
npm install @deviceinsight/vulnerability-scan --save-dev

Usage

scripts: {
  "vulnerability-scan": "vulnerability-scan --config vulnerability-scan.json",
}

Configuration

Vulnerability-scan uses audit-ci to provide the possibilitiy to set severity levels, advisory exclusions or even whitelists for moduless.

An error is returned if any results are found by the given configuration.

A config file can be passed by using the --config <path-to-file> flag.

The following configurations are possible:

{
    // [Optional] defaults `[]`
    "advisories": <number[]>,
    // [Optional] defaults `false`
    "pretty-print": <boolean>,
    // [Optional] defaults `undefined`
    "registry": <string>,
    // [Optional] defaults `high`
    "severity": <low|moderate|high|critical>,
    // [Optional] defaults `[]`
    "whitelist": <string[]>
}

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages