yarn-audit-ci
CI-friendly yarn audit wrapper. Only returns a non-zero exit code for at least the requested severity level.
Installation
$ yarn add yarn-audit-ci --dev
Usage
In the console:
$ yarn-audit-ci // only fail on critical issues (default)$ yarn-audit-ci --critical // only fail on critical issues (explicit)$ yarn-audit-ci --high // only fail on high or critical issues$ yarn-audit-ci --moderate // only fail on at least moderate issues$ yarn-audit-ci --low // only fail on at least low issues$ yarn-audit-ci --info // fail on any issues
Using shorter options:
$ yarn-audit-ci -c // only fail on critical issues (explicit)$ yarn-audit-ci -h // only fail on high or critical issues$ yarn-audit-ci -m // only fail on at least moderate issues$ yarn-audit-ci -l // only fail on at least low issues$ yarn-audit-ci -i // fail on any issues
Using a shorter yaudit
alias:
$ yaudit$ yaudit -h$ yaudit --high
In the console using yarn:
$ yarn yarn-audit-ci --high$ yarn yaudit --high
In the package.json
// package.json"scripts": "audit": "yarn-audit-ci" // console$ yarn run audit
In the package.json
using a script name different from audit
, which is a yarn CLI command thus explicit run
in the previous example:
// package.json"scripts": "audit:ci": "yarn-audit-ci" "audit:high": "yarn-audit-ci --high" // console$ yarn audit:ci$ yarn audit:high
In the package.json
using a yaudit
alias:
// package.json"scripts": "audit:high": "yaudit --high" // console$ yarn audit:high
In package.json
in combination with the yall-scripts tool:
// package.json"scripts": "audit": "yaudit" "check": "eslint ./src" "test": "jest ./src" "all": "yall audit check test" // console$ yarn all