yarn-audit-ci
CI-friendly yarn audit wrapper. Only returns a non-zero exit code for at least the requested severity level.
Installation
$ yarn add yarn-audit-ci --devUsage
In the console:
$ yarn-audit-ci // only fail on critical issues (default)$ yarn-audit-ci --critical // only fail on critical issues (explicit)$ yarn-audit-ci --high // only fail on high or critical issues$ yarn-audit-ci --moderate // only fail on at least moderate issues$ yarn-audit-ci --low // only fail on at least low issues$ yarn-audit-ci --info // fail on any issuesUsing shorter options:
$ yarn-audit-ci -c // only fail on critical issues (explicit)$ yarn-audit-ci -h // only fail on high or critical issues$ yarn-audit-ci -m // only fail on at least moderate issues$ yarn-audit-ci -l // only fail on at least low issues$ yarn-audit-ci -i // fail on any issuesUsing a shorter yaudit alias:
$ yaudit$ yaudit -h$ yaudit --highIn the console using yarn:
$ yarn yarn-audit-ci --high$ yarn yaudit --highIn the package.json
// package.json"scripts": "audit": "yarn-audit-ci" // console$ yarn run auditIn the package.json using a script name different from audit, which is a yarn CLI command thus explicit run in the previous example:
// package.json"scripts": "audit:ci": "yarn-audit-ci" "audit:high": "yarn-audit-ci --high" // console$ yarn audit:ci$ yarn audit:highIn the package.json using a yaudit alias:
// package.json"scripts": "audit:high": "yaudit --high" // console$ yarn audit:highIn package.json in combination with the yall-scripts tool:
// package.json"scripts": "audit": "yaudit" "check": "eslint ./src" "test": "jest ./src" "all": "yall audit check test" // console$ yarn all