alu/tra-analysis
1
0
Fork 0
mirror of https://github.com/titanscouting/tra-analysis.git synced 2025-08-13 12:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
.github
apps
data analysis
website
functions
node_modules
.bin
@types
accepts
array-flatten
body-parser
buffer-equal-constant-time
bytes
content-disposition
content-type
cookie
cookie-signature
cors
debug
depd
destroy
ecdsa-sig-formatter
ee-first
encodeurl
escape-html
etag
express
finalhandler
firebase-functions
forwarded
fresh
http-errors
iconv-lite
inherits
ipaddr.js
jsonwebtoken
jwa
jws
lodash
lodash.includes
lodash.isboolean
lodash.isinteger
lodash.isnumber
lodash.isplainobject
lodash.isstring
lodash.once
media-typer
merge-descriptors
methods
mime
mime-db
mime-types
ms
negotiator
npm
bin
changelogs
doc
html
doc
cli
npm-access.html
npm-adduser.html
npm-audit.html
npm-bin.html
npm-bugs.html
npm-build.html
npm-bundle.html
npm-cache.html
npm-ci.html
npm-completion.html
npm-config.html
npm-dedupe.html
npm-deprecate.html
npm-dist-tag.html
npm-docs.html
npm-doctor.html
npm-edit.html
npm-explore.html
npm-help-search.html
npm-help.html
npm-hook.html
npm-init.html
npm-install-ci-test.html
npm-install-test.html
npm-install.html
npm-link.html
npm-logout.html
npm-ls.html
npm-outdated.html
npm-owner.html
npm-pack.html
npm-ping.html
npm-prefix.html
npm-profile.html
npm-prune.html
npm-publish.html
npm-rebuild.html
npm-repo.html
npm-restart.html
npm-root.html
npm-run-script.html
npm-search.html
npm-shrinkwrap.html
npm-star.html
npm-stars.html
npm-start.html
npm-stop.html
npm-team.html
npm-test.html
npm-token.html
npm-uninstall.html
npm-unpublish.html
npm-update.html
npm-version.html
npm-view.html
npm-whoami.html
npm.html
files
misc
README.html
index.html
static
docfoot.html
dochead.html
favicon.ico
index.html
lib
man
node_modules
scripts
.licensee.json
.mailmap
.npmignore
.travis.yml
AUTHORS
CHANGELOG.md
CONTRIBUTING.md
LICENSE
Makefile
README.md
appveyor.yml
configure
make.bat
package.json
object-assign
on-finished
parseurl
path-to-regexp
proxy-addr
qs
range-parser
raw-body
safe-buffer
safer-buffer
send
serve-static
setprototypeof
statuses
type-is
unpipe
utils-merge
vary
public
.firebaserc
.gitignore
.runtimeconfig.json
firebase.json
firestore.indexes.json
firestore.rules
package-lock.json
.gitattributes
.gitignore
CONTRIBUTING.md
LICENSE
README.md
a1d0cd37b773780cc01afcd0b437351694d1be6c
tra-analysis/website/node_modules/npm/html/doc/cli/npm-audit.html
Jacob Levine d2d5d4c04e push all website files
2019-01-06 13:14:45 -06:00

86 lines
6.2 KiB
HTML
Raw Blame History

<!doctype html>
<html>
<title>npm-audit</title>
<meta charset="utf-8">
<link rel="stylesheet" type="text/css" href="../../static/style.css">
<link rel="canonical" href="https://www.npmjs.org/doc/cli/npm-audit.html">
<script async=true src="../../static/toc.js"></script>
<body>
<div id="wrapper">
<h1><a href="../cli/npm-audit.html">npm-audit</a></h1> <p>Run a security audit</p>
<h2 id="synopsis">SYNOPSIS</h2>
<pre><code>npm audit [--json|--parseable]
npm audit fix [--force|--package-lock-only|--dry-run|--production|--only=dev]</code></pre><h2 id="examples">EXAMPLES</h2>
<p>Scan your project for vulnerabilities and automatically install any compatible
updates to vulnerable dependencies:</p>
<pre><code>$ npm audit fix</code></pre><p>Run <code>audit fix</code> without modifying <code>node_modules</code>, but still updating the
pkglock:</p>
<pre><code>$ npm audit fix --package-lock-only</code></pre><p>Skip updating <code>devDependencies</code>:</p>
<pre><code>$ npm audit fix --only=prod</code></pre><p>Have <code>audit fix</code> install semver-major updates to toplevel dependencies, not just
semver-compatible ones:</p>
<pre><code>$ npm audit fix --force</code></pre><p>Do a dry run to get an idea of what <code>audit fix</code> will do, and <em>also</em> output
install information in JSON format:</p>
<pre><code>$ npm audit fix --dry-run --json</code></pre><p>Scan your project for vulnerabilities and just show the details, without fixing
anything:</p>
<pre><code>$ npm audit</code></pre><p>Get the detailed audit report in JSON format:</p>
<pre><code>$ npm audit --json</code></pre><p>Get the detailed audit report in plain text result, separated by tab characters, allowing for
future reuse in scripting or command line post processing, like for example, selecting
some of the columns printed:</p>
<pre><code>$ npm audit --parseable</code></pre><p>To parse columns, you can use for example <code>awk</code>, and just print some of them:</p>
<pre><code>$ npm audit --parseable | awk -F $&#39;\t&#39; &#39;{print $1,$4}&#39;</code></pre><h2 id="description">DESCRIPTION</h2>
<p>The audit command submits a description of the dependencies configured in
your project to your default registry and asks for a report of known
vulnerabilities. The report returned includes instructions on how to act on
this information.</p>
<p>You can also have npm automatically fix the vulnerabilities by running <code>npm
audit fix</code>. Note that some vulnerabilities cannot be fixed automatically and
will require manual intervention or review. Also note that since <code>npm audit fix</code>
runs a full-fledged <code>npm install</code> under the hood, all configs that apply to the
installer will also apply to <code>npm install</code> -- so things like <code>npm audit fix
--package-lock-only</code> will work as expected.</p>
<h2 id="content-submitted">CONTENT SUBMITTED</h2>
<ul>
<li>npm_version</li>
<li>node_version</li>
<li>platform</li>
<li>node_env</li>
<li>A scrubbed version of your package-lock.json or npm-shrinkwrap.json</li>
</ul>
<h3 id="scrubbing">SCRUBBING</h3>
<p>In order to ensure that potentially sensitive information is not included in
the audit data bundle, some dependencies may have their names (and sometimes
versions) replaced with opaque non-reversible identifiers. It is done for
the following dependency types:</p>
<ul>
<li>Any module referencing a scope that is configured for a non-default
registry has its name scrubbed. (That is, a scope you did a <code>npm login --scope=@ourscope</code> for.)</li>
<li>All git dependencies have their names and specifiers scrubbed.</li>
<li>All remote tarball dependencies have their names and specifiers scrubbed.</li>
<li>All local directory and tarball dependencies have their names and specifiers scrubbed.</li>
</ul>
<p>The non-reversible identifiers are a sha256 of a session-specific UUID and the
value being replaced, ensuring a consistent value within the payload that is
different between runs.</p>
<h2 id="see-also">SEE ALSO</h2>
<ul>
<li><a href="../cli/npm-install.html">npm-install(1)</a></li>
<li><a href="../files/package-locks.html">package-locks(5)</a></li>
<li><a href="../misc/config.html">config(7)</a></li>
</ul>
</div>
<table border=0 cellspacing=0 cellpadding=0 id=npmlogo>
<tr><td style="width:180px;height:10px;background:rgb(237,127,127)" colspan=18>&nbsp;</td></tr>
<tr><td rowspan=4 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td><td style="width:40px;height:10px;background:#fff" colspan=4>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=4>&nbsp;</td><td style="width:40px;height:10px;background:#fff" colspan=4>&nbsp;</td><td rowspan=4 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td><td colspan=6 style="width:60px;height:10px;background:#fff">&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=4>&nbsp;</td></tr>
<tr><td colspan=2 style="width:20px;height:30px;background:#fff" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:#fff" rowspan=3>&nbsp;</td><td style="width:20px;height:10px;background:#fff" rowspan=4 colspan=2>&nbsp;</td><td style="width:10px;height:20px;background:rgb(237,127,127)" rowspan=2>&nbsp;</td><td style="width:10px;height:10px;background:#fff" rowspan=3>&nbsp;</td><td style="width:20px;height:10px;background:#fff" rowspan=3 colspan=2>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:#fff" rowspan=3>&nbsp;</td><td style="width:10px;height:10px;background:rgb(237,127,127)" rowspan=3>&nbsp;</td></tr>
<tr><td style="width:10px;height:10px;background:#fff" rowspan=2>&nbsp;</td></tr>
<tr><td style="width:10px;height:10px;background:#fff">&nbsp;</td></tr>
<tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6>&nbsp;</td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)">&nbsp;</td></tr>
<tr><td colspan=5 style="width:50px;height:10px;background:#fff">&nbsp;</td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4>&nbsp;</td><td style="width:90px;height:10px;background:#fff" colspan=9>&nbsp;</td></tr>
</table>
<p id="footer">npm-audit &mdash; npm@6.5.0</p>
Reference in New Issue View Git Blame Copy Permalink