Dark Hacker News
new
|
best
|
ask
|
show
|
jobs
Show HN: NPM-Audit-to-Report
(github.com)
5 points
by
yehors
1 year ago
| 5 comments
Show HN: NPM-Audit-to-Report | Dark Hacker News
thangngoc89
1 year ago
|
next
[−]
The README is kinda light on details. This is a utility written in Go that convert yarn’s audit file from json to Markdown for reporting as part of the CI pipeline.
I’m wondering if yarn’s audit is better than npm’s audit?
yehors
1 year ago
|
parent
|
next
[−]
Actually, it's the same. As I understand they use one database.
cluckindan
1 year ago
|
next
[−]
Why not use
npm audit --json
and just pass it to a template?
yehors
1 year ago
|
parent
|
next
[−]
Not easy it sounds. Generated file has JSONL and each has summary or advisory lines. My script just processes them to a Markdown in Go.
thangngoc89
1 year ago
|
parent
|
next
[−]
The script seems to be invoking yarn audit --json and does the templating.