npm-audit-sarif/README.md

A tool for converting npm-audit json output to sarif format

npm-audit-sarif is a Node based tool for transforming npm audit json output to sarif format.

The purpose is for importing the npm audit vulnerabilities into static analysis tools such as SonarQube for the tracking of npm-audit issues.

```
   npm install npm-audit-sarif
```

To see a list of options run

```
npx npm-audit-sarif


Usage: npm-audit-sarif [options] <filename>

Options:
      --help     Show help                                             [boolean]
      --version  Show version number                                   [boolean]
  -o, --output   Output filename                                        [string]
  -r, --root     Root directory                                         [string]

Not enough non-option arguments: got 0, need at least 1
```