UNPKG

yarn-audit-html

Version:

Generate a HTML report for Yarn Audit

davityavryan/yarn-audit-html

74 lines (51 loc) 2.86 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# yarn-audit-html [![](https://img.shields.io/npm/v/yarn-audit-html?logo=npm)](https://www.npmjs.com/package/yarn-audit-html) [![](https://img.shields.io/npm/dw/yarn-audit-html?logo=npm)](https://www.npmjs.com/package/yarn-audit-html) [![](https://snyk.io/test/github/davityavryan/yarn-audit-html/badge.svg)](https://snyk.io/test/github/davityavryan/yarn-audit-html) ![](https://img.shields.io/github/last-commit/davityavryan/yarn-audit-html.svg?style=flat-square&logo=github) [![](https://img.shields.io/node/v/yarn-audit-html?logo=node.js)](https://github.com/nodejs/release#release-schedule) [![](https://flat.badgen.net/packagephobia/install/yarn-audit-html?logo=packagephobia)](https://packagephobia.now.sh/result?p=yarn-audit-html) [![](https://codecov.io/gh/davityavryan/yarn-audit-html/branch/master/graph/badge.svg?token=8HXXAIN7OY)](https://codecov.io/gh/davityavryan/yarn-audit-html) [![PayPal.me](https://img.shields.io/badge/PayPal-donate-blue?style=for-the-badge&logo=paypal)](https://www.buymeacoffee.com/davityavryan) [![Buy me a coffee](https://img.shields.io/badge/Buy%20me%20a%20coffee-donate-yellow?style=for-the-badge&logo=buymeacoffee)](https://www.buymeacoffee.com/davityavryan) ## Generate a HTML report for Yarn Audit ## Install ```bash yarn add -D yarn-audit-html # or globally yarn global add yarn-audit-html ``` ## Usage To generate a report, run the following: ### Yarn V1 ```bash yarn audit --json | yarn yarn-audit-html ``` ### Yarn V2+ ```bash yarn npm audit --json | yarn yarn-audit-html ``` By default, unique vulnerability list will be generated (Grouped by `MODULE_NAME`, `VERSION`, `VULNERABLE_VERSIONS`, `ADVISORY_CREATED_DATE` and `CWE`) to `yarn-audit.html`. This way, even if same version of package has multiple vulnerabilities, they will be counted. If you want to specify the output file, add the `--output` option: ```bash yarn audit --json | yarn yarn-audit-html --output report.html ``` You can also fully customize the generated report by providing `--template` option followed by your own EJS template: ```bash yarn audit --json | yarn yarn-audit-html --template ./my-awesome-template.ejs ``` There is also a possibility to change default theme(materia) to any of available in [Bootswatch](https://bootswatch.com/#:~:text=Cerulean) with `--theme` option followed by theme name: p.s. In future major release default template will change to dark theme. ```bash yarn audit --json | yarn yarn-audit-html --theme darkly ``` If you'd like the generator to exit with non-zero exit code when vulnerabilities are found, you can add the `--fatal-exit-code` option: ```bash yarn audit --json | yarn yarn-audit-html --fatal-exit-code ``` Inspired by [npm-audit-html](https://github.com/Filiosoft/npm-audit-html) package. See changelog [here](https://github.com/davityavryan/yarn-audit-html/releases).