diff options
Diffstat (limited to 'deps/node/deps/npm/man/man1/npm-audit.1')
-rw-r--r-- | deps/node/deps/npm/man/man1/npm-audit.1 | 150 |
1 files changed, 0 insertions, 150 deletions
diff --git a/deps/node/deps/npm/man/man1/npm-audit.1 b/deps/node/deps/npm/man/man1/npm-audit.1 deleted file mode 100644 index dee3bb03..00000000 --- a/deps/node/deps/npm/man/man1/npm-audit.1 +++ /dev/null @@ -1,150 +0,0 @@ -.TH "NPM\-AUDIT" "1" "January 2019" "" "" -.SH "NAME" -\fBnpm-audit\fR \- Run a security audit -.SH SYNOPSIS -.P -.RS 2 -.nf -npm audit [\-\-json|\-\-parseable] -npm audit fix [\-\-force|\-\-package\-lock\-only|\-\-dry\-run|\-\-production|\-\-only=dev] -.fi -.RE -.SH EXAMPLES -.P -Scan your project for vulnerabilities and automatically install any compatible -updates to vulnerable dependencies: -.P -.RS 2 -.nf -$ npm audit fix -.fi -.RE -.P -Run \fBaudit fix\fP without modifying \fBnode_modules\fP, but still updating the -pkglock: -.P -.RS 2 -.nf -$ npm audit fix \-\-package\-lock\-only -.fi -.RE -.P -Skip updating \fBdevDependencies\fP: -.P -.RS 2 -.nf -$ npm audit fix \-\-only=prod -.fi -.RE -.P -Have \fBaudit fix\fP install semver\-major updates to toplevel dependencies, not just -semver\-compatible ones: -.P -.RS 2 -.nf -$ npm audit fix \-\-force -.fi -.RE -.P -Do a dry run to get an idea of what \fBaudit fix\fP will do, and \fIalso\fR output -install information in JSON format: -.P -.RS 2 -.nf -$ npm audit fix \-\-dry\-run \-\-json -.fi -.RE -.P -Scan your project for vulnerabilities and just show the details, without fixing -anything: -.P -.RS 2 -.nf -$ npm audit -.fi -.RE -.P -Get the detailed audit report in JSON format: -.P -.RS 2 -.nf -$ npm audit \-\-json -.fi -.RE -.P -Get the detailed audit report in plain text result, separated by tab characters, allowing for -future reuse in scripting or command line post processing, like for example, selecting -some of the columns printed: -.P -.RS 2 -.nf -$ npm audit \-\-parseable -.fi -.RE -.P -To parse columns, you can use for example \fBawk\fP, and just print some of them: -.P -.RS 2 -.nf -$ npm audit \-\-parseable | awk \-F $'\\t' '{print $1,$4}' -.fi -.RE -.SH DESCRIPTION -.P -The audit command submits a description of the dependencies configured in -your project to your default registry and asks for a report of known -vulnerabilities\. The report returned includes instructions on how to act on -this information\. -.P -You can also have npm automatically fix the vulnerabilities by running \fBnpm -audit fix\fP\|\. Note that some vulnerabilities cannot be fixed automatically and -will require manual intervention or review\. Also note that since \fBnpm audit fix\fP -runs a full\-fledged \fBnpm install\fP under the hood, all configs that apply to the -installer will also apply to \fBnpm install\fP \-\- so things like \fBnpm audit fix -\-\-package\-lock\-only\fP will work as expected\. -.SH CONTENT SUBMITTED -.RS 0 -.IP \(bu 2 -npm_version -.IP \(bu 2 -node_version -.IP \(bu 2 -platform -.IP \(bu 2 -node_env -.IP \(bu 2 -A scrubbed version of your package\-lock\.json or npm\-shrinkwrap\.json - -.RE -.SS SCRUBBING -.P -In order to ensure that potentially sensitive information is not included in -the audit data bundle, some dependencies may have their names (and sometimes -versions) replaced with opaque non\-reversible identifiers\. It is done for -the following dependency types: -.RS 0 -.IP \(bu 2 -Any module referencing a scope that is configured for a non\-default -registry has its name scrubbed\. (That is, a scope you did a \fBnpm login \-\-scope=@ourscope\fP for\.) -.IP \(bu 2 -All git dependencies have their names and specifiers scrubbed\. -.IP \(bu 2 -All remote tarball dependencies have their names and specifiers scrubbed\. -.IP \(bu 2 -All local directory and tarball dependencies have their names and specifiers scrubbed\. - -.RE -.P -The non\-reversible identifiers are a sha256 of a session\-specific UUID and the -value being replaced, ensuring a consistent value within the payload that is -different between runs\. -.SH SEE ALSO -.RS 0 -.IP \(bu 2 -npm help install -.IP \(bu 2 -npm help 5 package\-locks -.IP \(bu 2 -npm help 7 config - -.RE |