Y
Hacker News
new
|
ask
|
show
|
jobs
Show HN: NPM-Audit-to-Report
(
github.com
)
5 points
by
yehors
458 days ago
2 comments
thangngoc89
457 days ago
The README is kinda light on details. This is a utility written in Go that convert yarn’s audit file from json to Markdown for reporting as part of the CI pipeline.
I’m wondering if yarn’s audit is better than npm’s audit?
link
yehors
457 days ago
Actually, it's the same. As I understand they use one database.
link
cluckindan
457 days ago
Why not use
npm audit --json
and just pass it to a template?
link
yehors
456 days ago
Not easy it sounds. Generated file has JSONL and each has summary or advisory lines. My script just processes them to a Markdown in Go.
link
thangngoc89
457 days ago
The script seems to be invoking yarn audit --json and does the templating.
link
I’m wondering if yarn’s audit is better than npm’s audit?