https://github.com/deviceinsight/vulnerability-scan
https://github.com/deviceinsight/vulnerability-scan
Last synced: about 1 year ago
JSON representation
- Host: GitHub
- URL: https://github.com/deviceinsight/vulnerability-scan
- Owner: deviceinsight
- License: apache-2.0
- Created: 2020-07-08T11:10:21.000Z (about 6 years ago)
- Default Branch: develop
- Last Pushed: 2020-07-16T10:06:14.000Z (almost 6 years ago)
- Last Synced: 2025-06-11T13:50:57.159Z (about 1 year ago)
- Language: JavaScript
- Size: 30.3 KB
- Stars: 0
- Watchers: 5
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# Installation
```
yarn add @deviceinsight/vulnerability-scan --dev
npm install @deviceinsight/vulnerability-scan --save-dev
```
# Usage
```
scripts: {
"vulnerability-scan": "vulnerability-scan --config vulnerability-scan.json",
}
```
# Configuration
Vulnerability-scan uses [audit-ci](https://github.com/IBM/audit-ci) to provide the possibilitiy to set severity levels, advisory exclusions or even whitelists for moduless.
An error is returned if any results are found by the given configuration.
A config file can be passed by using the `--config ` flag.
The following configurations are possible:
```json
{
// [Optional] defaults `[]`
"advisories": ,
// [Optional] defaults `false`
"pretty-print": ,
// [Optional] defaults `undefined`
"registry": ,
// [Optional] defaults `high`
"severity": ,
// [Optional] defaults `[]`
"whitelist":
}
```