npm audit

运行安全审计

概要

npm audit [--json|--parseable|--audit-level=(low|moderate|high|critical)]
npm audit fix [--force|--package-lock-only|--dry-run]

common options: [--production] [--only=(dev|prod)]

示例

扫描您的项目是否存在漏洞,并自动为易受攻击的依赖项安装任何兼容更新:

$ npm audit fix

在不修改 node_modules 的情况下运行 audit fix,但仍然更新 pkglock:

$ npm audit fix --package-lock-only

跳过更新 devDependencies

$ npm audit fix --only=prod

audit fix 为顶级依赖项安装 semver-major 更新,而不仅仅是与 semver 兼容的更新:

$ npm audit fix --force

pOxhmLUE8OoPzi+wt+WF/TO8rfjVUDlfoi4ALSazrCE8Vh126REkEz/Bk+JXgOqFvZWXJZRCO9PRgc9vn2NlOrGlU0MOIxvnwLBBvYv7bzwiBpfoulOaeizKM/hX7f0zPHTeBkslqF1LifwoLfrx7A==

$ npm audit fix --dry-run --json

MhSYcn/AqwyxqSiwDxBgxC5534VJL37YWFLjCEHlyXlrjBC2ER/X7olBmGyQBTn4kOiu22HYYPo03/l5zOKuNf9Jzf99/oP5gdG7yTur/0wZLQmRjhelk27bKTPDi9xY

$ npm audit

F+6Y6gTqQLxrE8G94ngClEl1HcPz6j8UyZBhjnHwIWOQgc33uGz4yC3sJ/7f3qz+

$ npm audit --json

uRXjwMc6TiAMeYLQw7YkQuIzCTfJlKTV2NtFir9TJrOMuQ7HmW+aYXVbXzH6/p662lSCXTdvY5u4wOq0da7FYu1EaB96WkwkMyCZV7QzAn74tjNqlNoQ0XyfybCPcApFeD0sceWM5nJ/tMYAG0pktbj6CZSfYFJU/kvzi+53uZo6b6OgBrLHytbawI3SF1rd0CDFzL9tj8EQ/djIV75ehXlBRo8kdUnp5amnsqdatOY=

$ npm audit --parseable

QX/4vIZ4TmxbHFgpLshEGb8J1h88aemcV4odL+XOeI41xljT9hnOm2OgnyvUjMKRpdYZoknQ+B455VcUy1afhUkhZ0sjuvXwo/WSShQ+nkGB3CLNbrGnN/5OouD9EkDZ

$ npm audit --parseable | awk -F 
          
\t' '{print $1,$4}'

LV8qRMHeNfLVM5QxFae61G6X6pX68GwcDV7b+o1IGU1RQCJT1AUFtg5tdvQi9FVXakjUOHioO87LWuQD31WeU7qSTZmGuvpCY0WHEF4Xucc=

$ npm audit --audit-level=moderate

描述

cVR0SfNbfA46JPHJM4BQmIoHan4FnuUIz7eEPjM516VXyzHrnoZAcWH0reRFZUZY+wlEJla/y1xb4httIRE13XysSwCDo6NKaowjbbf8TRI40u91YepTTasnacZrSl71WMJ77BBevX/hk/uZZLI8YcJrrVDnkl/0udrLwQ8QQ1Y+vSs3iofSVCkM4PkOjgXiY9XAsPJHdQzGZisfa7k4iGX0eKw2R3XaK2IqJM0FwdKZjvjBRSIkUw0fBRrHi/T9La/Q20eksm4s+8U0tyK5ongV1e0OGJvqqzfquUiekrtf8uyi40nbvqTlqZSFSPA8

n9SkbFvjJb194XAVGbSuMOgdEoxeJNlmrfaM/AnSTKInH3blRLDfqAURj/64bJK3dcS20tEVVzPrSOg5Yqo5Hx8+KDUH0VtCtgO1tAhYmbYRZQ2QTJasEjh6CFff16F5ehsIdn3Rp9T4RDk2dpfC1zGVPIvsEE1VV0J0KxWg4AfzhZcWISHVwNNhRxvMbig6txekf4/XLKr+8A8UAkFBvkXm8T0QncrG9IYSm7DsyMpQnDHGSJ2ca4twwka83pdd3d65nJnyQLMuCkjauHezCrivNCGoXWU5WeRRaGgEajXcKoobJvzrpz2ZzCm4WNiBPhCE8FnMe9sTt2REMIJPf9rsbacG38Oz85rcnHL2eCcCaROn0pMFJjPYwAfQFvABcC5AGtBvTqNiCnHLxh+Fv7xRm28uMKy8jc0k6srctBxWwbXaJD9qbRCOx7XU6G3DD1tMhCZeru41gfCCyleCLh95xkBwlLXabazIB8agfv2OpR8cEm5L8HvJCUMJlBBUQiTt177rLf8aGL7GTjGgsvn8Ac/bfZ4nFrqq7ByknRZThEY8dwUMCrzlLZFKTAPAriVdofG/XQVcbZCxi4S/cA==

sAaAHI3DPRnnB+vJzzMbBjxnZ0QPHyIMyqjJ8ROzy9Nui1gR9UxD/Ey6Y05qzPeeUhfAQJTumAwLJSTwqVE5lqcKV6hHZKsVpQY0d17xF5EXzg1YY3+/5+hDJ+r/CjVz12KPcsMT9vqadOto2KuESHV7621qL6p9hfBxVqGo29mPchdRkfKvY/U12fnywBH4aInjWVbcbt3nWCX3sJt9Eb+rXAiFjZPF/8mF5WgZFL1CK4kixw+Av/H84sAXkj7zbGDtGFmbODQ/LixPPSLZ5wYDTbJcqUotgLyIUKzJgMvj8E8SK6Y8JIcJ1eu5yGKH5pK/j4qtjy74vfw3rd+Vfu4cxvW5nPc5+TF2pmjPK5b6QGPK9pQuzqzjWcRUqXUi

提交的内容

擦洗

jHldC34t5SoyBTk10eESazQh15hNT2XkVhyicol4E9CtYXHacKI0fOvS23BkNQWjdZMvDCsH82XQS3b8oyUA08DAUuKtiSALlBeHsJhOMcysHmVLBeljWdtCELp8wZ0g7s8kk4h5gluqzTuUWraL1eEETKYIoyChiSQyw0MNWmFJiwEZRgFY7EHGYJjmFU4baKQp+b6qERcsJEbhwcL7UCJhKZxiSv5YsvIU90YXNaut28ii4mnlgjXf45lXG8agdg/ySFaulZL0EZnnvj+WAA==

GA63X6VyEd1WevNJUt/yammCyyFZq96Dj5l+6oQHPqXl3I4S0XueZMGO3c/YZzA5zdgAvUX5/B9b8GJNdY207ALDKaDDGViUfQ1KgmOtzh8FvUr7/oYzqqrsAs6x4OhztzPu6idKnGtkI242SMfR4p3wEr4boMMDwvp0ddFcjxlT3PEshlR93YFjLPlLTMD9

退出码

I+XKydyqGLSIuC0432ygeq6H3pKlZjgk2ZkE0cxcan3FBYhjsR2DT/1zIbHKViapDWKtIfFUnAR2Zyn5t3Nb/OsvoVUMLJvw8oH00pijyGhInIAOaNojVbXRFYQJhRI6

G2+4FJlPbW829soL7wq4DETDj/vofModVCqOOMgmQy0UX18EFAmX5Gssw58rfZlIJLt49pHPdDoiaSqh2A08/O+HkPuzmlJ9fBjoVOHNzROUHl2IoeopRsubIV3emX34