Skip to content

Enable production flag for npm audit. #202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Enable production flag for npm audit. #202

wants to merge 2 commits into from

Conversation

@CalebCourier
Copy link

@CalebCourier CalebCourier commented Jun 18, 2019

Summary of changes:
This PR enables using the existing --production flag when running npm audit. Using this flag will ignore dev dependencies when assigning the requires constant that is passed to audit.generate.

Reason for changes:
Currently there is no way to ignore dev dependencies when running an audit. Being able to do so is desirable when an audit is part of a CI process.

@CalebCourier CalebCourier requested a review from a team as a code owner June 18, 2019 14:45
@isaacs isaacs added the semver:minor new backwards-compatible feature label Jun 26, 2019
@isaacs
Copy link
Contributor

isaacs commented Jun 26, 2019

Will be in the next release. Thanks!

isaacs pushed a commit that referenced this pull request Jun 28, 2019
@isaacs
enable production flag for npm audit
f07e010 
Note: SemVer minor -- @isaacs

Close: #202
isaacs pushed a commit that referenced this pull request Jun 29, 2019
@isaacs
enable production flag for npm audit
1da97e8 
Note: SemVer minor -- @isaacs

Close: #202
@isaacs isaacs mentioned this pull request Jul 1, 2019
Merged
@isaacs isaacs closed this in a4475de Jul 3, 2019
@ArcanisCz
Copy link

ArcanisCz commented Jul 9, 2019

Awesome! was waiting for this

@kessenich kessenich mentioned this pull request Jul 19, 2019
Closed
@snyk-bot snyk-bot mentioned this pull request Aug 13, 2019
Open
This was referenced Dec 8, 2019
Closed
Closed
@jeremysmartt jeremysmartt mentioned this pull request Dec 18, 2019
Merged
7 tasks
adrianjost added a commit to hpi-schul-cloud/schulcloud-client that referenced this pull request Mar 4, 2020
@adrianjost
fix production only
dbaceb8 
npm/cli#202
@igolskyi
Copy link

igolskyi commented May 20, 2021

How add it to .npmrc?
My .npmrc looks like this:

engine-strict=true
fund=false

# also I want to set: audit only for --production but here only boolean value
audit=true

@ljharb
Copy link
Contributor

ljharb commented May 20, 2021

@igolskyi you can’t set it in npmrc without affecting every other command, it can only be set when invoking npm audit.

@f4lco0n f4lco0n mentioned this pull request Jun 28, 2023
Open
@nicholaschoi168 nicholaschoi168 mentioned this pull request Jun 28, 2023
Open
@Omrisnyk Omrisnyk mentioned this pull request Apr 30, 2024
Open
@Omrisnyk Omrisnyk mentioned this pull request May 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

semver:minor new backwards-compatible feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@CalebCourier @isaacs @ArcanisCz @igolskyi @ljharb