Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable production flag for npm audit. #202

Closed
wants to merge 2 commits into from
Closed

Enable production flag for npm audit. #202

wants to merge 2 commits into from

Conversation

CalebCourier
Copy link

Summary of changes:
This PR enables using the existing --production flag when running npm audit. Using this flag will ignore dev dependencies when assigning the requires constant that is passed to audit.generate.

Reason for changes:
Currently there is no way to ignore dev dependencies when running an audit. Being able to do so is desirable when an audit is part of a CI process.

@CalebCourier CalebCourier requested a review from a team as a code owner June 18, 2019 14:45
@isaacs isaacs added the semver:minor new backwards-compatible feature label Jun 26, 2019
@isaacs
Copy link
Contributor

isaacs commented Jun 26, 2019

Will be in the next release. Thanks!

isaacs pushed a commit that referenced this pull request Jun 28, 2019
@isaacs
enable production flag for npm audit
f07e010 
Note: SemVer minor -- @isaacs

Close: #202
isaacs pushed a commit that referenced this pull request Jun 29, 2019
@isaacs
enable production flag for npm audit
1da97e8 
Note: SemVer minor -- @isaacs

Close: #202
@isaacs isaacs mentioned this pull request Jul 1, 2019
Merged
@isaacs isaacs closed this in a4475de Jul 3, 2019
@ArcanisCz
Copy link

Awesome! was waiting for this

@kessenich kessenich mentioned this pull request Jul 19, 2019
Closed
@snyk-bot snyk-bot mentioned this pull request Aug 13, 2019
Open
This was referenced Dec 8, 2019
Closed
Closed
@jeremysmartt jeremysmartt mentioned this pull request Dec 18, 2019
Merged
7 tasks
adrianjost added a commit to hpi-schul-cloud/schulcloud-client that referenced this pull request Mar 4, 2020
@adrianjost
fix production only
dbaceb8 
npm/cli#202
@igolskyi
Copy link

How add it to .npmrc?
My .npmrc looks like this:

engine-strict=true
fund=false

# also I want to set: audit only for --production but here only boolean value
audit=true

@ljharb
Copy link
Collaborator

ljharb commented May 20, 2021

@igolskyi you can’t set it in npmrc without affecting every other command, it can only be set when invoking npm audit.

@f4lco0n f4lco0n mentioned this pull request Jun 28, 2023
Open
@nicholaschoi168 nicholaschoi168 mentioned this pull request Jun 28, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
semver:minor new backwards-compatible feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@CalebCourier @isaacs @ArcanisCz @igolskyi @ljharb