From d3fbaedea0fc863d80d919f0d323423ae3393c1a Mon Sep 17 00:00:00 2001
From: Jakob Krigovsky <jakob@krigovsky.com>
Date: Fri, 8 Mar 2019 10:14:05 +0100
Subject: [PATCH] Fix link to security advisory

The Node Security Platform (nodesecurity.io) was acquired by npm in April 2018. https://nodesecurity.io/advisories is no longer available nowadays, however, all security advisories are available on https://www.npmjs.com/advisories.
---
 CHANGELOG.md                              | 4 ++++
 src/reporters/console/console-reporter.js | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6842713946..29df3cb430 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ Please add one entry in this file for each change in Yarn's behavior. Use the sa
 
 ## Master
 
+- Fixes the advisory link printed by `yarn audit`
+
+  [#7091](https://github.com/yarnpkg/yarn/pull/7091) - [**Jakob Krigovsky**](https://github.com/sonicdoe)
+
 - Fixes `npm_config_` environment variable parsing to support those prefixed with underscore (ex: `_auth`)
 
   [#7070](https://github.com/yarnpkg/yarn/pull/7070) - [**Nicholas Boll**](https://github.com/NicholasBoll)
diff --git a/src/reporters/console/console-reporter.js b/src/reporters/console/console-reporter.js
index 0fe162788c..0e1aa38afd 100644
--- a/src/reporters/console/console-reporter.js
+++ b/src/reporters/console/console-reporter.js
@@ -565,7 +565,7 @@ export default class ConsoleReporter extends BaseReporter {
         ...patchRows,
         {'Dependency of': `${resolution.path.split('>')[0]} ${resolution.dev ? '[dev]' : ''}`},
         {Path: resolution.path.split('>').join(' > ')},
-        {'More info': `https://nodesecurity.io/advisories/${auditAdvisory.id}`},
+        {'More info': `https://www.npmjs.com/advisories/${auditAdvisory.id}`},
       ];
     }