Skip to content
/ gitlab-npm-audit-parser Public
forked from mgibeau/gitlab-npm-audit-parser

Convert `npm audit` reports into GitLab dependency scanner reports

1 star 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

elpete/gitlab-npm-audit-parser

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
lib
lib
 
 
test
test
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
parse.js
parse.js
 
 

Repository files navigation

GitLab parser for NPM Audit

Usage: gitlab-npm-audit-parser [options]

Options:

  -V, --version     output the version number
  -o, --out <path>  output filename, defaults to gl-dependency-scanning-report.json
  -h, --help        output usage information

How to use

Install this package.

npm install --save-dev @elpete/gitlab-npm-audit-parser

Add the following job to .gitlab-ci.yml

dependency scanning:
  image: node:10-alpine
  script:
    - npm ci
    - npm audit --json | npx gitlab-npm-audit-parser -o gl-dependency-scanning.json
  artifacts:
    reports:
      dependency_scanning: gl-dependency-scanning.json

NOTE: If you use a npm run-script to call npm audit You must add the option --silent to npm run or have .npmrc set the NPM loglevel to silent otherwise the shell output will conflict with the stdin piping to this parser and cause an error.

Test

$ npm test

V1 Report

cat test/v1_report.json | ./parse.js -o report.json

V2 Report

cat test/v2_report.json | ./parse.js -o report.json

About

Convert `npm audit` reports into GitLab dependency scanner reports

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

3 tags

Packages

No packages published

Languages

  • JavaScript 100.0%