yarn global add yarn-audit-html
To generate a report, run the following:
yarn audit --json | yarn-audit-html
By default, unique vulnerability list will be generated (Grouped by MODULE_NAME
, VERSION
and CWE
) to
yarn-audit.html
If you want to specify the output file, add the --output
option:
yarn audit --json | yarn-audit-html --output report.html
You can also fully customize the generated report by providing --template
option followed by your own EJS template:
yarn audit --json | yarn-audit-html --template ./my-awesome-template.ejs
If you'd like the generator to exit with non-zero exit code when vulnerabilities are found, you can add the
--fatal-exit-code
option:
yarn audit --json | yarn-audit-html --fatal-exit-code
Inspired by npm-audit-html package.