Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Possibility to add exceptions for yarn audit #6803

Closed
olastor opened this issue Dec 9, 2018 · 2 comments
Closed

Possibility to add exceptions for yarn audit #6803

olastor opened this issue Dec 9, 2018 · 2 comments
Assignees
@imsnif
Labels
triaged

Comments

@olastor
Copy link

olastor commented Dec 9, 2018

Do you want to request a feature or report a bug?

feature

What is the current behavior?
All vulnerabilites are listed with yarn audit

If the current behavior is a bug, please provide the steps to reproduce.

What is the expected behavior?

Having the option to ignore certain security issues. In nsp you could add exceptions by adding a .nsprc file like this one

{
  "exceptions": ["https://nodesecurity.io/advisories/12"]
}

This is in many cases needed if for example a vulnerability does not concern you, but breaks you ci build, because you have yarn audit in it.

Please mention your node.js, yarn and operating system version.
OS: Fedora 28 x86_64
node: v8.12.0
yarn: 1.12.3
@ghost ghost assigned imsnif Dec 9, 2018
@ghost ghost added the triaged label Dec 9, 2018
@dwaynebailey
Copy link

Same as #6669

@rally25rs
Copy link
Contributor

Closing as duplicate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@imsnif imsnif

Labels
triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rally25rs @dwaynebailey @imsnif @olastor