yarn-audit-html

yarn-audit-html

Generate a HTML report for Yarn Audit

Install

yarn add -D yarn-audit-html
# or globally
yarn global add yarn-audit-html

Usage

To generate a report, run the following:

Yarn V1

yarn audit --json | yarn yarn-audit-html

Yarn V2+

yarn npm audit --json | yarn yarn-audit-html

By default, unique vulnerability list will be generated (Grouped by MODULE_NAME, VERSION, VULNERABLE_VERSIONS, ADVISORY_CREATED_DATE and CWE) to yarn-audit.html. This way, even if same version of package has multiple vulnerabilities, they will be counted.

If you want to specify the output file, add the --output option:

yarn audit --json | yarn yarn-audit-html --output report.html

You can also fully customize the generated report by providing --template option followed by your own EJS template:

yarn audit --json | yarn yarn-audit-html --template ./my-awesome-template.ejs

There is also a possibility to change default theme(materia) to any of available in Bootswatch with --theme option followed by theme name: p.s. In future major release default template will change to dark theme.

yarn audit --json | yarn yarn-audit-html --theme darkly

If you'd like the generator to exit with non-zero exit code when vulnerabilities are found, you can add the --fatal-exit-code option:

yarn audit --json | yarn yarn-audit-html --fatal-exit-code

Inspired by npm-audit-html package.

See changelog here.