npm audit correct advisory URL

(Alexander) #1


We use our own libraries and modules of the NPM.
To solve the problem of checking security dependencies, we provide our own report in response to the npm install / npm audit command.

So we need to be able to provide our own links to the vulnerability report when calling the npm audit (or install).
Presently links to the{id} are hardcoded:

Is there any way to change this in the global NPM repository?
For example, if you provide a “url” filed from the response in the CLI output for the npm audit command, this will solve our problem.
Presently the “url”-field from the response is de facto not used.