npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

npm audit correct advisory URL


We use our own libraries and modules of the NPM.
To solve the problem of checking security dependencies, we provide our own report in response to the npm install / npm audit command.

So we need to be able to provide our own links to the vulnerability report when calling the npm audit (or install).
Presently links to the{id} are hardcoded:

Is there any way to change this in the global NPM repository?
For example, if you provide a “url” filed from the response in the CLI output for the npm audit command, this will solve our problem.
Presently the “url”-field from the response is de facto not used.