npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

Severity filter for npm audit

I don’t know about you, but I’d find it immensely useful, if npm audit had a switch to filter packages by severity of a vulnerability.


$ npm audit --severity moderate

The example above would only display dependencies with moderate vulnerabilities.

More ideas:

# Moderate & high
$ npm audit --severity moderate|high

# Moderate and above
$ npm audit --severity >moderate

Any thoughts?

+1 from me… I like that idea… Even better would be to base the severity on the NIST CVSS score.