GitHub - mydeveloperday/npm-audit-sarif: Convert npm audit --json to sarif format for sonarqube integration.

npm-audit-sarif is a Node based tool for transforming npm audit json output to sarif format.

The purpose is for importing the npm audit vulnerabilities into static analysis tools such as SonarQube for the tracking of npm-audit issues.

   npm install npm-audit-sarif

To see a list of options run

npx npm-audit-sarif


Usage: npm-audit-sarif [options] <filename>

Options:
      --help     Show help                                             [boolean]
      --version  Show version number                                   [boolean]
  -o, --output   Output filename                                        [string]
  -r, --root     Root directory                                         [string]

Not enough non-option arguments: got 0, need at least 1

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
src		src
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
.prettierrc		.prettierrc
LICENSE		LICENSE
README.md		README.md
audit.json		audit.json
jest.config.js		jest.config.js
npm-audit-sarif		npm-audit-sarif
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

About

Uh oh!

Releases

Packages

Uh oh!

Languages

License

mydeveloperday/npm-audit-sarif

Folders and files

Latest commit

History

Repository files navigation

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages