Display npm audit vulnerabilities in html format

Asked 28/5, 2018 at 15:48 Answered 4/1, 2022 at 16:32

Solved node.js npm report

Is there a way to display the npm audit report as an html page?

At the moment i can only see the option to output the report in json format, using this command:

npm audit --json

Sateia answered 28/5, 2018 at 15:48 Comment(0)

I wrote an NPM package that does this for you.

You can use it by running the following:

// first install it
npm i -g npm-audit-html

// then pipe npm audit to it
npm audit --json | npm-audit-html

Derzon answered 15/12, 2018 at 13:7 Comment(6)

I saw the download stats on npm, I wasn't the only one that wanted this feature. Well done. – Sateia 6/1, 2019 at 20:54

Hi! Is It possible with your module to create one HTML report from multiple package.json in other subfolders? – Shaefer 15/5, 2019 at 13:11

I'm getting "no input" for some reason as a result - but npm audit --json definitely produces output.. – Cynar 31/8, 2020 at 6:31

@MarkZhukovsky Are you using PowerShell? If so, you may be seeing this issue. github.com/eventOneHQ/npm-audit-html/issues/34 – Derzon 31/8, 2020 at 18:59

I think you can use the > instead. npm audit --json > npm-audit-html – Scream 9/6, 2021 at 13:13

From a PowerShell prompt you need to pass the whole thing to cmd because PS won't pipe output between non-PS things cmd /c 'npm audit --json | npm-audit-html' – Westernism 18/11, 2021 at 18:27

npm-audit-html is a good package, just used it.

npm install -g npm-audit-html
npm audit --json | npm-audit-html --output report.html

If you are getting the "No Input" response when running through powershell or VS Code Terminal just run it with the command prompt

Midden answered 12/12, 2019 at 11:57 Comment(1)

As of 9-Apr-20, the file created by npm-audit-html is named npm-audit.html. – Cleruchy 10/4, 2020 at 0:47

Following previous answers...
As of NPM v7, you'll need the beta version of npm-audit-html.

npm install -g npm-audit-html@beta
npm audit --json | npm-audit-html --output report.html

For more details: https://github.com/eventOneHQ/npm-audit-html/issues/43#issuecomment-940159989

P.S. Tested with NPM v8.3.0.

Bergquist answered 4/1, 2022 at 16:32 Comment(2)

Thanks! I previously got 'No data available in table' and 0 dependencies in the html file. With the beta version, it's now working (using npm v8.9.0). – Sibilate 18/5, 2022 at 19:33

Was looking for a native way without installing any new dependency, but there doesn't seem to be any way to get HTML output. – Waste 13/7, 2022 at 9:48

On Linux I'm using ccat in a bash script:

#!/bin/sh

echo "<!DOCTYPE html><head><meta charset=\"UTF-8\"/></head><body>"
npm audit|ccat --html
echo "</body></html>"

Usage: ./audit.sh > vulnerabilities.html

But I'm also interested in other solutions, maybe ones that could work on Windows too.

Sateia answered 28/5, 2018 at 15:48 Comment(2)

I recommend Cygwin for windows/bash stuff. So long as it's minor bash scripting. – Magbie 28/5, 2018 at 16:18

Cygwin is nice but I would recommend msys2 (msys2.org) as a more advanced solution. – Sateia 5/8, 2018 at 22:8

Recommended topics

Hot tags