NPM configuration to skip vulnerabilities audit for devDependencies on install

About

Asked 4/3, 2022 at 18:58 Answered 14/7, 2023 at 10:20

Is it possible to configure npm to skip audit of vulnerabilities for devDependencies when running command npm install?

Significance answered 4/3, 2022 at 18:58 Comment(0)

You can skip auditing at all by adding the --no-audit flag.

npm install --no-audit

If you want this to apply to devDependencies only, you can run it this way:

npm install --no-audit --only=dev

If you want this to apply to production dependencies only, you can run it this way:

npm install --no-audit --only=prod

Angeloangelology answered 9/5, 2022 at 14:31 Comment(0)

Since this is a first result when you try to google for a way to disable audit, let's post a more convenient solution for more general case.

You can skip auditing altogether by using npm config:

npm config set audit false

And to reduce pesky noise even more:

npm config set fund false

Bowe answered 27/6, 2023 at 9:53 Comment(0)

npm install --disableNodeJS --nodeAuditSkipDevDependencies

Bluey answered 14/7, 2023 at 10:20 Comment(0)

-1

You can simply just use the command

npm audit --prod

And to ignore a particular package use

npm audit --ignore packageName

To know more about it you can visit this link - https://github.com/npm/npm/issues/20564.

Herpetology answered 4/3, 2022 at 19:15 Comment(1)

Thank you, I know about npm audit --prod. I was asking if there is a global npm configuration available to skip dev dependencies auditing on npm install. – Significance 5/3, 2022 at 8:52

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags