Menu
I want to create a VSTS build with npm package auditing capabilities using npm audit. I added a few tasks to run npm audit. The command runs and I can see the details in the console/logs for all the packages. However, the task fails complaining about not finding a logs file. Any idea on how I can get the builds to stop working if I find a high vulnerability package?
EDIT
This is the final line in the result when I run npm audit locally
Notice how it displays vulnerabilities in categories. I want the build to not proceed if there is a non-zero value for High vulnerability.
353
asked Jun 05 '18 06:06
I got the same error, but then realize that I am using incorrect custom command for npm task:
it was "npm install gulp -g", but should be "install gulp -g" (without npm).
For me it helps.
134
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
