Azure Devops Pipeline NPM Audit

Question

I am trying to modify an Azure pipeline yaml file. Currently it has a task that works too well

 - task: Npm@1
          displayName: 'Audit npm packages in dependencies group'
          inputs:
            command: custom
            customCommand: ${{ parameters.npmAuditCommand }}
            verbose: false
            workingDir: ${{ parameters.solutionFolder }}

The customCommand is:

default: 'run audit --only=prod --audit-level=moderate'

What I am trying to achieve for this task to stop running if it fails and have a manual trigger that allows the team to assess the threat / implications and then approve/dismiss. And have this contained within the yaml file

In an ideal world audits would pass but on an old existing project we are having to chip away at legacy code.

Answer 1

- task: Npm@1
     displayName: 'Audit Application'
     inputs:
       workingDir: $(buildRoot)
       command: custom
       customCommand: 'run audit'