On this page
deno 审计
deno audit [OPTIONS]Audit currently installed dependencies.
deno audit
Show only high and critical severity vulnerabilities
deno audit --level=high
Check against socket.dev vulnerability database
deno audit --socket
Don't error if the audit data can't be retrieved from the registry
deno audit --ignore-registry-errors
Dependency management options Jump to heading
--frozen Jump to heading
Error out if lockfile is out of date.
--lock Jump to heading
Check the specified lock file. (If value is not provided, defaults to "./deno.lock").
--no-lock Jump to heading
Disable auto discovery of the lock file.
Options Jump to heading
--ignore Jump to heading
Ignore advisories matching the given CVE IDs.
--ignore-registry-errors Jump to heading
Return exit code 0 if remote service(s) responds with an error.
--ignore-unfixable Jump to heading
Ignore advisories that don't have any actions to resolve them.
--level Jump to heading
Only show advisories with severity greater or equal to the one specified.
--socket Jump to heading
Check against socket.dev vulnerability database.
deno audit 命令检查您项目的依赖是否存在已知安全漏洞。它读取您的锁文件,并报告漏洞数据库中发现的任何安全通告。
示例 Jump to heading
审计所有依赖:
deno audit
仅显示高危和严重级别的漏洞:
deno audit --level=high
针对 socket.dev 漏洞数据库进行检查:
deno audit --socket
忽略特定的 CVE(用于抑制误报或接受的风险):
deno audit --ignore=CVE-2024-12345,CVE-2024-67890
忽略没有可用修复方案的通告:
deno audit --ignore-unfixable
如果无法从注册表获取审计数据,不报错:
deno audit --ignore-registry-errors