On this page
deno audit
deno audit 命令检查您项目的依赖是否存在已知安全漏洞。它读取您的锁文件,并报告漏洞数据库中发现的任何安全通告。
示例 Jump to heading
审计所有依赖:
deno audit
仅显示高危和严重级别的漏洞:
deno audit --level=high
针对 socket.dev 漏洞数据库进行检查:
deno audit --socket
忽略特定的 CVE(用于抑制误报或接受的风险):
deno audit --ignore=CVE-2024-12345,CVE-2024-67890
忽略没有可用修复方案的通告:
deno audit --ignore-unfixable
如果无法从注册表获取审计数据,不报错:
deno audit --ignore-registry-errors
deno audit [OPTIONS]Audit currently installed dependencies.
deno audit
Show only high and critical severity vulnerabilities
deno audit --level=high
Check against socket.dev vulnerability database
deno audit --socket
Don't error if the audit data can't be retrieved from the registry
deno audit --ignore-registry-errors
Dependency management options Jump to heading
--frozen<BOOLEAN>optionalError out if lockfile is out of date.
--lock<FILE>optionalCheck the specified lock file. (If value is not provided, defaults to "./deno.lock").
--no-lockDisable auto discovery of the lock file.
Options Jump to heading
--ignore<CVE>Ignore advisories matching the given CVE IDs.
--ignore-registry-errorsReturn exit code 0 if remote service(s) responds with an error.
--ignore-unfixableIgnore advisories that don't have any actions to resolve them.
--level<level>Only show advisories with severity greater or equal to the one specified.
--socketCheck against socket.dev vulnerability database.