How can we improve Azure DevOps?

npm audit

This suggestion is migrated to Developer Community. Please use below link to view the current status.
https://developercommunity.visualstudio.com/content/idea/365958/npm-audit.html
npm added support for `npm audit` in npm@6 and npm@5.10.0 to highlight security issues with packages and their dependencies. The npm registry itself just added support for this very recently:

https://blog.npmjs.org/post/173719309445/npm-audit-identify-and-fix-insecure

When issuing an `npm audit` call to the npm registry from within a directory with a package.json, an analysis is returned to the console.

When issuing the same request to a VSTS registry, a 400 is presently returned:

https://<project>.pkgs.visualstudio.com/_packaging/<registry>/npm/registry/-/npm/v1/security/audits.

Given that this is a security-related matter, is there anything on the roadmap yet for support of this feature?

Thank you!

24 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Simon shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    3 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base