npm audit response shows up as just plain text instead of tabular format

Question

I read a lot of questions/articles related to npm audit where people have provided the response of the npm audit in a tabular format. But when I run the npm audit I get the response as plain text.

I tried to install a library npm-audit-html and get the format in HTML as provided in answer but that is running into the issue: zsh: command not found: npm-audit-html

Can someone please explain and help in resolving the beautification of the npm audit response? Currently, my npm audit response shows up something like this:

postcss-overflow-shorthand  <=2.0.0
  Depends on vulnerable versions of postcss
  node_modules/postcss-overflow-shorthand
  postcss-page-break  <=2.0.0
  Depends on vulnerable versions of postcss
  node_modules/postcss-page-break
  postcss-place  <=5.0.0
  Depends on vulnerable versions of postcss
  node_modules/postcss-place
  postcss-pseudo-class-any-link  <=6.0.0
  Depends on vulnerable versions of postcss
  node_modules/postcss-pseudo-class-any-link
  postcss-reduce-initial  <=4.0.3
  Depends on vulnerable versions of postcss
  node_modules/postcss-reduce-initial
  postcss-reduce-transforms  <=4.0.2
  Depends on vulnerable versions of postcss
  node_modules/postcss-reduce-transforms
  postcss-replace-overflow-wrap  <=3.0.0
  Depends on vulnerable versions of postcss
  node_modules/postcss-replace-overflow-wrap
  postcss-selector-matches  *
  Depends on vulnerable versions of postcss
  node_modules/postcss-selector-matches
  postcss-selector-not  <=4.0.1
  Depends on vulnerable versions of postcss
  node_modules/postcss-selector-not
  postcss-svgo  <=5.0.0-rc.2
  Depends on vulnerable versions of postcss
  Depends on vulnerable versions of svgo
  node_modules/postcss-svgo
  postcss-unique-selectors  <=4.0.1
  Depends on vulnerable versions of postcss
  node_modules/postcss-unique-selectors
  postcss-url  3.3.0 - 10.0.0
  Depends on vulnerable versions of postcss
  node_modules/postcss-url
  stylehacks  <=4.0.3
  Depends on vulnerable versions of postcss
  node_modules/stylehacks

90 vulnerabilities (84 moderate, 6 high)

i hate to break it to you, but `npm audit --help` would have told you how it's done if that was an option. Perhaps there's an implementation difference between mac/linux/windows version of node? I'm not sure... what it does offer though is the `--json` parameter which is just as good as far as the shell scripts go. What do you really need it for? — Kamil Janowski, Feb 03 '22 at 09:25
@KamilJanowski Thanks a lot for the response. I am aware of the `--json` part but that would just display in `JSON` format. I am looking for some command or additional package which can beautify the `npm audit output`. I am using `Macos` for developing my application. — BATMAN_2008, Feb 07 '22 at 05:58

score 1 · Answer 1 · answered Aug 05 '22 at 12:08

1

In windows, I've used npm audit with ">" to write its content in a json file, refer below command:

npm audit --json > FOLDER_PATH\FILE_NAME.json

answered Aug 05 '22 at 12:08

Praveen

263
2
10

score 1 · Answer 2 · answered Nov 18 '22 at 15:40

The npm audit format you posted is a breaking change of npm 7.

Output and data structure is significantly refactored to call attention to issues, identify classes of fixes not previously available, and remove extraneous data not used for any purpose.

BREAKING CHANGE: Any tools consuming the output of npm audit will almost certainly need to be updated, as this has changed significantly, both in the readable and --json output styles.

Source: npm release notes

As the output format not officially explained, there is a post try to find it out. You can check the post for more details.

npm audit response shows up as just plain text instead of tabular format

2 Answers2