Audit should provide info if it affects dev dependency or production #67
Labels
help wanted
Extra attention is needed
Comments
|
@jeemok Hey! Is help still needed on this issue? |
|
hey @bencivjan, yes please! :) |
|
@jeemok Hey would you like this to be added as a column or a another table? |
This was referenced May 23, 2022
Open
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Really like the package. The only thing that kind of bothers me that running the audit doesn't show you if it affects a dev dependency or a production dependency. When running the audit it would be great to have a separate column that indicates if the found vulnerability only affects a dev dependency or also a production dependency.
This makes it easier to decide if it should be excluded e.g. high severity on dev dependency is probably not as problematic as on production dependencies.
The text was updated successfully, but these errors were encountered: