Skip to content

Audit project dependencies

From the package.json you get the following commands which you can run via the cli like this:

npm run audit ### check below the list of sub-scripts

{
    ...
    "scripts":
    {
        ...
        "audit": "npx concurrently 'npm:audit:*(!fix)'",
        "audit:deps:nodejs": "npx @cdklabs/cdk-cicd-wrapper-cli check-dependencies --npm",
        "audit:deps:python": "npx @cdklabs/cdk-cicd-wrapper-cli check-dependencies --python",
        "audit:scan:security": "npx @cdklabs/cdk-cicd-wrapper-cli security-scan --bandit --semgrep --shellcheck --ci",
        "audit:license": "npm run license",
        "audit:fix:license": "npm run license:fix",
        "license": "npx @cdklabs/cdk-cicd-wrapper-cli license",
        "license:fix": "npx @cdklabs/cdk-cicd-wrapper-cli license --fix",
        ...
    },
    ...
}