application-security

npm audit

Definition

npm audit is a built-in Node.js package manager command that scans a project's dependency tree against the npm security advisory database for known vulnerabilities. It reports vulnerability severity, affected packages, and available remediation.

Running npm audit in CI pipelines provides automated visibility into vulnerable dependencies and can be configured to fail builds above a specified severity threshold.

Related Terms

SCA

Software Composition Analysis

Dependabot

OSV

Open Source Vulnerability Database

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product