Comment on page
lstn scan

Audit the first-level dependencies for a project
Using this command, you can audit the first-level dependencies configured for a project and obtain their verdicts. This requires a package.json file to fetch the package names and versions from your project's dependencies.
Query listen.dev for the verdicts of the dependencies in your project.
​
Using this command, you can audit the first-level dependencies configured for a project and obtain their verdicts.
This requires a package.json file to fetch the package name and version of the project dependencies.
​
The verdicts it returns are listed by the name of each package and its specified version.
​
Usage:
  lstn scan [path]
​
Examples:
  lstn scan
  lstn scan .
  lstn scan sub/dir
  lstn scan /we/snitch
  lstn scan /we/snitch --ignore-deptypes peer
  lstn scan /we/snitch --ignore-deptypes dev,peer
  lstn scan /we/snitch --ignore-deptypes dev --ignore-deptypes peer
  lstn scan /we/snitch --ignore-packages react,glob --ignore-deptypes peer
  lstn scan /we/snitch --ignore-packages react --ignore-packages glob,@vue/devtools
​
Flags:
  -q, --jq string   filter the output using a jq expression
      --json        output the verdicts (if any) in JSON form
​
Config Flags:
      --endpoint string   the listen.dev endpoint emitting the verdicts (default "https://npm.listen.dev")
      --loglevel string   set the logging level (default "info")
      --timeout int       set the timeout, in seconds (default 60)
​
Debug Flags:
      --debug-options   output the options, then exit
​
Filtering Flags:
      --ignore-deptypes (dep,dev,optional,peer)   list of dependencies types to not process (default [bundle])
      --ignore-packages strings                   list of packages to not process
​
Registry Flags:
      --npm-registry string   set a custom NPM registry (default "https://registry.npmjs.org")
​
Reporting Flags:
      --gh-owner string                                           set the GitHub owner name (org|user)
      --gh-pull-id int                                            set the GitHub pull request ID
      --gh-repo string                                            set the GitHub repository name
  -r, --reporter (gh-pull-check,gh-pull-comment,gh-pull-review)   set one or more reporters to use (default [])
​
Token Flags:
      --gh-token string   set the GitHub token
​
Global Flags:
      --config string   config file (default is $HOME/.lstn.yaml)
​
​
​
Last modified 7mo ago