darcyclarke/npm-audit.sh

## npm-audit.sh
#!/bin/bash
PKG=package.json
DIR=npm-audit-tmp
mkdir $DIR && cd $DIR && [[ $* == *--dry-run* && -f "../$PKG" ]] && cp "../$PKG" $PKG || echo '{}' >$PKG && npm i $1 --no-audit --package-lock-only --silent; npm audit; cd ../ && rm -rf $DIR

# Installation:
# 1. copy this into a file: /usr/local/bin/npm-audit
# 2. make it executable: chmod +x /usr/local/bin/npm-audit

# Usage:
# npm-audit <pkg>           - displays the audit results for a specific package & it's dependencies
# npm-audit <pkg> --dry-run - displays the audit results for a specific package as if it had been installed in the current project

# Example(s):
# npm-audit bcrypt@4
# npm init -y && npm i express@2 && npm-audit bcrypt@4 --dry-run # creates a project, adds some dep w/ other issues & shows that audit outputs both the new & existing audit issues

# How it works:
# running install w/ --package-lock-only avoids fetching tarballs/reifying &
# npm audit can still work with just a package-lock.json
	#!/bin/bash
	PKG=package.json
	DIR=npm-audit-tmp
	mkdir $DIR && cd $DIR && [[ $* == --dry-run && -f "../$PKG" ]] && cp "../$PKG" $PKG \|\| echo '{}' >$PKG && npm i $1 --no-audit --package-lock-only --silent; npm audit; cd ../ && rm -rf $DIR

	# Installation:
	# 1. copy this into a file: /usr/local/bin/npm-audit
	# 2. make it executable: chmod +x /usr/local/bin/npm-audit

	# Usage:
	# npm-audit <pkg> - displays the audit results for a specific package & it's dependencies
	# npm-audit <pkg> --dry-run - displays the audit results for a specific package as if it had been installed in the current project

	# Example(s):
	# npm-audit bcrypt@4
	# npm init -y && npm i express@2 && npm-audit bcrypt@4 --dry-run # creates a project, adds some dep w/ other issues & shows that audit outputs both the new & existing audit issues

	# How it works:
	# running install w/ --package-lock-only avoids fetching tarballs/reifying &
	# npm audit can still work with just a package-lock.json