Loading...

Back to Details

audit-deps

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Dependency Audit

依赖项审计

Commands

命令

Run in parallel:

```
npm audit
```
- security vulnerabilities
```
npm outdated
```
- outdated packages

并行运行：

```
npm audit
```
- 安全漏洞检测
```
npm outdated
```
- 过时包检测

Workflow

工作流程

Run security audit and outdated check
Report critical vulnerabilities with fix commands
List outdated packages (major vs minor/patch)
Check for unused deps: grep imports in src/

运行安全审计和过时检查
附带修复命令报告严重漏洞
列出过时包（主版本更新 vs 次版本/补丁版本更新）
检查未使用的依赖项：在src/目录中搜索导入语句

Report

报告内容

Critical vulns: package + CVE + fix command
Outdated: table of package/current/latest/type
Unused: packages in package.json but not imported

严重漏洞：包名 + CVE编号 + 修复命令
过时包：包含包名/当前版本/最新版本/更新类型的表格
未使用依赖项：package.json中存在但未被导入的包

Rules

规则

Use
```
npm audit
```
, never
```
npx
```
Focus on actionable items
Prioritize: security > major updates > unused > minor updates

使用
```
npm audit
```
，禁止使用
```
npx
```
聚焦于可执行的操作项
优先级：安全问题 > 主版本更新 > 未使用依赖项 > 次版本更新