mirrors/bun.sh
1
0
Fork 0
mirror of https://github.com/oven-sh/bun synced 2026-02-09 10:28:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5d8fe74eb853ca61361ba0f3556d6451fda49ad5
bun.sh/docs/install/audit.md
robobun 41be6aeb3c docs: add missing v1.2.21 features to documentation (#23085) 
## Summary
- Added documentation for 5 features introduced in Bun v1.2.21 that were
missing from the docs
- Kept updates minimal with high information density as requested

## Changes
- **bun audit filtering options** (`docs/install/audit.md`)
  - `--audit-level=<low|moderate|high|critical>` - filter by severity
  - `--prod` - audit only production dependencies  
  - `--ignore <CVE>` - ignore specific vulnerabilities

- **--compile-exec-argv flag** (`docs/bundler/executables.md`)
  - Embed runtime arguments in compiled executables
  - Arguments available via `process.execArgv`

- **bunx --package/-p flag** (`docs/cli/bunx.md`)
  - Run binaries from specific packages when name differs

- **package.json sideEffects glob patterns** (`docs/bundler/index.md`)
  - Support for `*`, `?`, `**`, `[]`, `{}` patterns

- **--user-agent CLI flag** (`docs/cli/run.md`)
  - Customize User-Agent header for all fetch() requests

## Test plan
- [x] Reviewed all changes match Bun v1.2.21 blog post features
- [x] Verified documentation style is concise with code examples
- [x] Checked no existing documentation was removed

🤖 Generated with [Claude Code](https://claude.com/claude-code)

---------

Co-authored-by: Claude Bot <claude-bot@bun.sh>
Co-authored-by: Claude <noreply@anthropic.com>
2025-09-29 21:54:34 -07:00

58 lines
1.6 KiB
Markdown
Raw Blame History

`bun audit` checks your installed packages for known security vulnerabilities.
Run the command in a project with a `bun.lock` file:
```bash
$ bun audit
```
Bun sends the list of installed packages and versions to NPM, and prints a report of any vulnerabilities that were found. Packages installed from registries other than the default registry are skipped.
If no vulnerabilities are found, the command prints:
```
No vulnerabilities found
```
When vulnerabilities are detected, each affected package is listed along with the severity, a short description and a link to the advisory. At the end of the report Bun prints a summary and hints for updating:
```
3 vulnerabilities (1 high, 2 moderate)
To update all dependencies to the latest compatible versions:
bun update
To update all dependencies to the latest versions (including breaking changes):
bun update --latest
```
### Filtering options
**`--audit-level=<low|moderate|high|critical>`** - Only show vulnerabilities at this severity level or higher:
```bash
bun audit --audit-level=high
```
**`--prod`** - Audit only production dependencies (excludes devDependencies):
```bash
bun audit --prod
```
**`--ignore <CVE>`** - Ignore specific CVEs (can be used multiple times):
```bash
bun audit --ignore CVE-2022-25883 --ignore CVE-2023-26136
```
### `--json`
Use the `--json` flag to print the raw JSON response from the registry instead of the formatted report:
```bash
$ bun audit --json
```
### Exit code
`bun audit` will exit with code `0` if no vulnerabilities are found and `1` if the report lists any vulnerabilities. This will still happen even if `--json` is passed.
Reference in New Issue View Git Blame Copy Permalink