dmd report advisories
dmd report advisories
Report advisories that are available for packages or dependencies in use
Usage
advisories
Synopsis
Report advisories that are available for packages or dependencies in use
This reports advisories from the following sources:
- the
advisoriestable for custom or community-informed advisories - End of Life package advisories, via endoflife.date, and highlights whether dependencies are lacking active support or are actively end-of-life.
- AWS infrastructure version advisories, via endoflife-checker
Requires running db generate advisories to seed the data.
Options
| Flag (type) | Usage | Notes |
|---|---|---|
--advisory-type (string)
|
Whether to filter the policy violations by a given Advisory Type (as noted in https://dmd.tanna.dev/concepts/advisory/) |
|
--csv
|
Whether to output as a CSV file |
|
-h, --help
|
help for advisories |
|
--organisation (string)
|
Whether to filter policy violations by the given organisation that hosts the repository |
|
--out (string)
|
Where to output report(s) |
|
--owner (string)
|
Whether to filter policy violations by the underlying owner of the repository |
|
--platform (gitlab)
|
Whether to filter policy violations by the given platform that hosts the repository, for instance gitlab |
|
--repo (string)
|
Whether to filter policy violations by a specific repository name |
|
--summary
|
Whether to report only a short summary |
|
Options inherited from parent commands
| Flag (type) | Usage | Notes |
|---|---|---|
--db (string)
|
the path to the input/output database |
|
--debug
|
whether to enable debug logging |
|
Related
dmd report- Perform reports on the database