Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8f646ed

Browse files
bartlomiejuclaudethisisjofrank
authored
docs: flesh out deno audit and deno add reference pages (denoland#2951)
Co-authored-by: Claude Opus 4.6 <[email protected]> Co-authored-by: Jo Franchetti <[email protected]>
1 parent 065ecc6 commit 8f646ed

2 files changed

Lines changed: 79 additions & 3 deletions

File tree

runtime/reference/cli/add.md

Lines changed: 35 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,5 +3,39 @@ title: "deno add"
33
command: add
44
openGraphLayout: "/open_graph/cli-commands.jsx"
55
openGraphTitle: "deno add"
6-
description: "Add and manage project dependencies with Deno."
6+
description: "Add and manage project dependencies with Deno"
77
---
8+
9+
The `deno add` command adds dependencies to your project's configuration file.
10+
It is an alias for
11+
[`deno install [PACKAGES]`](/runtime/reference/cli/install/#deno-install-packages).
12+
13+
## Examples
14+
15+
Add packages from JSR and npm:
16+
17+
```sh
18+
deno add @std/path npm:express
19+
```
20+
21+
By default, dependencies are added with a caret (`^`) version range. Use
22+
`--save-exact` to pin to an exact version:
23+
24+
```sh
25+
deno add --save-exact @std/path
26+
```
27+
28+
This saves the dependency without the `^` prefix (e.g., `1.0.0` instead of
29+
`^1.0.0`).
30+
31+
Treat unprefixed package names as npm packages:
32+
33+
```sh
34+
deno add --npm express
35+
```
36+
37+
## Where dependencies are stored
38+
39+
If your project has a `package.json`, npm packages will be added to
40+
`dependencies` in `package.json`. Otherwise, all packages are added to the
41+
`imports` field in `deno.json`.

runtime/reference/cli/audit.md

Lines changed: 44 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,49 @@
11
---
2-
title: "deno audit"
2+
title: "deno audit, audit dependencies for vulnerabilities"
33
command: audit
44
openGraphLayout: "/open_graph/cli-commands.jsx"
55
openGraphTitle: "deno audit"
6-
description: "Audit project dependencies with Deno."
6+
description: "Audit project dependencies for known security vulnerabilities"
77
---
8+
9+
The `deno audit` command checks your project's dependencies for known security
10+
vulnerabilities. It reads your lock file and reports any advisories found in
11+
vulnerability databases.
12+
13+
## Examples
14+
15+
Audit all dependencies:
16+
17+
```sh
18+
deno audit
19+
```
20+
21+
Show only high and critical severity vulnerabilities:
22+
23+
```sh
24+
deno audit --level=high
25+
```
26+
27+
Check against the [socket.dev](https://socket.dev/) vulnerability database:
28+
29+
```sh
30+
deno audit --socket
31+
```
32+
33+
Ignore specific CVEs (useful for suppressing false positives or accepted risks):
34+
35+
```sh
36+
deno audit --ignore=CVE-2024-12345,CVE-2024-67890
37+
```
38+
39+
Ignore advisories that have no available fix:
40+
41+
```sh
42+
deno audit --ignore-unfixable
43+
```
44+
45+
Don't error if the audit data can't be retrieved from the registry:
46+
47+
```sh
48+
deno audit --ignore-registry-errors
49+
```

0 commit comments

Comments
 (0)