nsp check

  checks a package.json / npm-shrinkwrap.json for known vulnerabilities against the Node Security API. Non-public and repository based dependencies are currently skipped.

Parameters

  --output (-o): optional

    valid values are:
        default
        summary
        json
        codeclimate
        quiet
        none (does what you think it does)

  --offline: optional

    when network is unavailable you can use this (but it won't have as many results as the online version)

  --advisoriesPath: optional

    when using --offline mode use this option to specify a path to the advisories.json file

  --warn-only: optional

    report errors, but always quit with an exit code of 0