On this page
deno audit
deno audit [OPTIONS]Audit currently installed dependencies.
deno audit
Show only high and critical severity vulnerabilities
deno audit --level=high
Check against socket.dev vulnerability database
deno audit --socket
Don't error if the audit data can't be retrieved from the registry
deno audit --ignore-registry-errors
Dependency management options Jump to heading
--frozen Jump to heading
Error out if lockfile is out of date.
--lock Jump to heading
Check the specified lock file. (If value is not provided, defaults to "./deno.lock").
--no-lock Jump to heading
Disable auto discovery of the lock file.
Options Jump to heading
--ignore Jump to heading
Ignore advisories matching the given CVE IDs.
--ignore-registry-errors Jump to heading
Return exit code 0 if remote service(s) responds with an error.
--ignore-unfixable Jump to heading
Ignore advisories that don't have any actions to resolve them.
--level Jump to heading
Only show advisories with severity greater or equal to the one specified.
--socket Jump to heading
Check against socket.dev vulnerability database.
The deno audit command checks your project's dependencies for known security
vulnerabilities. It reads your lock file and reports any advisories found in
vulnerability databases.
Examples Jump to heading
Audit all dependencies:
deno audit
Show only high and critical severity vulnerabilities:
deno audit --level=high
Check against the socket.dev vulnerability database:
deno audit --socket
Ignore specific CVEs (useful for suppressing false positives or accepted risks):
deno audit --ignore=CVE-2024-12345,CVE-2024-67890
Ignore advisories that have no available fix:
deno audit --ignore-unfixable
Don't error if the audit data can't be retrieved from the registry:
deno audit --ignore-registry-errors