npm Audit & Package Maintenance

npm•Permalink

Security auditing, package maintenance, and npm org/team workflows.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

Audit and security

Audit dependencies and review security information.

Run audit

Audit installed dependencies for known vulnerabilities.

bashANYnpmauditsecurity

↗#

bash

npm audit

Notes

Audit installed dependencies for known vulnerabilities.

Audit as JSON

Emit machine-readable audit results.

bashANYnpmauditsecurity

↗#

bash

npm audit --json

Notes

Emit machine-readable audit results.

Automatically fix audit issues

Apply compatible fixes for known vulnerabilities.

bashANYnpmauditsecurity

↗#

bash

npm audit fix

Notes

Apply compatible fixes for known vulnerabilities.

Force risky audit fixes

Apply broader updates that may include breaking changes.

bashANYnpmauditsecurity

↗#

bash

npm audit fix --force

Notes

Apply broader updates that may include breaking changes.

Show outdated dependencies

Include transitive packages where supported.

bashANYnpmoutdated

↗#

bash

npm outdated --all

Notes

Include transitive packages where supported.

Package maintenance

Commands useful for keeping a healthy package.

List top-level packages only

Show only direct dependencies.

bashANYnpmls

↗#

bash

npm ls --depth=0

Notes

Show only direct dependencies.

Diff a package version

Compare package contents between versions.

bashANYnpmdiff

↗#

bash

npm diff <package>@1.0.0 <package>@2.0.0

Notes

Compare package contents between versions.

Explain one dependency

Inspect why one package is present.

bashANYnpmexplain

↗#

bash

npm explain lodash

Notes

Inspect why one package is present.

Rebuild one package

Re-run build scripts for one installed package.

bashANYnpmrebuild

↗#

bash

npm rebuild <package>

Notes

Re-run build scripts for one installed package.

Star a package

Favorite a package on the registry.

bashANYnpmstar

↗#

bash

npm star <package>

Notes

Favorite a package on the registry.

Unstar a package

Remove a favorite from your account.

bashANYnpmunstar

↗#

bash

npm unstar <package>

Notes

Remove a favorite from your account.

Org and team operations

Useful npm org and team commands.

List org members

List users in an npm organization.

bashANYnpmorg

↗#

bash

npm org ls <org>

Notes

List users in an npm organization.

Change org user role

Set an organization role for a user.

bashANYnpmorg

↗#

bash

npm org set <org>:<user> developer

Notes

Set an organization role for a user.

Create a team

Create a team in an npm organization.

bashANYnpmteam

↗#

bash

npm team create <org>:developers

Notes

Create a team in an npm organization.

Add a user to a team

Add a user to a team.

bashANYnpmteam

↗#

bash

npm team add <org>:developers <user>

Notes

Add a user to a team.

Remove a user from a team

Remove a user from a team.

bashANYnpmteam

↗#

bash

npm team rm <org>:developers <user>

Notes

Remove a user from a team.

More in npm

npm Config, Auth & Cache

Configuration, npmrc, cache management, profile, and token workflows.

npm Publish & Registry

Publishing, versioning, dist-tags, auth, and registry metadata commands.

npm Scripts & Workspaces

Scripts, lifecycle hooks, npm exec, and workspace workflows.

npm Install & Dependencies

Install, update, remove, lockfile, and local-development npm dependency workflows.

npm Cheat Sheet

Core npm CLI, package inspection, package.json editing, and daily workflow commands.

Recommended next

No recommendations yet.

Browse all sheets →