# Install audit-ci with npm

Audits NPM, Yarn, and PNPM projects in CI environments. Version 7.1.0 via npm; verified 2024-07-03.

## Install

```sh
sudo av install npm:audit-ci
```

Additional install commands:

### Portable and language managers

- npm (100%):

```sh
npm install -g audit-ci
```

  Evidence: local npm package metadata

## Package facts

- **Package key:** npm:audit-ci
- **Package manager:** npm
- **Package manager page:** <https://www.npmjs.com/package/audit-ci>
- **Version:** 7.1.0
- **Source summary:** Audits NPM, Yarn, and PNPM projects in CI environments
- **Homepage:** <https://github.com/IBM/audit-ci>
- **Repository:** <https://github.com/IBM/audit-ci>
- **Upstream docs:** <https://github.com/IBM/audit-ci>
- **License:** Apache-2.0
- **Source archive:** <https://registry.npmjs.org/audit-ci/-/audit-ci-7.1.0.tgz>
- **Issue tracker:** <https://github.com/IBM/audit-ci/issues>
- **Published:** 2024-07-03T18:02:15.369Z
- **Last updated:** 2024-07-03T18:02:15.369Z
- **Generated:** 2026-07-08T18:08:21+00:00

## Executables

- audit-ci (cli)
- audit-ci (alias)

## Dependencies

- cross-spawn
- escape-string-regexp
- event-stream
- jju
- jsonstream-next
- readline-transform
- semver
- tslib
- yargs

## Build dependencies

- @tsconfig/node18
- @types/cross-spawn
- @types/event-stream
- @types/jju
- @types/jsonstream-next
- @types/node
- @types/readline-transform
- @types/semver
- @types/yargs
- @typescript-eslint/eslint-plugin
- @typescript-eslint/parser
- @vitest/coverage-v8
- audit-types
- concurrently
- eslint
- eslint-config-prettier
- eslint-plugin-import
- eslint-plugin-unicorn
- prettier
- ts-json-schema-generator
- tsup
- typescript
- vitest

## Install behavior

- Post-install hook: not defined
- Bottle: not available

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 7.1.0
- Package-manager updated: 2024-07-03
- Local data: ok
- Upstream repository: https://github.com/IBM/audit-ci
- warning: The package-manager record has not been updated in over a year.
- info: No cached GitHub release or tag data was available.

## Security Notes

No matching local secret-handling manifest was found for audit-ci. Nucleus package metadata is still published here so future coverage has a stable package URL.


## Source Database Details

- **Source Database:** npm registry
- **Dist Tags:** Latest: 7.1.0
- **Version Count:** 53
- **Maintainers:** quinnturner, andypatt
- **Publisher:** quinnturner
- **Engines:** Node: >=16
- **Integrity:** sha512-PjjEejlST57S/aDbeWLic0glJ8CNl/ekY3kfGFPMrPkmuaYaDKcMH0F9x9yS9Vp6URhuefSCubl/G0Y2r6oP0g==
- **Shasum:** 6a5c052093298d59841b6b7252e63b9b8df158e6
- **Unpacked Size:** 451,346
- **File Count:** 0
- **Created At:** 2018-11-15T15:05:31.188Z
- **Latest Published At:** 2024-07-03T18:02:15.369Z
- **Modified At:** 2024-07-03T18:02:15.522Z


## Related links

- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched curated package taxonomy and local package facts.
- [auditjs](https://www.automicvault.com/pkg/npm/auditjs/) - Security-sensitive metadata or terminology overlaps. Shared terms: audit, cli, http, npm, scanning.
- [better-npm-audit](https://www.automicvault.com/pkg/npm/better-npm-audit/) - Security-sensitive metadata or terminology overlaps. Shared terms: audit, cli, http, npm, scanning.
- [anti-trojan-source](https://www.automicvault.com/pkg/npm/anti-trojan-source/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, http, npm, scanning, security.

## Sources

- Nucleus package database
- package-page enrichment
- package version freshness
- av.db category and tag curation
- package relationship graph
- cross-ecosystem install command graph
