NPM configuration to skip vulnerabilities audit for devDependencies on install

Question

Is it possible to configure npm to skip audit of vulnerabilities for devDependencies when running command npm install?

Answer 1

You can skip auditing at all by adding the --no-audit flag.

npm install --no-audit

If you want this to apply to devDependencies only, you can run it this way:

npm install --no-audit --only=dev

If you want this to apply to production dependencies only, you can run it this way:

npm install --no-audit --only=prod

Answer 2

Since this is a first result when you try to google for a way to disable audit, let's post a more convenient solution for more general case.

You can skip auditing altogether by using npm config:

npm config set audit false

And to reduce pesky noise even more:

npm config set fund false