NodeAuditAnalyzer failed on /github/workspace/client/package-lock.json

[RooshanNaeem]

Hi,

I am using Dependency Check as Github Action, that is configured to run on PR on my nodeJs project. Below is the file for workflow. I want it to skip devdependencies with the flag --nodeAuditSkipDevDependencies, but introducing this flag throws error that

Error:  NodeAuditAnalyzer failed on /github/workspace/client/package-lock.json
[WARN] An error occurred while analyzing '/github/workspace/client/package-lock.json' (Node Audit Analyzer).

Can anyone help me getting rid of this error? This fails my check even though it generates the report but check gets failed and is causing hinderance.

`name: Dependency-Checker
on: 
  pull_request:
    branches:
    - master
    - trunk

jobs:
  depchecktest:
    runs-on: ubuntu-latest
    name: depecheck_test
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Build project with NPM
        run: npm ci --production
      - name: Depcheck
        uses: dependency-check/Dependency-Check_Action@main
        id: Depcheck
        with:
          project: 'myProject'
          path: '.'
          format: 'HTML'
          args: >
            --failOnCVSS 7
            --nodeAuditSkipDevDependencies`

[oliverlockwood]

Having encountered similar, and tested this with a local build of the main branch of Dependency-Check.

I believe that PR #6690 (done in the context of #6437) has fixed this.

[jeremylong]

Thank you for testing and confirming this is closed.