Known Issues With npm Audit Signatures

JFrog Artifactory Documentation

JFrog Artifactory
Content Type
User Guide
  • Running npm audit signatures on a virtual repository that includes at least one local or remote repository that does not have signatures enabled would cause the npm client to return an error, since not all your packages are signed.

  • If you have applied an include pattern to the repository with a list of accepted patterns, add the following include pattern to your list to be able to use npm audit signatures: .npm/keys.json