fix(audit-level): add info audit level

lib/audit.js

@@ -18,6 +18,7 @@ class Audit extends BaseCommand {
   /* istanbul ignore next - see test/lib/load-all-commands.js */
   static get params () {
     return [
+      'audit-level',
       'dry-run',
       'force',
       'json',

lib/install.js

@@ -126,15 +126,15 @@ class Install extends BaseCommand {
     if (this.npm.config.get('dev'))
       log.warn('install', 'Usage of the `--dev` option is deprecated. Use `--include=dev` instead.')
 
-    const arb = new Arborist({
+    const opts = {
       ...this.npm.flatOptions,
+      auditLevel: null,
       path: where,
-    })
-
-    await arb.reify({
-      ...this.npm.flatOptions,
       add: args,
-    })
+    }
+    const arb = new Arborist(opts)
+    await arb.reify(opts)
+
     if (!args.length && !isGlobalInstall && !ignoreScripts) {
       const scriptShell = this.npm.config.get('script-shell') || undefined
       const scripts = [

lib/utils/config/definitions.js

@@ -220,7 +220,7 @@ define('audit', {
 
 define('audit-level', {
   default: null,
-  type: ['low', 'moderate', 'high', 'critical', 'none', null],
+  type: ['info', 'low', 'moderate', 'high', 'critical', 'none', null],
   description: `
     The minimum level of vulnerability for \`npm audit\` to exit with
     a non-zero exit code.

tap-snapshots/test-lib-utils-config-describe-all.js-TAP.test.js

@@ -64,7 +64,7 @@ registry and all registries configured for scopes. See the documentation for
 #### \`audit-level\`
 
 * Default: null
-* Type: "low", "moderate", "high", "critical", "none", or null
+* Type: "info", "low", "moderate", "high", "critical", "none", or null
 
 The minimum level of vulnerability for \`npm audit\` to exit with a non-zero
 exit code.

tap-snapshots/test-lib-utils-npm-usage.js-TAP.test.js

@@ -204,7 +204,7 @@ All commands:
                     npm audit [fix]
 
                     Options:
-                    [--dry-run] [-f|--force] [--json] [--package-lock-only] [--production]
+                    [--audit-level <info|low|moderate|high|critical|none>] [--dry-run] [-f|--force] [--json] [--package-lock-only] [--production]
 
                     Run "npm help audit" for more info
 

test/lib/install.js

@@ -32,7 +32,7 @@ test('should install using Arborist', (t) => {
 
   const npm = mockNpm({
     config: { dev: true },
-    flatOptions: { global: false },
+    flatOptions: { global: false, auditLevel: 'low' },
     globalDir: 'path/to/node_modules/',
     prefix: 'foo',
   })
@@ -42,7 +42,9 @@ test('should install using Arborist', (t) => {
     install.exec(['fizzbuzz'], er => {
       if (er)
         throw er
-      t.match(ARB_ARGS, { global: false, path: 'foo' })
+      t.match(ARB_ARGS,
+        { global: false, path: 'foo', auditLevel: null },
+        'Arborist gets correct args and ignores auditLevel')
       t.equal(REIFY_CALLED, true, 'called reify')
       t.strictSame(SCRIPTS, [], 'no scripts when adding dep')
       t.end()