Not modify package.json when doing npm audit fix

npm audit fix is not must to get your app up and running. I use this command when I want to make sure that there is no potential security vulnerability so that git hub won't have any object against my project. In case you still want to use audit fix without changing rest files, try this commands

Run audit fix without modifying node_modules, but still updating the pkglock:

 $ npm audit fix --package-lock-only

Skip updating devDependencies:

  $ npm audit fix --only=prod

Do a dry run to get an idea of what audit fix will do, and also output install information in JSON format:

$ npm audit fix --dry-run --json

Check out this link for your future reference: https://docs.npmjs.com/cli/audit


To answer the original question, if you really want to skip auditing completely when installing (for whatever reason, in my case I wanted to troubleshoot an exception when installing) you can use --no-audit flag:

npm install --no-audit