: The user should have read permissions to all repositories that exist in a virtual repository while performing the NPM audit request.
- Create local, remote and virtual npm repos.
- Create a user, grant it permissions for remote, but not for the local.
- Configure npm client to work with the virtual repo.
- Create a sample npm project, by running 'npm init -y'
- Run 'npm install' to create the package-lock.json file, needed for the audit command
- Run 'npm audit'
Need to assign read permissions for all repositories that exist under the virtual repository.
1. Grant the user with the read permissions to all the other repositories aggregated in the virtual repository and then try running the npm audit command again.
2. Create a new virtual repository that aggregates only the repositories for which user has the access to the virtual repository, configure the NPM client to point to the newly created virtual repository, and then execute the npm audit.