run npm run all

dist/index.js

@@ -563,8 +563,8 @@ class Audit {
                 auditOptions.push('--production');
             }
             if (jsonFlag === 'true') {
-              auditOptions.push('--json');
-          }
+                auditOptions.push('--json');
+            }
             const result = child_process_1.spawnSync('npm', auditOptions, {
                 encoding: 'utf-8',
                 maxBuffer: SPAWN_PROCESS_BUFFER_SIZE
@@ -1444,8 +1444,9 @@ function run() {
             }
             // run `npm audit`
             const audit = new audit_1.Audit();
-            audit.run(auditLevel, productionFlag);
+            audit.run(auditLevel, productionFlag, jsonFlag);
             core.info(audit.stdout);
+            core.setOutput('npm_audit', audit.stdout);
             if (audit.foundVulnerability()) {
                 // vulnerabilities are found
                 // get GitHub information

src/audit.ts

@@ -7,7 +7,11 @@ export class Audit {
   stdout = ''
   private status: number | null = null
 
-  public run(auditLevel: string, productionFlag: string, jsonFlag: string): void {
+  public run(
+    auditLevel: string,
+    productionFlag: string,
+    jsonFlag: string
+  ): void {
     try {
       const auditOptions: Array<string> = ['audit', '--audit-level', auditLevel]
 

src/main.ts

@@ -35,12 +35,11 @@ export async function run(): Promise<void> {
       throw new Error('Invalid input: json_flag')
     }
 
-
     // run `npm audit`
     const audit = new Audit()
     audit.run(auditLevel, productionFlag, jsonFlag)
     core.info(audit.stdout)
-    core.setOutput('npm_audit', audit.stdout);
+    core.setOutput('npm_audit', audit.stdout)
 
     if (audit.foundVulnerability()) {
       // vulnerabilities are found