1. Connect Nexus Repository to IQ Server with Firewall license
2. Create an npm Group or npm proxy repository
3. run npm audit, or npm install commands ( which imply audit ) against the group repository URL
4. Check the repo list in IQ Server and you will see an entry for the npm group/proxy repository that is marked as "Disabled"
If a user runs `npm audit` against an NPM group repo, Nexus will make an ad-hoc repo evaluation against IQ using the name of the npm proxy/group repo. As a result, the npm proxy/group repo will show as Disabled on the IQ side ( Firewall Repositories List ). This Disabled state is confusing since the quarantine/firewall capability in Nexus Repository can't be enabled explicitly on group repos.
If Npm proxy or group repos are going to be created in IQ Server and shown Disabled as a result of npm audit commands, then render them in the repositories list in an intuitive way so that end users know why they are there, the impact of deleting them if any, and context around these etc.
Or don't render them in the list to avoid confusion.