nodejs-lockfile-parser
nodejs-lockfile-parser copied to clipboard
snyk
Generate a Snyk dependency tree from package-lock.json or yarn.lock file
i get this error on nodejs = not in browser probably fixed by updating [graphlib](https://github.com/snyk/graphlib) [old graphlib](https://github.com/dagrejs/graphlib/blob/master/lib/lodash.js#L32) ```js lodash = window._; ```
reproduce ``` cd $(mktemp -d) npm init -y npm i snyk-nodejs-lockfile-parser npm i "github:milahu/postcss-nodegui-autoprefixer#e180d6a5f2f313d634f73637a285c129de90d530" sed -i 's/e180d6a5f2f313d634f73637a285c129de90d530/f4311b3ce656395d469e9a7df0b940bdc184a757/' package.json # now package.json and package-lock.json are out of sync src="const read =...
every tree needs a tree walker ; ) [npm/logical-tree](https://github.com/npm/logical-tree/blob/675632c9ad38b47ccd495df3baad19b6f6ab5f74/index.js#L87-L96) [npm/logical-tree fork](https://github.com/milahu/npm-install-mini/blob/faeff57a564bc8b95f50c9dac83ffaa6ec736f0b/src/lockTree.js#L85-L94) i use this to build a deep node_modules with symlinks, just like pnpm its useful to have an array...
The testing code right now is spread between node-tap and jest. Moreover, the process of introducing properties and updating fixtures is quite cumbersome and not for everyone. This could be...
lockfile-lint needs support for yarn v2 lockfile as mentioned in https://github.com/lirantal/lockfile-lint/issues/101 .Since this repo already has good support for Yarn v2 , we would like to use this repo in...
Call extractPackages in pnpm parser constructor because the extracted packages are bound to the class, they need to be extracted before calling getTopLevelDependencies.
