GitHub - snyk/nodejs-lockfile-parser: Generate a Snyk dependency tree from package-lock.json or yarn.lock file

Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.

Snyk Node.js Lockfile Parser

This is a small utility package that parses lock file and returns either a dependency tree or a dependency graph. Dependency graphs are the more modern data type and we plan to migrate fully over.

Dep graph generation supported for:

package-lock.json (at Versions 2 and 3)
yarn.lock
pnpm-lock.yaml (lockfileVersion 5.x or 6.x)

Legacy dep tree supported for:

package-lock.json
yarn 1 yarn.lock
yarn 2 yarn.lock

Name		Name	Last commit message	Last commit date
Latest commit History 358 Commits
.circleci		.circleci
.github		.github
bin		bin
lib		lib
test		test
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
.npmrc		.npmrc
.nvmrc		.nvmrc
.pre-commit-config.yaml		.pre-commit-config.yaml
.prettierrc.json		.prettierrc.json
Contributor-Agreement.md		Contributor-Agreement.md
LICENSE		LICENSE
README.md		README.md
catalog-info.yaml		catalog-info.yaml
config.default.json		config.default.json
jest.config.js		jest.config.js
package.json		package.json
tsconfig.eslint.json		tsconfig.eslint.json
tsconfig.json		tsconfig.json

License

snyk/nodejs-lockfile-parser

Folders and files

Latest commit

History

Repository files navigation

Snyk Node.js Lockfile Parser

About

Topics

Resources

License

Stars

Watchers

Forks

Languages