Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.
This is a small utility package that parses lock file and returns either a dependency tree or a dependency graph. Dependency graphs are the more modern data type and we plan to migrate fully over.
Dep graph generation supported for:
-
package-lock.json(at Versions 2 and 3) yarn.lock-
pnpm-lock.yaml(lockfileVersion 5.x or 6.x)
Legacy dep tree supported for:
package-lock.json- yarn 1
yarn.lock - yarn 2
yarn.lock