GitHub - snyk/nodejs-lockfile-parser: Generate a Snyk dependency tree from package-lock.json or yarn.lock file

Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.

Snyk Node.js Lockfile Parser

This is a small utility package that parses lock file and returns either a dependency tree or a dependency graph. Dependency graphs are the more modern data type and we plan to migrate fully over.

Dep graph generation supported for:

package-lock.json (at Versions 2 and 3)
yarn.lock
pnpm-lock.yaml (lockfileVersion 5.x, 6.x and 9.x)

Legacy dep tree supported for:

package-lock.json
yarn 1 yarn.lock
yarn 2 yarn.lock

Name	Name	Last commit message	Last commit date
Latest commit gemaxim Merge pull request #261 from snyk/fix/OSM-2329/pnpm-fix-check-out-of-… Jan 30, 2025 2dedbdc · Jan 30, 2025 History 426 Commits
.circleci	.circleci	fix: security update for micromatch, semver, snyk-config, cross-spawn	Nov 13, 2024
.github	.github	fix: adding housekeeping (#227 )	May 15, 2024
bin	bin	chore: better bin name and error reproting, removing todo	Aug 9, 2018
lib	lib	fix: [OSM-2329] pnpm check out of sync option for missing top level deps	Jan 29, 2025
test	test	fix: [OSM-2329] pnpm check out of sync option for missing top level deps	Jan 29, 2025
.eslintrc.json	.eslintrc.json	feat: improve labels for scope and missing deps (#163 )	Oct 31, 2022
.gitignore	.gitignore	feat: [OSM-1024] pnpm dep graph builder	Apr 11, 2024
.npmrc	.npmrc	feat: target node >= 8	Apr 21, 2020
.nvmrc	.nvmrc	chore: remove node 12+14 and add node 18 tests	Nov 12, 2024
.pre-commit-config.yaml	.pre-commit-config.yaml	feat: add secrets scanning	Jun 15, 2023
.prettierrc.json	.prettierrc.json	chore: add prettier-eslint.	Apr 22, 2020
.releaserc.json	.releaserc.json	fix: add release config	May 17, 2024
Contributor-Agreement.md	Contributor-Agreement.md	Create Contributor-Agreement.md	Feb 6, 2019
LICENSE	LICENSE	feat: Added Apache 2.0 license	Aug 3, 2018
README.md	README.md	feat: added support for pnpm lockfiles v9	May 10, 2024
catalog-info.yaml	catalog-info.yaml	chore: asset classification	Sep 25, 2023
config.default.json	config.default.json	feat: config tree size limit for yarn and npm.	Apr 22, 2020
jest.config.js	jest.config.js	fix: make sure to be able to parse big lockfiles for yarn 2	May 7, 2021
package.json	package.json	fix: security update for micromatch, semver, snyk-config, cross-spawn	Nov 13, 2024
tsconfig.eslint.json	tsconfig.eslint.json	feat: add support for yarn 2 lock files	May 27, 2020
tsconfig.json	tsconfig.json	feat: add support for yarn 2 lock files	Jun 30, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Snyk Node.js Lockfile Parser

About

Releases 138

Packages

Used by 15.8k

Contributors 33

Languages

License

snyk/nodejs-lockfile-parser

Folders and files

Latest commit

History

Repository files navigation

Snyk Node.js Lockfile Parser

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 138

Packages 0

Used by 15.8k

Contributors 33

Languages

Packages