search

aquasecurity / trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
https://aquasecurity.github.io/trivy
Apache License 2.0
23.11k stars 2.28k forks source link

fix(nodejs): detect direct dependencies when using `latest` version for files `yarn.lock` + `package.json` #7110

Closed DmitriyLewen closed 2 months ago

DmitriyLewen commented 3 months ago

Description

Correctly detect direct dependencies when using latest version for files yarn.lock + package.json. See #6747 for more details.

Related issues

Checklist