Closed mbogh closed 4 years ago
@mbogh I released a new version a couple of hours ago that mitigates this issue, try again:
npx lockfile-lint --path package-lock.json --allowed-hosts npm --allowed-schemes "https:" "file:"
Why the new version works? I am ignoring empty hostnames in resources as something invalid, which is what you get when you use local files or github related imports.
I'll close the issue since this is now fixed but if it's still not working for you let me know please and we'll figure it out.
Thank you so very much 🎉
Sure thing. Thanks for chining in with the issue and a descriptive problem detail :)
Expected Behavior
I have a package.json and therefore also a package-lock.json which contains a reference to a package on the file system using
file:
. But it complains about the invalid hosts.Current Behavior
package.json
package-lock.json
Possible Solution
Maybe ignore host when using a
file:
scheme?Steps to Reproduce (for bugs)
Your Environment