lirantal / lockfile-lint

Lint an npm or yarn lockfile to analyze and detect security issues
Apache License 2.0
785 stars 35 forks source link

"Only yarn supported"? #45

Closed matthias-ccri closed 4 years ago

matthias-ccri commented 4 years ago

Hello!

The readme states:

NOTE: currently only yarn's yarn.lock is supported. PRs to support npm's package-lock.json are welcome

This seems like old information, since the lockfile-lint package does support npm lockfiles, though I may be wrong.

So in this issue, I want to ask: is this readme statement correct?

lirantal commented 4 years ago

Oh you're right! README is definitely old since npm's package-lock.json is supported as well. Would you want to submit a quick PR to fix it (remove that note) ?

matthias-ccri commented 4 years ago

Sure thing: https://github.com/lirantal/lockfile-lint/pull/46