lirantal / lockfile-lint

Lint an npm or yarn lockfile to analyze and detect security issues
Apache License 2.0
785 stars 35 forks source link

Support for pnp and npm-shrinkwrap #5

Closed DanielRuf closed 4 years ago

DanielRuf commented 5 years ago

Is your feature request related to a problem? Please describe. Currently only package-lock.json and yarn.lock are checked. But npm-shrinkwrap.json is not which gets higher priority than package-lock.json.

https://docs.npmjs.com/cli/shrinkwrap.html

Also add support for Yarn PnP.

Describe the solution you'd like Support for more lockfile types, especially npm-shrinkwrap.

lirantal commented 4 years ago

Updated docs as to the supported lockfiles. PnP isn't supported to closing this with no further updates.