Closed DarkaMaul closed 10 months ago
This is actually a problem in osv-scanner. The error message is coming from that application/library.
It was reported and fixed upstream in v1.4.2 of the library. Which Scorecard upgraded to in #3608. Unfortunately this was right after our v4.13.1 release, but it's been fixed at HEAD.
Note: for the most part this is minor impact. domino
gets skipped over when querying for vulns, but at least all the other packages get properly analyzed.
Describe the bug
Parsing error in yarn.lock.
Reproduction steps Steps to reproduce the behavior:
scorecard --repo=github.com/angular/angular --checks=Vulnerabilities
Expected behavior
The check was successful .
Additional context