fix: ensure peer deps only scanned on npm7

snyk / nodejs-lockfile-parser

Generate a Snyk dependency tree from package-lock.json or yarn.lock file

Other

59 stars 28 forks source link

fix: ensure peer deps only scanned on npm7 #106

Closed JamesPatrickGill closed 3 years ago

JamesPatrickGill commented 3 years ago

[x] Tests written and linted
[ ] Documentation written / README.md updated https://snyk.io/docs/snyk-for-node/
[x] Follows CONTRIBUTING agreement
[x] Commit history is tidy https://git-scm.com/book/en/v2/Git-Branching-Rebasing
[ ] Reviewed by Snyk team

What this does

This changes the way we decide to scan peer deps so that we only do so on npm versions 7 or greater as this is the only time they are automatically installed.

snyksec commented 3 years ago

:tada: This PR is included in version 1.33.2 :tada:

The release is available on:

npm package (@latest dist-tag)
GitHub release

Your semantic-release bot :package::rocket: