fix: make sure to use pkgJson to pick the root package name

snyk / nodejs-lockfile-parser

Generate a Snyk dependency tree from package-lock.json or yarn.lock file

Other

57 stars 28 forks source link

fix: make sure to use pkgJson to pick the root package name #174

Closed JamesPatrickGill closed 1 year ago

JamesPatrickGill commented 1 year ago

Initially I was using data from the package-lock.json to get root package information but the presence of this fixture made me realise this isn't always possible.

This uses logic that we have previously used to get root package information.

snyksec commented 1 year ago

:tada: This PR is included in version 1.47.1 :tada:

The release is available on:

npm package (@latest dist-tag)
GitHub release

Your semantic-release bot :package::rocket: