fix: start supporting overrides in a non destructive way - npm lock v2

snyk / nodejs-lockfile-parser

Generate a Snyk dependency tree from package-lock.json or yarn.lock file

Other

56 stars 28 forks source link

fix: start supporting overrides in a non destructive way - npm lock v2 #212

Closed JamesPatrickGill closed 7 months ago

JamesPatrickGill commented 7 months ago

[x] Tests written and linted

What this does

Newer changes to npm-lock-v2 resolution started to fail in cases where overrides where used. Although we never had explicit support for this, the old behavior was at least not a failure.

To remediate I have just started to explicitly support these use cases, there are likely rough edges but for now this should help support some existing use cases I have found.

snyksec commented 7 months ago

:tada: This PR is included in version 1.52.7 :tada:

The release is available on:

npm package (@latest dist-tag)
GitHub release

Your semantic-release bot :package::rocket: