Closed regevbr closed 4 years ago
It seems that the "equivelnt" package for yarn 2 is @yarnpkg/parsers and the usage is:
const parsers = require('@yarnpkg/parsers');
parsers.parseSyml(file);
But it seems that the output is different than what you are expecting
Functionality is available in Snyk CLI since v1.361.0
🎉
node -v
: 12npm -v
: yarn 2snyk -v
: snyk/actions/node@masterExpected behaviour
Work well with yarn 2 lock files
Actual behaviour
yarn.lock parsing failed with an error: Unknown token: { line: 3, col: 2, type: 'INVALID', value: undefined } 3:2 in lockfile
Steps to reproduce
create a project with yarn 2 and a github actions workflows that uses the snyk/actions/node@master action
Found issues
You use @yarnpkg/lockfile to parse the lock file, but it doesn't support yarn 2 lock files as they contain
which the parser does not support.
Suggested solution
realize that the repo is using yarn 2 (the existence of .yarnrc.yml is the indicator) and then use a different parser (I couldn't find an equivalent in yarn 2) Removing the __metadata line manually still doesn't solve the issue, we need to use a different parser
Debug log