Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.
Snyk Node.js Lockfile Parser
This is a small utility package that parses lock file and returns either a dependency tree or a dependency graph. Dependency graphs are the more modern data type and we plan to migrate fully over.
Dep graph generation supported for:
package-lock.json(at Versions 2 and 3)yarn.lockpnpm-lock.yaml(lockfileVersion 5.x, 6.x and 9.x)
Legacy dep tree supported for:
package-lock.json- yarn 1
yarn.lock - yarn 2
yarn.lock