Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.
This is a small utility package that parses lock file and returns either a dependency tree or a dependency graph. Dependency graphs are the more modern data type and we plan to migrate fully over.
Dep graph generation supported for:
package-lock.json(at Versions 2 and 3)yarn.lockpnpm-lock.yaml(lockfileVersion 5.x, 6.x and 9.x)
Legacy dep tree supported for:
package-lock.json- yarn 1
yarn.lock - yarn 2
yarn.lock