lirantal/lockfile-lint
Lint an npm or yarn lockfile to analyze and detect security issues
JavaScriptApache-2.0
Issues
- 2
Unsupported lockfile?
#195 opened by Lewenhaupt - 3
Feat: Validate missing integrity fields
#196 opened by bozdoz - 5
Does .lockfile-lint.js config work?
#192 opened by jerone - 2
Support mechanism for exceptions on integrity value requirements to the CLI
#187 opened by ericcornelissen - 5
Check integrity values for weak hashes
#186 opened by ericcornelissen - 3
--version results in error in 4.12.0
#184 opened by candrews - 4
Is it possible to run this for all yarn.lock files?
#156 opened by GocoolGK - 1
Bare output option for basic environments
#133 opened by iessa-pragg-ctct - 3
Mark results as OK, how?
#175 opened by baruchiro - 3
Are lockfiles actually a vulnerability?
#108 opened by jeznag - 10
Does not support NPM lockfile version 3
#168 opened by kusalk - 10
Use allowed url patterns in a single hostname
#112 opened by eserkaraca - 2
Error could be more descriptive
#115 opened by vipulgupta2048 - 3
Epic: enable fearless cooperation
#124 opened by naugtur - 10
- 1
Potential issue with parsing HTTPS schemes
#151 opened by lirantal - 2
Parsing empty `yarn.lock` fails
#158 opened by candrews - 1
Usage in a monorepo with local packages
#150 opened by jackdbd - 8
Require Resolved field, and Check package versions
#120 opened by bozdoz - 6
package@version exemptions for --validate-integrity
#152 opened by kusalk - 22
Yarn v2 support needed
#101 opened by jdanil - 0
Renovate PRs don't include release notes
#141 opened by travi - 4
- 10
publishing doesn't seem to work anymore
#129 opened by naugtur - 4
- 0
- 2
Replace @yarnpkg/lockfile with @yarnpkg/parsers
#122 opened by naugtur - 7
Ability to validate lockfileVersion
#128 opened by appsbytom - 2
Verify that the resolved URL references fetches the exact package it's nested under in the lockfile
#113 opened by fabioberger - 3
Replace Travis CI with Github Actions
#109 opened by abdulhannanali - 2
Crash when package-lock.json has no dependencies
#102 opened by MikeRalphson - 17
Add missing unit test coverage for PR #59
#60 opened by lirantal - 1
Allow tying packages/scopes to a specific host
#105 opened by ewanharris - 3
Additional validations
#103 opened by MikeRalphson - 5
Vulnerability in y18n (prototype pollution)
#99 opened by xiniria - 6
- 6
lockfile-lint-api@^5.1.3 not published
#92 opened by mnahkies - 2
Example 3 from Readme does not work
#89 opened by jennifer-shehane - 1
Some tests seem to be testing the wrong thing
#77 opened by bolatovumar - 1
- 3
PackageError module is not used.
#78 opened by bolatovumar - 6
getting error on build ci/cd
#79 opened by JustFly1984 - 1
README updates for URL validator
#82 opened by lirantal - 0
Shrinkwrap has a typo
#80 opened by ethankore - 1
File-based configuration
#74 opened by mtlewis - 1
Tests fail on Windows
#69 opened by XhmikosR - 6
Extra check for incompatible options
#63 opened by XhmikosR - 4
- 7
invalid protocol when undefined
#58 opened by travi - 11