You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, pgscan only appears to work with lockfileversion=2 package-lock.json npm files. I believe this is because syntax was changed with lockfileversion 3 and the "dependencies" node is no longer where it was in lockfileversion 2.
Can anyone else confirm this issue, and would you be open to a PR to fix this?
The text was updated successfully, but these errors were encountered:
We would love some help would be very grateful for a pull request :)
It seems easy enough to fix, but the "hard part" for us is getting this tested/verified. We don't have a "problem project" ourselves yet, so we have to repro, study, fix, test, etc.
hopefully you can reply on the forums; unlike our forums, we don't have an internal tracker for GitHub issues, so it's too easy for us to lose track of open discussions
@crotondo-dap before I spend an afternoon attempting to fix this, are you looking at a fix for this already? If not I'm going to go ahead with a PR. I'll follow up in the forums as well but don't currently have an account there yet.
Currently, pgscan only appears to work with lockfileversion=2 package-lock.json npm files. I believe this is because syntax was changed with lockfileversion 3 and the "dependencies" node is no longer where it was in lockfileversion 2.
Can anyone else confirm this issue, and would you be open to a PR to fix this?
The text was updated successfully, but these errors were encountered: