Update pgscan to support npm lockfileversion 3 #34
Comments
|
We would love some help would be very grateful for a pull request :) It seems easy enough to fix, but the "hard part" for us is getting this tested/verified. We don't have a "problem project" ourselves yet, so we have to repro, study, fix, test, etc. Also, this is currently in discussion here, so I'll close this Issue: hopefully you can reply on the forums; unlike our forums, we don't have an internal tracker for GitHub issues, so it's too easy for us to lose track of open discussions |
|
@crotondo-dap before I spend an afternoon attempting to fix this, are you looking at a fix for this already? If not I'm going to go ahead with a PR. I'll follow up in the forums as well but don't currently have an account there yet. |
Currently, pgscan only appears to work with lockfileversion=2 package-lock.json npm files. I believe this is because syntax was changed with lockfileversion 3 and the "dependencies" node is no longer where it was in lockfileversion 2.
Can anyone else confirm this issue, and would you be open to a PR to fix this?
The text was updated successfully, but these errors were encountered: