You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fixed local fallback against large lockfiles returned by the GitHub contents API with encoding=none by following the blob object instead of failing early.
Treated npm and Yarn file/workspace-linked packages consistently as local during fallback analysis so they are excluded from external registry age lookups and external transitive attribution.
Aligned README, RELEASING, CONTRIBUTING, AGENTS, and smoke-test docs with the shipped support matrix: GitHub dependency review for multiple ecosystems, and local fallback for npm, pnpm, and Yarn Classic only.
