Hi, I'm scanning a NodeJS project that has several package.json files in different folders. The developers use yarn for installing dependencies instead of npm so after running yarn command the package-lock files are not created (only node_modules folder).
When I run Dependency Check I get an error message for each package.json in the project because it does not find the corresponding package-lock (that should be created after running npm).
Is there a way of not getting these exceptions in my report? I believe I'm still finding all the dependencies in the project. Yarn creates the node_modules folder and that's where D-Check finds them.
Please tell me if I'm correct. Thanks!
Hi, I'm scanning a NodeJS project that has several package.json files in different folders. The developers use yarn for installing dependencies instead of npm so after running yarn command the package-lock files are not created (only node_modules folder).
When I run Dependency Check I get an error message for each package.json in the project because it does not find the corresponding package-lock (that should be created after running npm).
Is there a way of not getting these exceptions in my report? I believe I'm still finding all the dependencies in the project. Yarn creates the node_modules folder and that's where D-Check finds them.
Please tell me if I'm correct. Thanks!