This project is an example of a JavaScript project with a package-lock.json to lockdown the version of its dependencies.
package-lock.json
at the root directory locked down the following dependencies' versions:
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
Total number of dependencies:
- 10 direct dependencies (7 of these direct dependencies are also transitives)
Vulnerabilities:
- 2 vulnerabilities
This project does not have a vulnerable call chain. If you would like to test this feature, feel free to create a vulnerable call chain by modifying index.js (and adding the necessary dependencies in package-lock.json
) and send us a PR.
By running the security scanner of your choice against efda-npm-package-lock
project, you should get results that are coherent with the details above if the tool supports using package-lock.json
to resolve dependencies and lock down versions.