| 1 | 
|
| 2 |
|
| 3 | ---
|
| 4 |
|
| 5 | [](https://snyk.io/test/github/snyk/nodejs-lockfile-parser)
|
| 6 |
|
| 7 | Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.
|
| 8 |
|
| 9 | ## Snyk Node.js Lockfile Parser
|
| 10 |
|
| 11 | This is a small utility package that parses lock file and returns either a [dependency tree](https://github.com/snyk/nodejs-lockfile-parser/blob/1a495302089614205478d57611bf7c39d29ce66d/lib/parsers/index.ts#L51) or a [dependency graph](https://github.com/snyk/dep-graph). Dependency graphs are the more modern data type and we plan to migrate fully over.
|
| 12 |
|
| 13 | Dep graph generation supported for:
|
| 14 |
|
| 15 | - `package-lock.json` (at Versions 2 and 3)
|
| 16 | - `yarn.lock`
|
| 17 | - `pnpm-lock.yaml` (lockfileVersion 5.x, 6.x and 9.x)
|
| 18 |
|
| 19 | Legacy dep tree supported for:
|
| 20 |
|
| 21 | - `package-lock.json`
|
| 22 | - yarn 1 `yarn.lock`
|
| 23 | - yarn 2 `yarn.lock`
|