mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-20 05:27:12 +03:00
Frozen-Deps Check: Add npm-shrinkwrap.json lockfile (#55)
According to npm, it has the same effect as a package-lock.json: https://docs.npmjs.com/cli/v6/configuring-npm/shrinkwrap-json Resolves #54
This commit is contained in:
parent
cdce9ddc56
commit
dc1bbba544
@ -77,7 +77,7 @@ func FrozenDeps(c checker.Checker) checker.CheckResult {
|
||||
case "vendor/", "third_party/", "third-party/":
|
||||
c.Logf("vendor dir found: %s", name)
|
||||
return passResult
|
||||
case "package-lock.json":
|
||||
case "package-lock.json", "npm-shrinkwrap.json":
|
||||
c.Logf("nodejs packages found: %s", name)
|
||||
return passResult
|
||||
case "requirements.txt", "pipfile.lock":
|
||||
|
Loading…
Reference in New Issue
Block a user