Dependency Graph and Security Alerts for npm lock file version 3 #49759

avivek · 2023-03-11T06:04:48Z

avivek
Mar 11, 2023

Select Topic Area

Bug

Body

When a repository has security alerts and dependency graphs enabled, no dependency are detected when the package-lock.json is having lock file version 3.
Node 18 which is LTS comes packed with npm 9 and npm 9 generates lock file version 3 by default.

Answered by deivid-rodriguez

Mar 14, 2023

I think this is actually supported since very recently! https://github.blog/changelog/2023-03-10-dependency-graph-and-dependabot-support-npm-v9/

View full answer

deivid-rodriguez · 2023-03-14T13:22:21Z

deivid-rodriguez
Mar 14, 2023

I think this is actually supported since very recently! https://github.blog/changelog/2023-03-10-dependency-graph-and-dependabot-support-npm-v9/

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

Dependency Graph and Security Alerts for npm lock file version 3 #49759

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

GitHub Community

Dependency Graph and Security Alerts for npm lock file version 3 #49759

Uh oh!

avivek Mar 11, 2023

Select Topic Area

Body

Replies: 1 comment

Uh oh!

deivid-rodriguez Mar 14, 2023

avivek
Mar 11, 2023

deivid-rodriguez
Mar 14, 2023