Lockfile Lint

Lint an npm or Yarn lockfile to analyze and detect security issues via predefined security policies.

Security Testing Tools

•

Free

Visit Website

Can you test smarter with AI? Find out at Breakpoint 2025

Featured

Breakpoint 2025 is back—bringing together 20,000+ testers, QAs, and devs on May 14–15 to explore how AI is changing testing. Hear from Atlassian, Amazon, Walmart, and more. Register now for Free!

Lockfiles are used as trusted whitelist of resources manifest to fetch packages from. However, keeping track of the changes introduced to lockfiles is not an easy task as they are designed to be consumed by machines 🤖.

What happens when someone creates a Pull Request and sneaks a malicious resource package that replaces a real library? 😱

Exactly! Lint your lockfiles to ensure they adhere to pre-defined security policies and mitigate this vector of attack.

Tags:

JavaScriptOpen Source

Share this tool on: