...
...
...
The configuration parameters that are specifically related to NPM include the following:
- npm.resolveDependencies (By default, dependency resolution is enabled)
- npm.ignoreSourceFiles
- npm.includeDevDependencies
- npm.runPreStep
- npm.ignoreNpmLsErrors
- npm.ignoreScripts
- npm.yarnProject
- npm.accessToken
- npm.identifyByNameAndVersion
- npm.yarn.frozenLockfile
- npm.resolveMainPackageJsonOnly
- npm.projectNameFromDependencyFile
- npm.removeDuplicateDependencies
- npm.resolveAdditionalDependencies
- npm.resolveLockFile
For more information, see the Configuration File & Parameters page.
Beginning release 20.9.1, if the Yarn lock file (yarn.lock) is found during the scan, it will be used for the dependencies detection, without the need to explicitly set the npm.yarnProject flag.
Notes
'package.json' dependency files defined within directories defined by the npm.ignoreDirectoryPatterns are not scanned, and therefore dependencies declared in these files are ignored. For example, the default set of directories to ignore will not include the following dependency files:
/examples/*package.json
/example/*package.json
/.ws_bower/*package.json
...
Notes
When the Unified Agent identifies a package.json file, it tries to determine whether it is an NPM or a yarn project based on the relevant lock file. If a yarn.lock is identified, then the yarn resolution is performed, otherwise, if package-lock.json is identified NPM resolution is performed. Only in the case in which both lock files are found, the Unified Agent will use the npm.yarnProject parameter to determine which resolution to perform.
For more information, see the Unified Agent Configuration Parameters page.