Configuration
The configuration parameters that are specifically related to NPM include the following:
- npm.resolveDependencies (By default, dependency resolution is enabled)
- npm.ignoreSourceFiles
- npm.includeDevDependencies
- npm.runPreStep
- npm.ignoreNpmLsErrors
- npm.ignoreScripts
- npm.yarnProject
- npm.accessToken
- npm.identifyByNameAndVersion
- npm.yarn.frozenLockfile
- npm.resolveMainPackageJsonOnly
- npm.projectNameFromDependencyFile
- npm.removeDuplicateDependencies
- npm.resolveAdditionalDependencies
- npm.resolveLockFile
For more information, see the Configuration File & Parameters page.
Beginning release 20.9.1, if the Yarn lock file (yarn.lock) is found during the scan, it will be used for the dependencies detection, without the need to explicitly set the npm.yarnProject flag.
Notes
'package.json' dependency files defined within directories defined by the npm.ignoreDirectoryPatterns are not scanned, and therefore dependencies declared in these files are ignored. For example, the default set of directories to ignore will not include the following dependency files:
/examples/*package.json
/example/*package.json
/.ws_bower/*package.json
/test/*package.json