{"library":"lockfile-lint-api","title":"lockfile-lint-api","description":"Programmatic API for linting npm or yarn lockfiles to detect security and policy issues. Current stable version is 5.9.2, released as part of the lockfile-lint monorepo. It provides validators for HTTPS scheme, allowed hosts, package name consistency, URI schemes, and integrity hash types. Outputs structured success/error objects. Requires Node >=16.0.0.","language":"javascript","status":"active","last_verified":"Fri May 01","install":{"commands":["npm install lockfile-lint-api"],"cli":null},"imports":["import { ValidateHost } from 'lockfile-lint-api'","import { ValidateHttps } from 'lockfile-lint-api'","import { ParseLockfile } from 'lockfile-lint-api'"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import { ParseLockfile, ValidateHost } from 'lockfile-lint-api';\nimport fs from 'fs';\n\nconst lockfilePath = 'package-lock.json';\nconst lockfileContent = fs.readFileSync(lockfilePath, 'utf8');\nconst parser = new ParseLockfile(lockfileContent);\nconst lockfile = parser.parse();\n\nconst validator = new ValidateHost({ packages: lockfile.object });\ntry {\n  const result = validator.validate(['npm']);\n  console.log(result.type === 'success' ? 'Valid' : 'Invalid');\n} catch (err) {\n  console.error('Validation error:', err.message);\n}","lang":"typescript","description":"Parses a package-lock.json file and validates that all packages are hosted on the allowed 'npm' host.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}