{"library":"yarn-osv-audit","type":"library","category":null,"description":"A lightweight, zero-dependency CLI tool (v0.1.8, active development) that audits Yarn Classic (v1) lockfiles against the OSV.dev vulnerability database. It supports four output formats (compact, table, json, summary), config files, severity filtering, and allowlisting. Unlike npm audit or yarn audit, it uses the open-source OSV database and works with Yarn v1 lockfiles. Requires Node >=18. Released via GitHub Actions with npm provenance.","language":"javascript","status":"active","version":"0.1.8","tags":["javascript","yarn","audit","security","osv","vulnerability"],"last_verified":"Mon Apr 27","install":[{"cmd":"npm install yarn-osv-audit","imports":["yarn-osv-audit"]},{"cmd":"yarn add yarn-osv-audit","imports":[]},{"cmd":"pnpm add yarn-osv-audit","imports":[]}],"homepage":null,"github":"https://github.com/duncanhoggan/yarn-osv-audit","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/yarn-osv-audit","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":null}