API library for parsing and validating npm/yarn lockfiles to detect security issues and enforce security policies