or run

npx @tessl/cli init
Log in

Version

Files

docs

examples

edge-cases.mdreal-world-scenarios.md

guides

quick-start.md

reference

cli-options.mdconfiguration.mderror-handling.mdintegration-patterns.md
index.md
tile.json

quick-start.mddocs/guides/

Quick Start Guide

Installation

Local Installation

npm install lockfile-lint

Global Installation

npm install -g lockfile-lint

Using npx (No Installation Required)

npx lockfile-lint --path package-lock.json --validate-https

Basic Usage

Validate HTTPS Only

lockfile-lint --path package-lock.json --validate-https

Validate Allowed Hosts

lockfile-lint --path yarn.lock --allowed-hosts npm yarn

Multiple Validations

lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --validate-integrity

Plain Output for CI/CD

lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --format plain

Common Workflows

Basic Security Check

The most common security check validates HTTPS and restricts to npm registry:

lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --format plain

With Integrity Validation

Add integrity hash validation for complete protection:

lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --validate-integrity --format plain

Monorepo Validation

Validate multiple lockfiles in a monorepo:

lockfile-lint --path "packages/**/package-lock.json" --validate-https --allowed-hosts npm

Next Steps

  • See CLI Options Reference for all available options
  • See Real-World Scenarios for comprehensive examples
  • See Configuration Reference for file-based configuration