Deployed ec5d8bec0 to dev with MkDocs 1.3.0 and mike 1.1.2

2026-02-07 17:23:15 +08:00 · 2023-08-23 06:57:18 +00:00
parent 4b128bf269
commit 91d0c072fb
7 changed files with 148 additions and 147 deletions
--- a/dev/docs/coverage/language/nodejs/index.html
+++ b/dev/docs/coverage/language/nodejs/index.html
@@ -3678,7 +3678,8 @@ Trivy analyzes <code>node_modules</code> for licenses.</p>
 <p>By default, Trivy doesn't report development dependencies. Use the <code>--include-dev-deps</code> flag to include them.</p>
 <h3 id="yarn">Yarn</h3>
 <p>Trivy parses <code>yarn.lock</code>, which doesn't contain information about development dependencies.
-To exclude devDependencies, <code>package.json</code> also needs to be present next to <code>yarn.lock</code>.</p>
+To exclude devDependencies, <code>package.json</code> also needs to be present next to <code>yarn.lock</code>. 
+Trivy analyzes <code>.yarn</code> (Yarn 2+) or <code>node_modules</code> (Yarn Classic) folder next to the yarn.lock file to detect licenses.</p>
 <p>By default, Trivy doesn't report development dependencies. Use the <code>--include-dev-deps</code> flag to include them.</p>
 <h3 id="pnpm">pnpm</h3>
 <p>Trivy parses <code>pnpm-lock.yaml</code>, then finds production dependencies and builds a <a href="../../../configuration/reporting/#show-origins-of-vulnerable-dependencies">tree</a> of dependencies with vulnerabilities.</p>