What's new at Socket?

Yarn's dependency resolution algorithm varies from yarn versions and scenario. Without a node_modules folder as a source of truth we opted for implementing an alternative module resolution algorithm for yarn. We start by mapping the package.json dependencies to those found in the yarn lock file, then traverse the lock file dependencies to generate an npm v1 lockfile which we use as the reference to resolve modules.