A package.json file is required to be present all types of npm analysis.
Running npm install and generating a package-lock.json file will provide significantly better results. This allows FOSSA to detect the full dependency graph.
Note: The
package-lock.jsonfile is expected to be located in the same directory as thepackage.jsonfile.
Directories containing package.json files are considered npm projects. node_modules subdirectories are skipped.