why yarn.lock not use JSON file?

[rhinoceros]

Hello:
why yarn.lock not use JSON file?

[rhinoceros]

we want to pasrs yarn.lock , to edit some filed.
eg. in order to count ut line coverage , we want to change

istanbul@^0.4.0:
version "0.4.5"
resolved "http://172.18.2.109:7001/istanbul/download/istanbul-0.4.5.tgz#65c7d73d4c4da84d4f3ac310b918fb0b8033733b"

==>
istanbul@^0.4.0:
version "0.4.4"
resolved "http://172.18.2.109:7001/istanbul/download/istanbul-0.4.4.tgz#65c7d73d4c4da84d4f3ac310b918fb0b8033733b"

[mcharytoniuk]

It's YAML (https://en.wikipedia.org/wiki/YAML) but you shouldn't edit yarn.lock manually anyway.

[rhinoceros]

@mcharytoniuk thanks for help.

[itajaja]

it's not yaml, unfortunately. I am curious about why you didn't pick a standard format, as would make parsing it much easier. our use case is that we are gathering a list of dependencies for our systems, and the script is not written in javascript, so relying on json or yaml would be much better :)

[milesj]

@itajaja You can parse them using this lib: https://github.com/yarnpkg/yarn/tree/master/packages/lockfile

[itajaja]

as I stated, the script is not written in javascript (it gathers dependencies from multiple systems/languages). it just seems a reasonable choice to use an established format, so I am curios why that wasn't the case for yarn. especially considered that the file is "almost" yaml, why not support it entirely?

[itajaja]

I am doing this, and now I feel dirty inside

[taion]

I want to reiterate the importance of the above point. There are a number of real use cases where it's important to e.g. gather dependencies across an entire deployed project, such as when regulatory concerns exist. It would be great, then, if there were a better way than the above to figure out what's in a Yarn lockfile, when using something other than Node as our scripting language.