Performance
- npm lockfile graph construction reduced from O(E*V) to O(E) using Set accumulators for edge lists
- npm lockfile graph nodes and arrays pre-frozen at construction time; redundant uniquePathArrays removed
- Remediation package lookup replaced with Map for O(1) access
Docs
- Four new case studies: Strapi (Yarn Berry, 2,887 packages), Twenty (Yarn Berry, 5,451 packages), Presenton (dual npm lockfiles), Payload CMS (pnpm, 2,602 packages)
- OWASP Lab Project status reflected across all project docs: README, CONTRIBUTING, comparison page, case studies index, and press page
Changed
- SARIF, CycloneDX, and HTML reporter file-write cleanup refactored for clarity; test spy coverage refined
- Case study contribution scope clarified in CONTRIBUTING: contributors submit case-study files only, shared index files maintained by maintainer
Validation
- npm test
- npm run build