Syntax Highlighting for yarn.lock files - Visual Studio Marketplace
npm - Catching Up with Package Lockfile Changes in v7
What is package lock json? Lockfiles for yarn & npm packages | Snyk
Sitnik the Developer on Twitter: "There is a dangerous attack by replacing URL in npm/yarn lock file. Attacker can send a big PR with dependencies update and replace one URL in lock