FAQFrequently asked questions about SCAL-P — zero dependencies, lockfile design, comparisons, and troubleshooting.Copy MarkdownOpenWhy zero external dependencies?Why a separate lockfile? Doesn't package-lock.json already have integrity hashes?Why SHA-512 instead of SHA-256?How does SCAL-P compare to Socket or Snyk?Can I use SCAL-P without a policy file?What happens if npm audit fails or there's no network?Does SCAL-P work with monorepos?Can I use SCAL-P with yarn v1 (Classic)?What about pnpm and bun support?Does SCAL-P support Windows?How do I report a security vulnerability?Can I add support for a new package manager?ArchitectureHow SCAL-P's components fit together — CLI routing, policy engine, trust scoring, hashing, lockfile management, and reporting.TroubleshootingCommon errors, their causes, and how to fix them — lockfile issues, policy problems, network failures, and more.
Scal-p Docs