There is an awesome tool to generate npm package dependency graph:
If you want to build a graph from lockfile, you can use pnpm import get pnpm-lock.yaml, then you can only handle pnpm-lock.yaml. Here are some references:
- pnpm import | pnpm
- snyk/nodejs-lockfile-parser: Generate a Snyk dependency tree from package-lock.json or yarn.lock file
- milahu/parse-package-lock: parse lockfiles of npm, yarn, pnpm. generic lockfile parser for javascript, to get the deep tree of dependencies, without deduplication. alternative to snyk-nodejs-lockfile-parser