Frogbot unable to parse large package lock

### Describe the bug

It looks like when the package-lock.json is too big, FrogBot can't seem to parse it. We have two similar repositories, where one seems to work and the other doesn't. On the surface the only difference is the amount of dependencies.

### Current behavior

``` 
...
09:29:22 [Info] [Thread 0] No SCA findings
  09:29:23 [Debug] Sending HTTP PUT request to: https://lpe.jfrog.io/xray/api/v1/xsc/event
  09:29:23 [Debug] Command event:
  {{0 failed   0 0 false       2m17.580188559s  } 6029ef1e-6222-40ba-a480-fad78679f7ca }
  09:29:23 [Debug] Sending an error report to JFrog analytics...
  09:29:23 [Debug] Sending HTTP POST request to: https://lpe.jfrog.io/xray/api/v1/xsc/event/logMessage
  Error: 4 [Error] failed to audit source branch code for [.] project. Error: target '/tmp/jfrog.cli.temp.-1759742823-4212232419/lambda/config-sync [npm]' errors:
  failed to generate SBOM for /tmp/jfrog.cli.temp.-1759742823-4212232419/lambda/config-sync: failed to build dependency tree: failed while building 'npm' dependency tree: failed to parse '{
                            "overridden": false,
                            "name": "@types/istanbul-lib-report",
                            "dev": true,
                            "extraneous": false,
                            "path": "/tmp/jfrog.cli.temp.-1759742823-4212232419/node_modules/@types/istanbul-lib-report",
                            "_dependencies": {},
                            "devDependencies": {},
                            "peerDependencies": {}
                          }' from npm ls output.
  target '/tmp/jfrog.cli.temp.-1759742823-4212232419 [npm]' errors:
  failed to generate SBOM for /tmp/jfrog.cli.temp.-1759742823-4212232419: failed to build dependency tree: failed while building 'npm' dependency tree: failed to parse '{
                        "overridden": false,
                        "name": "@types/istanbul-lib-report",
                        "dev": true,
                        "extraneous": false,
                        "path": "/tmp/jfrog.cli.temp.-1759742823-4212232419/node_modules/@types/istanbul-lib-report",
                        "_dependencies": {},
                        "devDependencies": {},
                        "peerDependencies": {}
                      }' from npm ls output.
  target '/tmp/jfrog.cli.temp.-1759742823-4212232419/infra/application [npm]' errors:
  failed to generate SBOM for /tmp/jfrog.cli.temp.-1759742823-4212232419/infra/application: failed to build dependency tree: failed while building 'npm' dependency tree: failed to parse '{
        "resolved": "file:../../infra/application",
        "overridden": false,
        "name": "@sbs/infra",
        "devDependencies": {
          "@flashscan-libraries/integ-base": "0.0.0",
          "@flashscan-libraries/lambda-test-utilities": "1.0.1"
        },
        "extraneous": false,
        "path": "/tmp/jfrog.cli.temp.-1759742823-4212232419/node_modules/@sbs/infra",
        "_dependencies": {
          "@aws-solutions-constructs/aws-dynamodbstreams-lambda": "^2.92.0",
          "@flashscan-libraries/infra-base": "2.13.0",
          "aws-cdk": "^2.1029.4",
          "aws-cdk-lib": "2.219.0"
        },
        "peerDependencies": {},
        "dependencies": {
          "@aws-solutions-constructs/aws-dynamodbstreams-lambda": {
            "version": "2.93.0",
            "resolved": "https://lpe.jfrog.io/artifactory/api/npm/flash-scan-npm-prd-virtual/@aws-solutions-constructs/aws-dynamodbstreams-lambda/-/aws-dynamodbstreams-lambda-2.93.0.tgz",
            "overridden": false,
            "name": "@aws-solutions-constructs/aws-dynamodbstreams-lambda",
            "integrity": "sha512-rn2eH/+cNrzHT1gyZvDkMf40zARgipE3OQQa7zdcAJTuABjyBLRPsRwYpBhpgDsIzNGlfwOKmBjNok8f+Jcv3w==",
...




...
                                 },
                                "devDependencies": {},
                                "peerDependencies": {}
                              },
                              "@aws-sdk/util-user-agent-browser": {
                                "version": "3.901.0",
                                "name": "@aws-sdk/util-user-agent-browser",
                                "resolved": "https://lpe.jfrog.io/artifactory/api/npm/flash-scan-npm-prd-virtual/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.901.0.tgz",
                                "integrity": "sha512-Ntb6V/WFI21Ed4PDgL/8NSfoZQQf9xzrwNgiwvnxgAl/KvAvRBgQtqj5gHsDX8Nj2YmJuVoHfH9BGjL9VQ4WNg==",
                                "license": "Apache-2.0",
                                "_id": "@aws-sdk/util-user-agent-browser@3.901.0",
                                "extraneous": false,
                                "path": "/tmp/jfrog.cli.temp.-1759742823-4212232419/node_modules/@aws-sdk/util-user-agent-browser",
                                "_dependencies": {
                                  "@aws-sdk/types": "3.901.0",
                                  "@smithy/types": "^4.6.0",
                                  "bowser": "^2.11.0",
                                  "tslib": "^2.6.2"
                                },
                                "devDependencies": {},
                                "peerDependencies": {}
                              },
                              "@aws-sdk/util-user-agent-node": {
                                "version": "3.901.0",
                                "name": "@aws-sdk/util-user-agent-node",
                                "resolved": "https://lpe.jfrog.io/artifactory/api/npm/flash-scan-npm-prd-virtual/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.901.0.tgz",
                                "integrity": "sha512-l59KQP5TY7vPVUfEURc7P5BJKuNg1RSsAKBQW7LHLECXjLqDUbo2SMLrexLBEoArSt6E8QOrIN0C8z/0Xk0jYw==",
                                "license": "Apache-2.0",
                                "engines": {
```
Log ends here

### Reproduction steps

_No response_

### Expected behavior

FrogBot to handle big package-lock.json's. Or insights on what might goes wrong

### JFrog Frogbot version

v2

### Package manager info

npm 10.8.2

### Git provider

GitHub

### JFrog Frogbot configuration yaml file

_No response_

### Operating system type and version

Ubuntu 24.04.3

### JFrog Xray version

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Frogbot unable to parse large package lock #932

Describe the bug

Current behavior

Reproduction steps

Expected behavior

JFrog Frogbot version

Package manager info

Git provider

JFrog Frogbot configuration yaml file

Operating system type and version

JFrog Xray version

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Frogbot unable to parse large package lock #932

Description

Describe the bug

Current behavior

Reproduction steps

Expected behavior

JFrog Frogbot version

Package manager info

Git provider

JFrog Frogbot configuration yaml file

Operating system type and version

JFrog Xray version

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions