How to factor npm overrides when scanning for vulnerabilities

[aguilanegra]

I am performing a scan of a branch on a GitHub repo that employs npm to generate build artifacts. In the relevant package.json file that is used to inform npm i, command, I am employing the overrides spec to upgrade specific nested dependencies to the required versions for security compliance.

I am, however, not seeing a way to factor in the versions as specified in the overrides spec when triggering a scan. Is there a configuration or parameter that can be passed as an argument to take this into account? Otherwise, I continue to get false positives.