diff --git a/syft/pkg/cataloger/javascript/parse_package_json.go b/syft/pkg/cataloger/javascript/parse_package_json.go
index cb9db5d76..57c1bb965 100644
--- a/syft/pkg/cataloger/javascript/parse_package_json.go
+++ b/syft/pkg/cataloger/javascript/parse_package_json.go
@@ -55,22 +55,18 @@ func parsePackageJSON(_ context.Context, _ file.Resolver, _ *generic.Environment
 	var pkgs []pkg.Package
 	dec := json.NewDecoder(reader)
 
-	for {
-		var p packageJSON
-		if err := dec.Decode(&p); errors.Is(err, io.EOF) {
-			break
-		} else if err != nil {
-			return nil, nil, fmt.Errorf("failed to parse package.json file: %w", err)
-		}
-
-		// always create a package, regardless of having a valid name and/or version,
-		// a compliance filter later will remove these packages based on compliance rules
-		pkgs = append(
-			pkgs,
-			newPackageJSONPackage(p, reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)),
-		)
+	var p packageJSON
+	if err := dec.Decode(&p); err != nil && !errors.Is(err, io.EOF) {
+		return nil, nil, fmt.Errorf("failed to parse package.json file: %w", err)
 	}
 
+	// always create a package, regardless of having a valid name and/or version,
+	// a compliance filter later will remove these packages based on compliance rules
+	pkgs = append(
+		pkgs,
+		newPackageJSONPackage(p, reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)),
+	)
+
 	pkg.Sort(pkgs)
 
 	return pkgs, nil, nil
diff --git a/syft/pkg/cataloger/javascript/parse_package_lock.go b/syft/pkg/cataloger/javascript/parse_package_lock.go
index 003683b76..b7b2eeca6 100644
--- a/syft/pkg/cataloger/javascript/parse_package_lock.go
+++ b/syft/pkg/cataloger/javascript/parse_package_lock.go
@@ -66,12 +66,8 @@ func (a genericPackageLockAdapter) parsePackageLock(_ context.Context, resolver
 	dec := json.NewDecoder(reader)
 
 	var lock packageLock
-	for {
-		if err := dec.Decode(&lock); errors.Is(err, io.EOF) {
-			break
-		} else if err != nil {
-			return nil, nil, fmt.Errorf("failed to parse package-lock.json file: %w", err)
-		}
+	if err := dec.Decode(&lock); err != nil && !errors.Is(err, io.EOF) {
+		return nil, nil, fmt.Errorf("failed to parse package-lock.json file: %w", err)
 	}
 
 	if lock.LockfileVersion == 1 {