Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
C0D4669027yIt’s not all that new, but I haven’t seen it complain before in the wild.
https://blog.github.com/2017-11-16-... -
joykill3407yAll ways include your lock files in git... Otherwise 2 npm installs won't necessarily give the same packages installed, same with every other package manager by the way...
-
qlasico10517yWe ended up taking it out, it was becoming a pain as it would cause npm to not install packages correctly, haven't understood the point of it yet
-
Jacobgc9097y@qlasico the package lock file is used to make sure NPM/yarn installs the exact same version of the packages that was used to develop the application as updates may break modules etc
Related Rants
This is new .-.
By the way it is best to not include package-lock.json right?
question
this is new?
github
vulnerability