Learn More
Resend Email
10
gitpush
8y

This is new .-.
By the way it is best to not include package-lock.json right?

question

this is new?

github

vulnerability
Favorite
Ranter
Comments
  • 3
    8y
    Tho lockfile should be committed.

    Edit: https://stackoverflow.com/questions...
  • 1
    8y
    It’s not all that new, but I haven’t seen it complain before in the wild.

    https://blog.github.com/2017-11-16-...
  • 1
    8y
    All ways include your lock files in git... Otherwise 2 npm installs won't necessarily give the same packages installed, same with every other package manager by the way...
  • 0
    8y
    We ended up taking it out, it was becoming a pain as it would cause npm to not install packages correctly, haven't understood the point of it yet
  • 0
    8y
    @qlasico the package lock file is used to make sure NPM/yarn installs the exact same version of the packages that was used to develop the application as updates may break modules etc
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment