search

AmpersandJS / ampersand-view

A smart base view for Backbone apps, to make it easy to bind collections and properties to the DOM.
http://ampersandjs.com
MIT License
92 stars 39 forks source link

package-lock.json #200

Open RickButler opened 6 years ago

RickButler commented 6 years ago

I was going to do a minor patch for the memory leak in _subviews, and I have npm@latest (6.1.0) and ran npm install and it overwrote the package-lock.json. It seems like they have made a lot of changes between certain NPM versions. For some context and history see this stackoverflow

I was thinking we should either always use @lastest or we should be using the newest version released as part of Node LTS. I lean toward @latest just because I would like to integrate NPM Audit, take a look at #201.

@dhritzkiv, I know you have been dealing with releasing package-lock.json for most repositories, I'm going to test if my changes are compatible with older versions, if not I will revert my change.

We might also consider adding engines to package.json with our recommended version of NPM.

dhritzkiv commented 6 years ago

Yeah, using latest/latest LTS is a good idea.

Also, I wouldn't worry too much about overwriting the package-lock.json file. I've had no issues between differences in package-lock file across versions of npm, on any of my repos.