AustinGil / vuetensils

🍴 A tasty toolset for Vue.js 🛠 - Lightweight, functional components to boost your next project.
https://vuetensils.austingil.com/
MIT License
658 stars 38 forks source link

npm ci #99

Closed TheJaredWilcurt closed 4 years ago

TheJaredWilcurt commented 4 years ago

npm i is short for npm install which will check for versions like ^1.3.0 and then see that there is a newer version and isntall 1.3.1 and update the package-lock.json. However, if there is a bug in 1.3.1 that breaks something in your code/tests/lint/build/whatever, then your build may fail while your local works fine, which can be confusing. If you use npm ci then it will no check for newer versions of dependencies or update the package-lock.json. Instead it will look at the package-lock.json as the source of truth and download those exact version numbers. So ideally the automated ci will match exactly what you have installed locally.

AustinGil commented 4 years ago

That's good to know. The CI stuff should pretty much be sorted now, but I dont see anything in the "checks" section of PRs to show that they passed or failed. But besides that, I think it's all good. What do you think?

TheJaredWilcurt commented 4 years ago

You would need to set branch protections in the repo settings I think