Closed gregmarr closed 3 years ago
I'm not sure, the package-lock.json
is very useful. If you don't have it, then builds are not reproducible. Every build will pull in the latest version of each package, potentially introducing incompatibilities unexpectedly.
I'm not sure, the
package-lock.json
is very useful. If you don't have it, then builds are not reproducible. Every build will pull in the latest version of each package, potentially introducing incompatibilities unexpectedly.
Then I guess the approach we made about copying npmrc was not enough. I am fine keeping the npmrc file then.
I think having the .npmrc
copied is helpful as users are more likely to know about package-lock.json
and that they need to delete it than .npmrc
. We could add that to the instructions.
I think having the
.npmrc
copied is helpful as users are more likely to know aboutpackage-lock.json
and that they need to delete it than.npmrc
. We could add that to the instructions.
Agreed. can you do us a favor to include that in this repo's ReadMe?
Thanks @gregmarr ! Merging.
@QilongTang I added the .npmrc when I thought this repo was internal, thought it was just missed since the links in package-lock.json are to art-bobcat. I'm not sure it makes sense to have it when it's external, as it would cause problems for users, but the existing package-lock.json would cause problems too. Is it intentional that there is no .npmrc?