Closed agallant closed 7 years ago
@willscott any objection if I also npm shrinkwrap freedom/flavors prior to cutting releases? Details: https://docs.npmjs.com/cli/shrinkwrap
I may lock down dev dependencies as well (which is not default behavior, but probably appropriate for us). Basically this just generates an npm-shrinkwrap.json file that is used in place of package.json for installing dependencies. For development we can still bump versions in package.json and then rerun npm shrinkwrap when we're ready to release.
i would ideally do this in 3 steps:
K, agreed on bumping dependencies before shrink wrapping, and I'm fine with doing that after release if preferred (since the main goal is to facilitate development w/more reliable CI).
I believe it's worth setting all the various freedom repos to use npm shrinkwrap, which basically generates a second npm manifest-ish .json that freezes the versions of all dependencies. Hopefully this helps stop our tests from changing their state underneath our feet.