package-lock.json: Either commit or ignore

gbv / jskos

JSKOS data format for Knowledge Organization Systems

https://gbv.github.io/jskos/

40 stars 5 forks source link

package-lock.json: Either commit or ignore #90

Closed stefandesu closed 4 years ago

stefandesu commented 5 years ago

❯ npm i   
npm notice created a lockfile as package-lock.json. You should commit this file.

npm itself recommends committing the package-lock.json file. If you don't want this, please add the file to .gitignore so that it won't always show up as an uncommitted change. Thanks!

nichtich commented 5 years ago

I think having the file in the repository is good for deployment but to me it looks like a burden otherwise because it changes depending on the development environment. Reading https://stackoverflow.com/a/56254478/373710 I think best practice is to commit but use npm ci instead of npm install during development. I'll change the documentation accordingly.

nichtich commented 5 years ago

Oh, I thought this comment referred to cocoda repository, so I did https://github.com/gbv/cocoda/commit/d42f019268277206056a626e8333ca4d5207509f

stefandesu commented 5 years ago

Oh, I thought this comment referred to cocoda repository, so I did gbv/cocoda@d42f019

I mean the same thing applies to all npm-based repos where package-lock.json is committed, so it's no big deal.