Open bribeney opened 6 years ago
I did run into one problem when testing this that involved an outdated dependency. Here's an illustration:
A depends on B and C v2
B depends on C v1
C v1 depends on D
C v2 does *not* depend on D
When for project A, bower installs B, C v2, and D.
D cannot be traced to any of the actually installed projects from saved dependencies, and bower list
labels it "extraneous." Such extraneous dependencies show up as unsaved when using the new --saved
flag, are excluded from locking, and their presence in bower_components without being listed in bower.json will cause bower-locker validate
to fail. As far as I can tell, there's no local information bower-locker can use to identify and ignore this edge case.
bower-locker lock -s
will still lock the file and simply issue a warning about the unsaved dependency, so the new feature still works in these cases.
Behavior when locking with the
-s
or--saved
flag is as follows:dependencies
, and their dependencies, are locked underdependencies
devDependencies
, and their dependencies, that are not also independencies
are locked underdevDependencies
Behavior without the flag remains unchanged.
This is useful for workflows that use
bower install --production
or tooling that relies on the distinction betweendevDependencies
anddependencies
.