Open mantoni opened 7 years ago
Thinking a bit more about this, it could also diff npm-shrinkwrap.json
(or package-lock.json
if present) from the previous release tag and the current state. This would also catch manual npm shrinkwrap
calls or package-lock.json
updates that happened between releases.
If a
shrinkwrap.json
file is found, the following steps should be taken:npm-shrinkwrap.json
filenpm shrinkwrap
npm-shrinkwrap.json
file again