Closed friederbluemle closed 2 years ago
Thanks for the help and the really descriptive message!
I double-checked your fork and the checks are indeed running - that's awesome!
Regarding the yarn.lock
file - it feels like a good idea to keep them fairly frozen, so I vote for keeping it.
Thanks!
Enable GitHub Actions CI (removing the old Travis CI configuration). CI will run tests (
yarn test
) on Node.js versions 12, 14, and 16 for all pull requests and pushes to the default branch.In a separate initial commit, I also added
yarn.lock
(which was previously ignored in .gitignore).yarn.lock should be checked into source control.
I know some people tend to disagree with this, if you do not want the lockfile in your repo, please let me know, and I'll remove the commit. I highly recommend to use it though - By using
^
in package.json, it allows you to get semver compatible updates (including security fixes), when you want it (versions are locked in the lockfile). Contrary to popular belief, removing the carets (^
) from the direct dependencies in package.json does not lead to a predictable, stable dependency graph, as none of the transitive dependencies are locked and can change at any time (without a lockfile).Using
yarn --frozen-lockfile
on CI, we ensure that the lockfile is not outdated (i.e. the lockfile is always updated together with dependency changes in package.json).