Lock package versions

[iansinnott]

Lock all package versions to the current version installed today (2020-09-16).

From now on when we upgrade packages it should be manually. We hopefully won't be doing this often.

The upside is:

• The app should Just Work, assuming it was working in the commit your using. We can completely ignore the JS ecosystem except for where we feel there's reason to upgrade libs.

I know yarn is supposed to give reproducible builds, but I still find myself running into build issues from time to time. Hopefully this resolves that issue.

[iansinnott]

I guess we should just keep this in mind when installing additional packages in the future and try to use an exact version?

Yup, that's what I'm thinking too. There's yarn add --exact <package>@<version> but it's a bit verbose and requires knowing the version ahead of time. It's probably easier to adjust dependencies manually as they come up.