gnidan
commented
5 years ago Ah @flockonus this repo should get deprecated, we've merged this into the Truffle monorepo. Mind re-opening this in github.com/trufflesuite/truffle/issues?
Closed flockonus closed 5 years ago
gnidan
commented
5 years ago Ah @flockonus this repo should get deprecated, we've merged this into the Truffle monorepo. Mind re-opening this in github.com/trufflesuite/truffle/issues?
Hello!
This package is a big service to the community, and hugely important for many deployment flows. But it also bears the responsibility of holding private keys, and as such it would be better off with pinned dependencies, a package-lock.json and yarn.lock file, given the recent attacks to npm dependencies.
The other point is as the README describes:
You can use this provider wherever a Web3 provider is needed, not just in Truffle.but truffle is listed as a peerDependency, but that's not really true