we are developing an large web application which depend some private npm packages and public packages. we need to lock the version, but we can not sure which time to update these package and update the lock file.
Asked
Active
Viewed 138 times
0
-
Try this answer:https://stackoverflow.com/questions/44552348/should-i-commit-yarn-lock-and-package-lock-json-files/44904494 – Avinash Singh Mar 13 '19 at 05:22
1 Answers
0
In my web project, I update lock files only if i add, update, remove a node package for my project. In this case, I take advantage to update all packages of my lock files.
For the other developers who work in my web project, they use cmd :
npm ci
or
yarn install --frozen-lockfile
They must not absolutely modify the lock files.
Furthermore, i am sure that everybody have the same environment (for behavioral reproduction).
Batbaille
- 61
- 1
- 5