Investigate use of unpinned npm install -g
and npx --yes
in CI pipelines
#7679
Labels
Central-EngSys
This issue is owned by the Engineering System team.
CI builds should be deterministic and repeatable. Use of
npm install -g
andnpx --yes
violate deterministic builds by installing latest versions of packages and their dependencies.The text was updated successfully, but these errors were encountered: