Use CI friendly commands in documentation #326
Hello @jonkoops. Thank you for your pull request. I think we can adjust these changes when caching is enabled, because it relies on hash from dependency files. For other cases I think we should leave it as
I think differently about this matter, checking in lockfiles is considered best practice for all package managers. Instead of appeasing users that might not have checked this file in we should encourage them to follow these practices.
For example, the NPM documentation says the following about the
All of these points apply directly to Github and Github Actions and I believe that these best practices should be reflected here as well.
I propose that all commands are replaced with their appropriate CI friendly versions as per the original purpose of this PR and that the documentation is amended to have a dedicated section to lockfiles.
For an official action like this, I think it's important to use examples that adopt best practices.
There are many beginners that read these examples that are not aware of the trade-offs between
The problem with using
For example, a new dependency update that satisfies the