Skip to content

/ brave-browser

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

npmrc: Force `package-lock=true` option #5560

Open
wants to merge 1 commit into
base: master
from
Open

npmrc: Force `package-lock=true` option #5560

wants to merge 1 commit into from
+1 −0

Conversation

@feross
Copy link
Collaborator

feross commented Aug 6, 2019
edited

It's relatively common for folks who primarily develop npm packages (rather than top-level apps) to disable the creation of package-lock.json files by setting package-lock=false in their personal .npmrc as they're not useful for package development.

This commit just forces package-lock=true so that the build works correctly for these users (including myself).

Sidenote: Why is package-lock.json not useful to package authors? Because lock files don't get published to npm, so users will always get the latest versions that semver allows, so it's good for package authors to have the same experience. Otherwise, package-lock.json can obscure that a package is actually broken.

See also: brave/brave-core#3102

Submitter Checklist:

Test Plan:

None

Reviewer Checklist:

  • New files have MPL-2.0 license header.
  • Request a security/privacy review as needed.
  • Adequate test coverage exists to prevent regressions.

After-merge Checklist:

  • The associated issue milestone is set to the smallest version that the
    changes has landed on.
  • All relevant documentation has been updated.
@feross feross added QA/No build labels Aug 6, 2019
@feross feross requested a review from bbondy Aug 6, 2019
@feross
Copy link
Collaborator Author

feross commented Aug 6, 2019

(Lmk if I need to open an issue for this PR)
@feross feross mentioned this pull request Aug 6, 2019
Open
0 of 32 tasks complete
@feross @brave-browser-releases
npmrc: Force package-lock=true option
Loading status checks…
db427a6 
It's relatively common for folks who primarily develop npm packages (rather than top-level apps) to disable the creation of package-lock.json files as they're not useful for package development.

This commit just forces this option to `true` so that the browser build works correctly for these users (including myself).

Sidenote: Why is package-lock.json not useful to package authors? Lock files don't get published to npm so users will always get the latest versions that semver allows, so it's good for package authors to have the same experience. Otherwise, package-lock.json can obscure that a package is actually broken.
@brave-builds brave-builds force-pushed the package-lock branch from b839bce to db427a6 Aug 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bbondy bbondy

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
QA/No build
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

1 participant
@feross
You can’t perform that action at this time.