Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handling of package-lock.json files #914

Closed
koegel opened this issue Mar 14, 2018 · 6 comments
Closed

Handling of package-lock.json files #914

koegel opened this issue Mar 14, 2018 · 6 comments
Milestone
2.0.2

Comments

@koegel
Copy link
Member

koegel commented Mar 14, 2018

No description provided.

@koegel koegel added this to the 2.1.0 milestone Mar 14, 2018
@edgarmueller edgarmueller modified the milestones: 2.1.0, next, 2.0.1 Apr 3, 2018
@edgarmueller edgarmueller mentioned this issue May 11, 2018
Closed
@edgarmueller
Copy link
Contributor

Moved to eclipsesource/jsonforms-react-seed#10, closing this one.

@edgarmueller edgarmueller changed the title Decide if we want to pinpoint the exact versions of dependencies in seed Pinpoint the exact versions of dependencies May 16, 2018
@edgarmueller
Copy link
Contributor

Re-opening due to recent MUI issues

@edgarmueller edgarmueller reopened this May 16, 2018
@edgarmueller edgarmueller modified the milestones: 2.0.1, 2.0.2 May 16, 2018
@koegel
Copy link
Member Author

koegel commented May 17, 2018

IMHO this problem could be solved with the suggestion of Mat of committing the package lock json.

@edgarmueller
Copy link
Contributor

edgarmueller commented May 17, 2018
edited
Loading

It depends, note that the package-lock files are already commited and in use. Right now, the seed does not run if babel/runtime is not included as well, as the released version of MUI the 2.0.1 release is based is on, is missing in the dependencies. I think this is the result of not fixing the version constraints, since we often solve package-lock.json conflicts by just accepting one side of the conflict (because it's very tedious to properly merge those), which means that newer versions than the ones specified in the package.json could end up in the package-lock.json file.

I guess this issue is more about finding out how other libraries or frameworks (not apps) handle the package.json and package-lock.json files.

@edgarmueller edgarmueller changed the title Pinpoint the exact versions of dependencies Handling of package-lock.json files May 17, 2018
@edgarmueller edgarmueller mentioned this issue May 17, 2018
Closed
@eneufeld
Copy link
Member

eneufeld commented May 25, 2018
edited
Loading

My experience with npm 6 is:
Using npm install the package-lock is updated.
Using npm ci the packages are installed as defined in the lock file and the lock file is not updated.

This SO is very helpful imho: https://stackoverflow.com/questions/44258235/what-is-the-difference-between-npm-shrinkwrap-json-and-package-lock-json

@edgarmueller
Copy link
Contributor

I've added a new section 'Developer documentation' that outlines the guidelines we aggred upon, see https://github.com/eclipsesource/jsonforms/wiki/Developer-documentation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.0.2
Development

No branches or pull requests
3 participants
@edgarmueller @koegel @eneufeld