Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: bump dated deps #65

Merged
merged 5 commits into from Jun 8, 2019

Conversation

Projects
None yet
2 participants
@SimenB
Copy link
Member

commented Jun 8, 2019

GitHub complains about alot of the dated deps in the lockfiles. This hopefully helps 馃檪

Fixes #64

@SimenB SimenB force-pushed the bump-deps branch from 335b68e to 35156e3 Jun 8, 2019

@ljharb

ljharb approved these changes Jun 8, 2019

Copy link
Collaborator

left a comment

One solution might be, get rid of lockfiles in non-apps, since they give devs a false sense of security that their consumers don鈥檛 benefit from :-)

Show resolved Hide resolved package.json Outdated

SimenB and others added some commits Jun 8, 2019

Update package.json
Co-Authored-By: Jordan Harband <ljharb@gmail.com>
@SimenB

This comment has been minimized.

Copy link
Member Author

commented Jun 8, 2019

@ljharb yeah, could probably do that... I like it for the quick installs, but that doesn't really matter on such a small module such as this

@SimenB SimenB merged commit 5f03a18 into master Jun 8, 2019

1 check was pending

continuous-integration/travis-ci/pr The Travis CI build is in progress
Details

@SimenB SimenB deleted the bump-deps branch Jun 8, 2019

@ljharb

This comment has been minimized.

Copy link
Collaborator

commented Jun 8, 2019

it doesn鈥檛 even save all that much time in my experience, even on large repos

@SimenB

This comment has been minimized.

Copy link
Member Author

commented Jun 8, 2019

It used to, might have changed with the newer versions of npm and yarn - I haven't not used a lockfile in a few years (although shrinkwrap was pretty bad before npm 5 came along) 馃槄
It is quicker for monorepos at least, which is both what my day job and jest uses, which are the two projects I work on the most. But I'm certainly not against removing the lockfile from this repo.

@rogeliog thoughts on this?

@ljharb

This comment has been minimized.

Copy link
Collaborator

commented Jun 8, 2019

ftr I always use a lockfile in a top-level app; just never in anything published, monorepo or not.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can鈥檛 perform that action at this time.