Skip to content
This repository has been archived by the owner on Mar 31, 2022. It is now read-only.

Commit

Permalink
Force project to use v2.4 of HTML_CodeSniffer (#14)
Browse files Browse the repository at this point in the history 
A side-effect of NPM using the `package-log.json` file is that this file
is _not_ published with an NPM package, which means that, when NPM tries
to resolve dependencies on an npm install it will happily install newer
versions of dependencies as long as they fulfil whatever conditions
specified in the `package.json` file (not the lockfile).

For example,

* `pa11y@5.3.0`:
  * requires `pa11y-runner-htmlcs@^1.2.0`
  * has `pa11y-runner-htmlcs@1.2.0` in its package-lock.json
* `pa11y-runner-htmlcs@1.2.0`:
  * requires `html_codesniffer@^2.4.1`
  * has `html_codesniffer@2.4.1` in its package-lock.json

Running:

```sh
npm install --global pa11y@5.3.0
```

...will result in the installation of pa11y@5.3.0, which will pull
pa11y-runner-htmlcs@1.2.0 (intended, although by accident) and
html_codesniffer@2.5.1 (unintended). HTML_CS 2.5 contains new WCAG 2.1
rules that we've decided to keep for pa11y v6 as to try to ensure that
we don't break people's workflows.

This commit replaces `^` with `~` in the package.json, pinning htmlcs to
version 2.4.x
  • Loading branch information
@josebolos
josebolos committed Apr 1, 2021
1 parent fdd4e9e commit f22d3d1
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,6 @@
"test": "make ci"
},
"dependencies": {
"html_codesniffer": "^2.4.1"
"html_codesniffer": "~2.4.1"
}
}

0 comments on commit f22d3d1

Please sign in to comment.