You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for enabling synk to protect your deps, but I'm guessing it should rather be added as a devDependency, i.e. since it's never used at runtime all your package consumers shouldn't be forced to download it into their node_modules.
Hi! Thank you for pointing me to this, you are probably right, I need to dig into this a bit deeper.
I've only accepted a PR generated by Snyk web app, and I have no idea what's the magic is behind, so I need to read some mans and test it before changing.
I suppose snyk is safely added to an app/end-product as a dependency, in that case you're not expecting others to npm install it. But perhaps different story if adding to a library. Anyway, just wanted to give you heads up. Cheers!
Thanks for enabling synk to protect your deps, but I'm guessing it should rather be added as a devDependency, i.e. since it's never used at runtime all your package consumers shouldn't be forced to download it into their
node_modules
.https://github.com/YuriGor/deepdash/blob/master/package.json#L85
The text was updated successfully, but these errors were encountered: