Yeah, that's what I thought too, but I wonder if it triggers a change if there's a dependency that is not version locked (i.e. the most recent version of dependency x moved from y to z).
On Sat, Aug 25, 2018 at 11:52 AM Michael Miklavcic < michael.miklav...@gmail.com> wrote: > Somewhere along the line the dependencies appear to have changed, but the > file never got checked in. I don't like that this part of our build also > seems to be non-deterministic. If I build metron 0.4.x today, for instance, > what will I get? If the answer is "who knows?" that's unacceptable, imo. > I've glanced at the package file and see carrots littering the > dependencies, which as I understand it means "get me anything later than > this version." I do not think we should be doing that. > > > On Sat, Aug 25, 2018, 9:14 AM Casey Stella <ceste...@gmail.com> wrote: > > > I have looked into this for other reasons and the guidance that I've seen > > is to check in package-lock.json into source control. I'll leave this > > stack overflow thread here: > > > > > https://stackoverflow.com/questions/44206782/do-i-commit-the-package-lock-json-file-created-by-npm-5 > > > > I want to point out that I hate that this changes as part of the build. > I > > haven't gotten a complete handle on exactly why package-lock is changing > > seemingly non-deterministically yet. > > > > Casey > > > > On Sat, Aug 25, 2018 at 11:05 AM Nick Allen <n...@nickallen.org> wrote: > > > > > Yes, I have noticed that also, but have not looked deeper. > > > > > > On Sat, Aug 25, 2018 at 10:32 AM Otto Fowler <ottobackwa...@gmail.com> > > > wrote: > > > > > > > I just did a PR, can saw that the package.lock file for alerts-ui was > > > > changed, with updated versions. > > > > I did *not* change the file, nor anything in metron-interface. That > > seems > > > > to imply that this file is changed or updated by > > > > something that happens during building or deploying full dev. > > > > > > > > Is this true? How does this work? Is this on purpose? > > > > > > > > ottO > > > > > > > > > >
