conker84 commented on pull request #3851: URL: https://github.com/apache/zeppelin/pull/3851#issuecomment-666177574
> > > > > @conker84 > > > > > Please remove the `zeppelin-web/package-lock.json` out of this PR. This changes aren't related to this PR. > > > > > > > > > > > > I guess that there is something broken in the build process of zeppelin-web, and definitely it should be `gitignored`... > > > > > > > > > According to [npm help package-lock.json](https://github.com/npm/cli/blob/latest/docs/content/configuring-npm/package-lock-json.md#package-lockjson5) is intended to be checked into source control. > > > > > > @Reamer can you explain what happened here? > > Why buy just building the project it created these differences? I'm not so good at FE so I want to understand what I did wrong. > > The `package-lock.json` in the master branch is not the correct version? > > I think this occurs because of the `--no-lockfile` option at https://github.com/apache/zeppelin/blob/master/zeppelin-web/pom.xml#L86. > I think the dependency versions in `package-lock.json` are not taken into account and npm tries to resolve all dependencies based on [package.json](https://github.com/apache/zeppelin/blob/master/zeppelin-web/package.json). So basically, correct me if I'm wrong, the reason for the `package-lock.json` exists, resolve the same dependencies for everyone in order to guarantee the that everyone tests the application in the same scenario, is completely ignored. Am I right? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
