Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-4758

We gitignore and do not check in config lock files in many languages - isn't that bad?

Attach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      In npm we check in the package-lock.json file because that ensures your builds are stable over time. The cost you pay is that occasionally you need to rev the file manually. The benefit is a changed package won't bork your build.

      I have identified in the following languages we are ignoring and not checking in the package lock files:

      d (dub)
      dart
      php (top level composer.jock)
      ruby
      rust

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            jking3 James E. King III

            Dates

              Created:
              Updated:

              Slack

                Issue deployment