Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How/why/when to update package-lock.json? #983

Open
melange396 opened this issue Sep 26, 2022 · 1 comment
Open

How/why/when to update package-lock.json? #983

melange396 opened this issue Sep 26, 2022 · 1 comment
Labels
code health readability, maintainability, best practices, etc dependencies Pull requests that update a dependency file devops building, running, deploying, environment stuff, handy utils, repository-related, engineer QoL, etc

Comments

@melange396
Copy link
Collaborator

There are two files with this name in the delphi-epidata repo, one in the root and one in src/client/packaging/npm/. package-lock.json files are generated from package.json files that reside in the same directory, by running various npm commands. It is not fully clear when or why these should be regenerated, or what all of the ramifications are when they are or are not regenerated.

The version number for the most recent release was bumped from 0.3.21 to 0.4.0 in src/client/packaging/npm/package.json, but the associated src/client/packaging/npm/package-lock.json still has version 0.3.14. The prior release has been living with this, so i presume its not a showstopper. Is this supposed to be taken care of by dependabot?

We also had recent changes to the one in the repo root dir. see: #980 (comment)
The purpose of this file is even less clear to me, as it is not seemingly tied to our releases.
@dshemetov
Copy link
Contributor

I'm not familiar with npm at all, but I think @sgratzl would know more about this.

@melange396 melange396 added dependencies Pull requests that update a dependency file code health readability, maintainability, best practices, etc devops building, running, deploying, environment stuff, handy utils, repository-related, engineer QoL, etc labels Oct 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
code health readability, maintainability, best practices, etc dependencies Pull requests that update a dependency file devops building, running, deploying, environment stuff, handy utils, repository-related, engineer QoL, etc
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@melange396 @dshemetov