Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(npm): add shrinkwrap to lock down dependencies
We need to be able to build angular at older shas, without the lock file / shrinkwrap file the dependencies will resolve differently on different machines and at different times. This will help us avoid broken builds and hard to track down issues. I had to manually edit this file after it was generated because `npm shrinkwrap` will install optional dependencies as if they were hard dependencies. See: npm/npm#2679 (comment) My manual edit: ``` diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 756df44..dc157eb 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -3110,19 +3110,7 @@ "chokidar": { "version": "0.8.1", "from": "https://registry.npmjs.org/chokidar/-/chokidar-0.8.1.tgz", - "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-0.8.1.tgz", - "dependencies": { - "fsevents": { - "version": "0.1.6", - "from": "fsevents@0.1.6", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-0.1.6.tgz" - }, - "recursive-readdir": { - "version": "0.0.2", - "from": "recursive-readdir@0.0.2", - "resolved": "https://registry.npmjs.org/recursive-readdir/-/recursive-readdir-0.0.2.tgz" - } - } + "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-0.8.1.tgz" }, "glob": { "version": "3.2.9", ``` After this change is applied, developers don't need to do anything differently, except when updating dependencies we need to call `npm update && npm shrinkwrap --dev` followed by reappling my patch above until npm's bug.
- Loading branch information