This repository has been archived by the owner on May 24, 2022. It is now read-only.
Would dependabot keep working with yarn's "frozen-lockfile" option on? #227
Comments
jraoult
changed the title
|
Good question. If it doesn't then it definitely should. I'll double check for you, but will have it working either way within the hour. |
|
Can confirm that Dependabot will continue to work just fine with that setup. ✌️ |
|
(And for good measure, I've just added a test, so you can be sure this won't break in future. dependabot/dependabot-core@6573b80.) |
|
@greysteil many thanks for your reactivity, this is splendid news |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I want to run
yarn install --frozen-lockfileby default to make sure no-one is messing with the lockfile when installing. After all, this is one of the reason for having dependabot :) I'm about to follow the advice here yarnpkg/yarn#4147 (comment): adding--install.frozen-lockfile truein my `.yarnrc.I was wondering if dependabot would still work or will that prevent it from updating the lockfile as well?
The text was updated successfully, but these errors were encountered: