Hacker News new | past | comments | ask | show | jobs | submit login

I know I will be buried in these comments but PLEASE NO. Do NOT pin specific versions in you package.json unless you know you need to.

Instead DO USE package dependencies pinning as much as possible:

1. Commit and keep package-lock.json / yarn.lock files

2. Use the right commands in CIs (npm ci / yarn install --frozen-lockfile)

3. Teach others




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: