kafka-tutorials icon indicating copy to clipboard operation
kafka-tutorials copied to clipboard

Published 20 hours ago verified publisher icon confluentinc

Handle NPM version changes in lockfile

Open ybyzek opened this issue 3 years ago • 0 comments

https://github.com/confluentinc/kafka-tutorials/pull/1092#discussion_r815164182

From @colinhicks

Since the project doesn't specify a semver for the npm version in the package.json this sort of change is expected and should be harmless. I think the only side effect is churn in this file. If one PR changes the lockfileVersion to 1, and a developer pulls the changes, then runs npm install with a newer version of npm, there would be new changes to the lockfile. If those changes were committed, then pulled to an environment with an older npm version, running npm install would flip the version back. And so forth.

For this project and its relatively light set of node dependencies this will probably never matter (you can just accept the changes in the relevant PR), but if you want to avoid the flip-flopping, you can set something like "engines": { "npm": ">=7.0.0"} in the package.json. This should require an npm that uses the new lockfile version and avoid the flip-flop.

ybyzek avatar Feb 25 '22 22:02 ybyzek