Bartosz Sławecki
Bartosz Sławecki
Yes, but that's locally. It would help if CI ran the tests always, despite quality checks failing.
Yeah GitHub never lets you get away with failing jobs as green EDIT: Oh nvm you mean skipping. Will see We could just run everything. It doesn't really matter I...
Thanks! That makes sense. What exactly do you not like about tracking lock files? The diffs or keeping them up-to-date in the repo?
> The diffs Well, they're collapsed in GitHub. And I think we could technically mark the file as binary... > having to think about keeping them up-to-date We could have...
What about the recent 3-in-a-row supply chain attacks in npm that were spread by patch autoupgrades? :p
Seems like a reasonable heuristic!
I hope that it doesn't block a reverse problem, which is patches to accidentally breaking changes / security vulnerabilities.
But at the same time, this shouldn't be a thing if a problem is detected and addressed in X weeks.
I'd say: go for it and adapt as necessary. You?
`TypeAlias` can already be used from `typing_extensions` (with no need of actually having `typing_extensions` installed, mypy looks up the stub in the typeshed and sees it as a part of...