aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEuAndreh <eu@euandre.org>2018-08-01 09:20:15 -0300
committerEuAndreh <eu@euandre.org>2018-08-01 09:20:15 -0300
commit27619c91f3be249180a9da0b7d480322246d0a79 (patch)
tree85ab8c7e7013bc50d913fbe1dfdfb8f5467b63f5
parentRemove TODOs.org (diff)
downloadeuandre.org-27619c91f3be249180a9da0b7d480322246d0a79.tar.gz
euandre.org-27619c91f3be249180a9da0b7d480322246d0a79.tar.xz
npm ci post wording
-rw-r--r--site/posts/2018-08-01-verifying-npm-ci-reproducibility.org2
1 files changed, 1 insertions, 1 deletions
diff --git a/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org b/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org
index 73db53e..cd2b761 100644
--- a/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org
+++ b/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org
@@ -2,7 +2,7 @@
title: Verifying npm ci reproducibility
date: 2018-08-01
---
-When [[https://blog.npmjs.org/post/161081169345/v500][npm@5]] came bringing [[https://docs.npmjs.com/files/package-locks][package-locks]] with it, I was confused about the benefits it provided, since running =npm install= more than once could resolve all the dependencies again and yield yet another =package-lock.json= fresh file. The message saying "you should add this file to version control" left me hesitant on what to do[fn:npm-install].
+When [[https://blog.npmjs.org/post/161081169345/v500][npm@5]] came bringing [[https://docs.npmjs.com/files/package-locks][package-locks]] with it, I was confused about the benefits it provided, since running =npm install= more than once could resolve all the dependencies again and yield yet another fresh =package-lock.json= file. The message saying "you should add this file to version control" left me hesitant on what to do[fn:npm-install].
However the [[https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable][addition of =npm ci=]] filled this gapped: it's a stricter variation of =npm install= which guarantees that "[[https://docs.npmjs.com/files/package-lock.json][subsequent installs are able to generate identical trees]]". But are they really identical? I could see that I didn't have the same problems of different installation outputs, but I didn't know for *sure* if it was really identical.
** Computing the hash of a directory's content