diff options
author | EuAndreh <eu@euandre.org> | 2018-08-01 09:20:15 -0300 |
---|---|---|
committer | EuAndreh <eu@euandre.org> | 2018-08-01 09:20:15 -0300 |
commit | 27619c91f3be249180a9da0b7d480322246d0a79 (patch) | |
tree | 85ab8c7e7013bc50d913fbe1dfdfb8f5467b63f5 /site/posts | |
parent | Remove TODOs.org (diff) | |
download | euandre.org-27619c91f3be249180a9da0b7d480322246d0a79.tar.gz euandre.org-27619c91f3be249180a9da0b7d480322246d0a79.tar.xz |
npm ci post wording
Diffstat (limited to 'site/posts')
-rw-r--r-- | site/posts/2018-08-01-verifying-npm-ci-reproducibility.org | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org b/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org index 73db53e..cd2b761 100644 --- a/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org +++ b/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org @@ -2,7 +2,7 @@ title: Verifying npm ci reproducibility date: 2018-08-01 --- -When [[https://blog.npmjs.org/post/161081169345/v500][npm@5]] came bringing [[https://docs.npmjs.com/files/package-locks][package-locks]] with it, I was confused about the benefits it provided, since running =npm install= more than once could resolve all the dependencies again and yield yet another =package-lock.json= fresh file. The message saying "you should add this file to version control" left me hesitant on what to do[fn:npm-install]. +When [[https://blog.npmjs.org/post/161081169345/v500][npm@5]] came bringing [[https://docs.npmjs.com/files/package-locks][package-locks]] with it, I was confused about the benefits it provided, since running =npm install= more than once could resolve all the dependencies again and yield yet another fresh =package-lock.json= file. The message saying "you should add this file to version control" left me hesitant on what to do[fn:npm-install]. However the [[https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable][addition of =npm ci=]] filled this gapped: it's a stricter variation of =npm install= which guarantees that "[[https://docs.npmjs.com/files/package-lock.json][subsequent installs are able to generate identical trees]]". But are they really identical? I could see that I didn't have the same problems of different installation outputs, but I didn't know for *sure* if it was really identical. ** Computing the hash of a directory's content |