Comment by vablings
1 day ago
Wait, you're telling me that node deps are not pin by default. Every time you run your code you might be pulling in a new version.
No wonder...
1 day ago
Wait, you're telling me that node deps are not pin by default. Every time you run your code you might be pulling in a new version.
No wonder...
Node deps are pinned: https://docs.npmjs.com/cli/v8/configuring-npm/package-lock-j...
The problem is that you also want to update deps.
Why?
Because they could have a security flaw that might compromise your project or any users of it.
1 reply →