Skip to content

Commit

Permalink
chore: Remove package-lock.json
Browse files Browse the repository at this point in the history 
No more in-range update PR's from dependabot.
  • Loading branch information
@coreyfarrell
coreyfarrell committed Apr 9, 2021
1 parent 91ae8b8 commit ab7c53b
Show file tree
Hide file tree
Showing 3 changed files with 2 additions and 6,916 deletions.
1 change: 1 addition & 0 deletions .npmrc
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
package-lock=false
Loading

3 comments on commit ab7c53b

@MansurAliKoroglu
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the reason of removing package-lock.json?

@coreyfarrell
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No time to deal with in-range updates every time a "vulnerability" is reported and a fix provided in-range. This package-lock.json is for nyc maintainers only (it is not published to npm).

@kirtan-desai
Copy link

@kirtan-desai kirtan-desai commented on ab7c53b Oct 4, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No time to deal with in-range updates every time a "vulnerability" is reported and a fix provided in-range. This package-lock.json is for nyc maintainers only (it is not published to npm).

package-lock.json is not getting generated when I clone the repo and run npm i. is it supposed to be generated or should i download it from here?

EDIT:
okay i understood that it's not getting generated due to package-lock=false in .npmrc. used npm install --package-lock-only to generate the package-lock.json file and have also added it to gitignore.

Please sign in to comment.