Remove yarn.lock so applications get security fixes #412
Labels
released
Applied automatically by semantic-release
Comments
focusaurus
added a commit
that referenced
this issue
Jun 13, 2019
This does not belong in a library. It prevents security fixes flowing through to applications. Resolves #412 Signed-off-by: Peter Lyons <pete@reactioncommerce.com>
focusaurus
added a commit
that referenced
this issue
Jun 13, 2019
This does not belong in a library. It prevents security fixes flowing through to applications. Resolves #412 Signed-off-by: Peter Lyons <pete@reactioncommerce.com>
focusaurus
added a commit
that referenced
this issue
Jun 14, 2019
This does not belong in a library. It prevents security fixes flowing through to applications. Resolves #412 Signed-off-by: Peter Lyons <pete@reactioncommerce.com>
|
🎉 This issue has been resolved in version 0.65.3 🎉 The release is available on: Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Type: minor
Describe the bug
If this library is intended to be used as an npm dependency, including a
yarn.lockis not something we should do. That will prevent semver minor patches from getting installed in the applications using this library.The text was updated successfully, but these errors were encountered: