|
|
|
|
|
|
by SomeCallMeTim
1403 days ago
|
|
|
The default should be shrinkwrap, like `yarn`, with the ability to upgrade packages manually when you decide that it's a good time to upgrade packages. I don't like things changes at all without explicit interaction. Services like Snyk will let me know if there's a specific security concern with a package version I'm relying on. Which is why I use `yarn`, I guess. |
|
|