Y
Hacker News
new
|
ask
|
show
|
jobs
by
omcnoe
311 days ago
True, but the lockfile is imposed at build time. Swapping out the version of a transitive dependency might build totally fine, but also might result is broken behaviour at runtime if the behaviour of the dependency changed.