Y
Hacker News
new
|
ask
|
show
|
jobs
by
nananana9
7 days ago
You should 100% track package-lock.json, and I'll go a step further and say you should most likely track node_modules too.
1 comments
necovek
6 days ago
If the underlying infrastructure does not provide reproducible builds, I'd suggest you should instead fix that.
link