package-lock.json should be committed to git
Closed this issue · 2 comments
jayenashar commented
this ensures that npm installs the same version of packages for everyone. people should use npm ci
when creating a production build instead of npm install
.
(i use yarn not npm or i'd submit a PR)
ahasselbring commented
Yeah, this is part of what I meant by #13.
jayenashar commented
oh i saw that issue but only saw cargo mentioned so i skipped it. i missed the package.json mentions.
normally for node, you have both package.json and package-lock.json in git.