Sorry, without a minor version change. You can easily publish a patch version an... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

thinkingkong on March 22, 2022 | parent | context | favorite | on: Ask HN: Who operates at scale without containers?

Sorry, without a minor version change. You can easily publish a patch version and most people don't pin that part of their dependency.

LunaSea on March 22, 2022 [–]

They don't need to pin it directly.

They only need to "npm ci" (based on package-lock.json) instead of "npm install" (based on package.json) within the Docker container to get a fully reproducible build.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact