GAUD-9029: assume that a lock file is used#100
Conversation
| uses: BrightspaceUI/actions/update-package-lock@main | ||
| with: | ||
| AUTO_MERGE_METHOD: squash | ||
| AUTO_MERGE_TOKEN: ${{ secrets.PR_GITHUB_TOKEN }} |
There was a problem hiding this comment.
Should we add a little blurb here linking to the action, where it talks about setting up this token?
There was a problem hiding this comment.
Oh I meant on the README with the others but that works too!
There was a problem hiding this comment.
They're probably more likely to see it in the code than going back to check the create repo's README
There was a problem hiding this comment.
Ah I see, right. The stuff in the README is under "Optional" which technically this isn't. I think I'll just leave it here!
svanherk
left a comment
svanherk
left a comment
There was a problem hiding this comment.
I guess we can't easily have a default package-lock.json without hardcoding in dependency versions
|
🎉 This PR is included in version 3.5.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
2 participants
Having a lock file prevents a lot of issues around unwanted dependency updates sneaking into vdiff or other random PRs. This updates our create template to assume that a lock file is in use.