Document best practices for managing node.js dependencies

RESOLVED FIXED

Status

Taskcluster
Documentation
RESOLVED FIXED
a year ago
a year ago

People

(Reporter: garndt, Assigned: bstack)

Tracking

Details

(Reporter)

Description

a year ago
Tracker for adding documents describing the best practices for managing dependencies of node.js applications within TaskCluster.  

Some notes from the email thread:
1) lock node version in package.json
2) move to use yarn.lock instead of npm-shrinkwrap.json
3) lock yarn version in package.json
4) document it in taskcluster-docs manual/devel/best-practices :)
(Assignee)

Comment 2

a year ago
Progress is trackable at https://public.etherpad-mozilla.org/p/yarnification
(Assignee)

Comment 3

a year ago
PRs have been submitted and approved. The libraries have all been merged to master and I'm just slowly rolling out the services now.
(Assignee)

Comment 5

a year ago
This is now deployed everywhere except for cloud-mirror, where there is still a review out and docker-worker which is going to take a bit more work. I'm closing this bug. To follow docker-worker stuff, go to bug 1345638.
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
I'd recommend using `--frozen-lockfile` with yarn install for the Travis runs, since otherwise if someone updates package.json and forgets to update yarn.lock (either by using npm or by forgetting to git add etc), then the CI won't pick it up.

There's also https://github.com/travis-ci/travis-ci/issues/7395 for making Travis default to this.
You need to log in before you can comment on or make changes to this bug.