leverage yarn.lock

Description

Summary: leverage yarn.lock in non-platform repositories.

Details: Begin committing yarn.lock so we can choose the cadence of our updates. This reduces the surprises introduced by dependencies and transitive dependencies at the PR-level. We will still have to deal with this issue at the platform-level (a semver contract with caret or tilde means we are claiming compatibility with any later minor or patch version, even if an earlier version is in our yarn.lock) but at least we don't have to deal with it immediately on every PR in every repository.

This should also reduces potential differences between devs working in tandem, and between devs and CI. Yay for predictability!

Next steps:

  • POC, starting with stripes-components

  • Commit yarn.lock

  • Update CI workflows

Next next steps:

  • Other repos adopt this

  • GA changes, e.g. install and test without yarn.lock to alert us when a third-party botches a patch release that will be pulled in by the platform builds

Environment

None

Potential Workaround

None

Checklist

hide

TestRail: Results

Activity

Show:

Details

Assignee

Reporter

Priority

Development Team

Stripes Force

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created January 19, 2023 at 7:27 PM
Updated January 18, 2024 at 1:33 AM
TestRail: Cases
TestRail: Runs

Flag notifications