I really appreciate seeing someone tackle the problems of npm, it’s become increasingly obvious it has fundamental flaws. Version pinning should be the default as well, and npm install should be deterministic and there must be an npm unlock command. npm ci is a half measure that doesn’t address underlying the underlying core problem of lack of reproducibility when generally interacting with npm. The idea that reproducibility in dev environments is somehow secondary to reproducibility in CI environments is a huge red flag with the current mentality and overall model.
edit: i love javascript and the accessibility it provides, and am grateful to the countless hours put into the community in general, i just think we are approaching a “make it or break it” moment with npm
I really appreciate seeing someone tackle the problems of npm, it’s become increasingly obvious it has fundamental flaws. Version pinning should be the default as well, and
npm installshould be deterministic and there must be annpm unlockcommand.npm ciis a half measure that doesn’t address underlying the underlying core problem of lack of reproducibility when generally interacting withnpm. The idea that reproducibility in dev environments is somehow secondary to reproducibility in CI environments is a huge red flag with the current mentality and overall model.edit: i love javascript and the accessibility it provides, and am grateful to the countless hours put into the community in general, i just think we are approaching a “make it or break it” moment with npm