Fixes dependency version for brutusin-json-forms to specific commit hash#1209
Conversation
| "brutusin-json-forms@https://github.com/brutusin/json-forms": | ||
| "brutusin-json-forms@https://github.com/brutusin/json-forms#44f27b29ef657f545b8a3d162c2b9c90ef137dbc": | ||
| version "0.0.0" | ||
| resolved "https://github.com/brutusin/json-forms#44f27b29ef657f545b8a3d162c2b9c90ef137dbc" |
There was a problem hiding this comment.
Thanks for the PR! But doesn't the resolved entry already pin the version? :)
There was a problem hiding this comment.
Yes indeed, but it makes the dependency requirement clearer directly in package.json
To take an example with any other package, no package is set with "mypackage": "latest" in the package.json (though they are pinned in the lockfile).
Here the same logic applies.
baltpeter
left a comment
baltpeter
left a comment
There was a problem hiding this comment.
Thanks @Jolg42! While I'm not too worried about there suddenly being new commits after seven years, I do agree that this is cleaner and safer. :D
And, just for the record since I'm not sure how discoverable those conversations are: We are very much intending to switch away from brutusin/json-forms eventually for various reasons. I've actually developed a custom Preact JSON schema forms library for our purposes a few years ago that we've been using successfully in a (so far) internal company database editor. More info in #561 and datenanfragen/company-json-generator#17.
|
Congrats on your first merge! The resulting deploy will take about twenty minutes to go live. |
|
@baltpeter I had no idea, nice to see these issues/discussions! |
3 participants
While working on #1208 I saw that the brutusin-json-forms is not pinned and outdated since 7 years.
This pull request makes a minor update to the
brutusin-json-formsdependency inpackage.json, pinning it to a specific commit hash for improved stability and reproducibility.It's slightly better than the default branch on a GitHub repo :)