I've read the documentation on Yarn, and I know the lock file is supposed to be committed to VC. See this and which explains at a high-level why the lock file is necessary, and this which lists a bunch of commands without much explanation of what they actually do!
I've also read a lot of questions on StackOverflow which asks about whether the lock file should be committed to VC.
However, all the documentation and SO threads seems to overlook the detail that I want to know, which is the following; What is the correct procedure (the correct bunch of commands to run) for:
- Updating the
yarn.lockfile when I need to (i.e. in the development environment where I want to pull the latest minor versions and update thelockfile to reflect this) - For keeping my lock file in sync with other developers to ensure that they are developing/testing from the exact same dependency versions, and
- For updating/re-synching the
node_modulesdirectory on the production server (i.e. to ensure that the production server isn't running on a different/breaking version of dependent packages)
I ask partly because in the past while doing a git pull on the server, I've faced messages telling me that the yarn.lock file has been updated independently of the development/VC process. As far as I'm concerned, this should never be allowed to happen.
from Yarn: Procedure for redeploying JavaScript dependencies to Production Server (usage of `yarn.lock` file)
No comments:
Post a Comment