Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Commit lockfile please #1506

Closed
ryoppippi opened this issue Feb 20, 2025 · 2 comments
Closed

Commit lockfile please #1506

ryoppippi opened this issue Feb 20, 2025 · 2 comments
Assignees
@samchon
Labels
enhancement New feature or request

Comments

@ryoppippi
Copy link
Contributor

ryoppippi commented Feb 20, 2025
edited
Loading

Hi @samchon

Include lock files in your projects.

It has been pointed out previously in this project that lockfiles should not be included in a library project. As for myself, I had my doubts. I was wondering, because the majority of JS/TS library projects out there include lockfiles.

I did some research on this to be sure, and it seems that in the old node.js it was better not to include it. However, modern practice is that lock files should be managed even in library projects. This is to ensure that developers share the same dependencies. You mentioned that you were concerned that the behaviour might break when the dependent library versioned up, in which case the problem should be solved if we specify the appropriate version in package.json and make the fix!

Here are some sources I found:

Also, without a lockfile, we do not know which package manager (npm?yarn?pnpm?bun?) you are using for your project. This is very important to ensure reproducibility. Once we have experienced that different pnpm and npm have different build outputs, I think it is important to know which package manager you are using to build your project. You can use like npx only-allow pnpm in prepare script in package.json, but still lockfile is important for contributors.

Make no mistake, this issue is a proposal to improve the project and our collaboration. I'm excited to get the project going with you.
@snatvb
Copy link

snatvb commented Feb 24, 2025

I was surprised that the project ignore lock files.
I'd fix package manager with lock file. (please not npm, I think pnpm is the best choice now)

@samchon
Copy link
Owner

samchon commented Feb 24, 2025

I'd kept ignoring lock files due to submodule of monorepo composition with pnpm (especially in nestia related projects).

However, as typia had become enough stable for a long time, I'll release it with pnpm monorepo composition.

@samchon samchon self-assigned this Feb 24, 2025
@samchon samchon added the enhancement New feature or request label Feb 24, 2025
samchon added a commit that referenced this issue Feb 24, 2025
@samchon
Close #1506: PNPM monorepo with pnpm-lock.yaml files.
96b7c36
samchon added a commit that referenced this issue Feb 24, 2025
@samchon
Close #1506: PNPM monorepo with pnpm-lock.yaml files. (#1514)
a1ccee9 
* Close #1506: PNPM monorepo with `pnpm-lock.yaml` files.

* Update workflows

* Fix build.yml

* Fix build.yml again

* Disable bun due to it does not support PNPM monorepo
@samchon samchon closed this as completed in 4d82c4e Mar 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@samchon samchon

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ryoppippi @snatvb @samchon