Hacker News new | past | comments | ask | show | jobs | submit login

It's true that using version ranges is incredibly dangerous. My take on it: https://www.lucidchart.com/techblog/2017/03/15/package-manag...

I don't love lockfiles, but you need some way deterministic dependency resolution.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: