Hacker News new | past | comments | ask | show | jobs | submit login

If it's a 5 year old project, you probably shouldn't be building it with the current versions of tools. You need to pin your dependencies and use the same versions of the tools as before. It'd be the same thing with libraries if you didn't have a lockfile. Your development tools need one too.



> If it's a 5 year old project, you probably shouldn't be building it with the current versions of tools.

Bold of you to assume I have worked in React for this long and somehow didn't know about this brittle solution to a problem which shouldn't have existed in the first place.

How does your solution handle packages that no longer exist? Let me guess, we back up the packages? Okay, so these packages don't run on new versions of relevant binaries--do we back up the binaries as well? How bad does it have to get before you admit it's a tire fire?


wait, what package does no longer exist? is it something that has been unpublished from NPM?


https://en.wikipedia.org/wiki/Npm_left-pad_incident

People arguing with me here don't seem to remember this breaking like 1/2 the JS builds in existence for a few days.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: