MDL-52250 npm: shrinkwrap to lock down dependencies
authorDan Poltawski <dan@moodle.com>
Thu, 3 Dec 2015 17:00:50 +0000 (17:00 +0000)
committerDan Poltawski <dan@moodle.com>
Fri, 4 Dec 2015 15:10:59 +0000 (15:10 +0000)
commitf8de8c71472ef45bb422f5361fc215bd20285ee5
treebf042b4928e6616e36b6943834e5295bf208a65d
parent302a3c5f7ded0de7f26f3fdaf90547bb78903e73
MDL-52250 npm: shrinkwrap to lock down dependencies

We've tried various approaches to lock down our dependencies and they
have been flawed because dependencies in our included packages may not
be locked down and previous attempts to do that have not been correct.

With npm shrinkwrap we lock down versions so that any npm install will
always install the exact same versions for all developers - see:
https://docs.npmjs.com/cli/shrinkwrap

(This is a lot like composer.lock for those more fluent with composer)
npm-shrinkwrap.json [new file with mode: 0644]