chore: generate shrinkwrap without including dev and peer deps #2189
Conversation
|
If this PR looks sensible, I'd like to submit the similar ones for UIA2 and Espresso driver. |
|
|
||
| # Generate shrinkwrap from the content of node_modules | ||
| mv package-lock.json package-lock.json.bak | ||
| npm shrinkwrap |
There was a problem hiding this comment.
mm, it seems like this command puts "dev" in the npm-shrknkwrap.json? Let me check a few further later
There was a problem hiding this comment.
maybe the behaviour has changed in npm itself as we use the latest LTS node
There was a problem hiding this comment.
Checked a few additionally. Actually npm included in over node 18 (so lockfileVersion v3 thing?) generated dev included one. Thus currently no good way to include only dependencies without dev attribute in the published package, while actually the lock file with --omit (in current our publish.yml way) did not include everything in the dev dependencies, thus not bad
There was a problem hiding this comment.
Actually this helped to not save dev env in the npm-shrinkwrap.json, but probably other drivers that haven't had package-lock.json won't change so much. To expand this to other drivers, them maybe only the --omit option can help to use newer syntax for the same purpose
|
let me merge and see how this will be |
|
🎉 This PR is included in version 5.8.2 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
Thank you!
Roughly checked on |
|
Interestingly appium/appium-geckodriver#89 generated non-dev in |
Intent
Exclude dev and peer dependencies from
npm-shrinkwrap.jsonupon release. As ofv5.8.1, they are included (Many"dev": trueexist innpm-shrinkwrap.json).Confirmed
By following the updated workflow manually, confirmed no dev/peer dependencies are included in
npm-shrinkwrap.json.