WIP: chore: remove bun.lockb #12

t.behrendt · 2025-03-25T21:51:11+01:00

t.behrendt commented

2025-03-25 21:51:11 +01:00

Dependency versions should be fixed at build time. Loss of reproducibility on dev machine is not significant enough to justify pinning package versions that will never be updated.

CI needs to be adjusted to ensure that the versions used during testing are also being bundled in the final OCI image.

Dependency versions should be fixed at build time. Loss of reproducibility on dev machine is not significant enough to justify pinning package versions that will never be updated. CI needs to be adjusted to ensure that the versions used during testing are also being bundled in the final OCI image.

t.behrendt added 1 commit 2025-03-25 21:51:11 +01:00

chore: remove bun.lockb

CI / Test (pull_request) Successful in 38s

Details

074a9aa4ab

t.behrendt changed title from ~~chore: remove bun.lockb~~ to WIP: chore: remove bun.lockb

2025-03-25 21:54:02 +01:00

t.behrendt commented

2025-09-30 11:14:33 +02:00

Considering recent npm supply chain attacks, removing the lock file is no longer good practice without external review of deps.

t.behrendt closed this pull request

2025-09-30 11:14:33 +02:00

t.behrendt deleted branch chore-remove-bun-lock

2025-09-30 11:16:59 +02:00

CI / Test (pull_request) Successful in 38s

Required

Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: t.behrendt/ts3gotify#12