Build broken due to update of "colors" package #385
Assignees
Labels
priority: p3
Desirable enhancement or fix. May not be included in next release.
type: feature request
‘Nice-to-have’ improvement, new feature or different behavior or design.
Comments
|
There are trade offs for checking in the package-lock.json. Paging @bcoe for an explanation. |
SurferJeffAtGoogle
added
priority: p3
|
the bad release of colors was rolled back on the weekend by npm/GitHub, which unblocked #384. Security patch should be out in the wild. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The release #384 containing a security fix (#382) appears to be blocked by CI due to the sabotaged colors package having updated (Marak/colors.js#285)
I notice that this repository doesn't have a
package-lock.jsonoryarn.lockfile in it - should one be added to help avoid this kind of unexpected breakage in future?The text was updated successfully, but these errors were encountered: