This repository has been archived by the owner on Oct 9, 2023. It is now read-only.
generated from ossf/project-template
Update recommendations for lockfiles #25
Merged
Merged
Changes from 1 commit
Commits
Show all changes
28 commits
Select commit
Hold shift + click to select a range
c8a9d3b
Update lockfile description
laurentsimon f2e06a8
update
laurentsimon ed3eaf1
update
laurentsimon cc5c654
update
laurentsimon 5d9d5fc
update
laurentsimon 8b81f9c
Update review/npm.md
laurentsimon 2fd0659
Update review/npm.md
laurentsimon ce3c62f
Update review/npm.md
laurentsimon a19a020
update
laurentsimon 9cca608
Update review/npm.md
laurentsimon d014ad6
update
laurentsimon 1db3592
update
laurentsimon 46ec483
update
laurentsimon 7908deb
Update review/npm.md
laurentsimon e8253af
Update review/npm.md
laurentsimon 1ee1de4
update
laurentsimon 6d8eb0e
update
laurentsimon 238630e
Update review/npm.md
laurentsimon 5bb7a87
comments
laurentsimon ecff088
update
laurentsimon 575b376
update
laurentsimon 0d5e822
update
laurentsimon 893832d
update
laurentsimon 044fc7f
update
laurentsimon 425571e
update
laurentsimon a47c8be
update
laurentsimon 7ce831f
update
laurentsimon 42663ca
update
laurentsimon File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
to be fair tho, this is also true for developers, despite the (relatively small) risk to their local machines.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't entirely disagree. I think developers will do in practice regardless of what we say (e.g. when troubleshooting/repdoducing a problem). I think the intention is to raise awareness and encourage users to run these non-locked tests in CI/less-privileged env when possible.
Let me know if you think we should change it or if this is acceptable as-is.