npm-shrinkwrap.json does this for us already. Not sure there's added
benefit in locking them down in the package.json
On Thu, Apr 17, 2014 at 5:35 PM, Michal Mocny <mmo...@chromium.org> wrote:
> +1, though it does imply that cli and plugman continue to be released
> frequently, instead of rarely as was at some point considered. I think
> thats fine, and actually simplifies a lot of things conceptually (cordova
> "version" for users is == CLI version).
>
>
> On Thu, Apr 17, 2014 at 5:16 PM, Brian LeRoux <b...@brian.io> wrote:
>
> > Michal also asks,
> > "Do CLI's have deps on specific versions of cordova-lib-*, so an apache
> > release
> > means pushing updated package.json deps?"
> >
> > I think Cordova CLI should explicitly lock versions in package.json to
> > stuff from cordova-ilb. Plugman too. (For now. Once things get stable
> more
> > liberal versioning is fine.) I could totally see something like this:
> >
> > "dependencies": {
> > "cordova-lib-app-create":"0.1.0",
> > "cordova-lib-app-info":"0.1.0",
> > "cordova-lib-app-platform-add":"0.1.0",
> > "cordova-lib-app-platform-remove":"0.1.0",
> > ...etc
> > }
> >
>
