Yicong-Huang commented on PR #3798:
URL: https://github.com/apache/texera/pull/3798#issuecomment-3379021282
`brace-expansion` is a transitive dependency, i.e., a library used by one or
more of our dependencies. We don't need to manage or update package.json in
this case.
We always declare our dependencies in `package.json`. For example, we declare
```
// our package.json
dependencies: {
A: 1.2.3
}
```
Then in A library's package.json, they will have their dependencies:
```
// A's package.json
dependencies: {
B: ^2.0.0
}
```
When we install, we will generate yarn.lock
```
// our yarn.lock
A: 1.2.3
B: 2.0.0
```
When B gets updated to 2.0.1, because the library A declares `B:^2.0.0`, it
can also work, so we could update our yarn.lock to take the upgrade.
```
// our yarn.lock
A: 1.2.3
B: 2.0.1
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
