[
https://issues.apache.org/jira/browse/THRIFT-4758?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16753990#comment-16753990
]
Allen George commented on THRIFT-4758:
--------------------------------------
[~jking3] Sorry for the delay in responding to this.
Actually I followed the guidance in the Rust community regarding
{{Cargo.lock}}: "If you’re building a library that other packages will depend
on, put {{Cargo.lock}} in your {{.gitignore}}. " Source:
https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html
> We gitignore and do not check in config lock files in many languages - isn't
> that bad?
> --------------------------------------------------------------------------------------
>
> Key: THRIFT-4758
> URL: https://issues.apache.org/jira/browse/THRIFT-4758
> Project: Thrift
> Issue Type: Bug
> Components: Build Process, D - Library, Dart - Library, PHP -
> Library, Ruby - Library, Rust - Compiler
> Affects Versions: 0.12.0
> Reporter: James E. King III
> Priority: Major
>
> In npm we check in the package-lock.json file because that ensures your
> builds are stable over time. The cost you pay is that occasionally you need
> to rev the file manually. The benefit is a changed package won't bork your
> build.
> I have identified in the following languages we are ignoring and not checking
> in the package lock files:
> d (dub)
> dart
> php (top level composer.jock)
> ruby
> rust
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
