developerzohaib786 opened a new issue, #162: URL: https://github.com/apache/polaris-tools/issues/162
hi, i wanted to open a discussion about pinning exact dependency versions in the console package.json file. right now the dependencies use the caret (^) symbol which allows minor and patch updates when running npm install. while package lock already pins versions for npm ci, developers running npm install might get different versions over time which could introduce subtle differences in behavior or build output. for reproducible builds and consistency across all developer environments i think it would be helpful to remove the caret symbols and pin exact versions like "react": "19.2.4" instead of "react": "^19.2.4". this would make it clear exactly which versions the project uses and prevent any accidental upgrades. i understand this means more manual work when updating dependencies but it gives us full control and transparency. would the maintainers and active contributors [ @jbonofre @binarycat0 @dimas-b ] be open to discussing this change? i am happy to prepare a separate pull r equest if you think this approach makes sense for the project. thank you for your time. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
