https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32609
--- Comment #35 from Jonathan Druart <[email protected]> --- (In reply to David Cook from comment #34) > (In reply to Jonathan Druart from comment #31) > > I have one concern about the `yarn install` step. At some point we want to > > freeze the node_modules directory, or we may get expected regressions at a > > very bad time. > > Imagine we are testing a beta version D-15 before the release, everything is > > working great, we decide to release on D-day, package maintainer releases > > using `yarn install && yarn build:prod`. If something changed in the node > > modules, we haven't tested it and we release a broken version. > > If we use "yarn install --frozen-lockfile" when running via Makefile.PL, > that should avoid that scenario. We'd be using only the versions from > yarn.lock that hypothetically were tested. Indeed, we discussed that already but forgot. Good :) > That said, testing will be interesting. I suppose you'll get generated files > at ktd startup time, and those should be OK until you change branches. At > that point, you might have the wrong generated files and not know it. > > When it comes to local dev/test, we might need to just get into the habit of > being mindful of doing yarn install/build when we switch branches (if > required). Or use watch :) > Sandboxes shouldn't be a problem since we could automate the file > re-generation... > > > It's tricky and I don't have a solution right now, but we need to: > > * Let developers yarn install whenever they want > > (/kohadevbox/koha/node_modules will be used/tested) > > * Have a generated (when?) version (/kohadevbox/node_modules) that would be > > used to generate the compiled files on ktd startup (sandboxes and devs). We > > could run build:prod to avoid last minute bugs to popup. > > * Pick the last generated version for the release > > I suppose test/QA theoretically should catch if there's a problem with > generated files. So the "last generated version for the release" will just > be what's in the package.json and yarn.lock files. > > Maybe we're overthinking it a bit? I did overthink it yesterday, yes! Glad we have an easy solution. The question is then when do we run `yarn install` and update the lock file? But we can discuss that later. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
