Is your feature request related to a problem? Please describe.
Related to #2202
When users run npm install netlify-cli -g they always get the latest minor/patch versions of CLI dependencies. This usually works ok and helps users get the latest security updates, but can cause issues when packages don't follow semver.
By publishing npm-shrinkwrap file we will be essentially locking down CLI dependencies during installation on users machines.
This is useful when installing the CLI globally, but prevents users from having full control of their dependency tree if installing the CLI locally.
See more here
Describe the solution you'd like
Publishing an npm-shrinkwrap file to pin CLI dependencies.
Describe alternatives you've considered
#2208
#1597
Can you submit a pull request?
Yes
Is your feature request related to a problem? Please describe.
Related to #2202
When users run
npm install netlify-cli -gthey always get the latest minor/patch versions of CLI dependencies. This usually works ok and helps users get the latest security updates, but can cause issues when packages don't follow semver.By publishing
npm-shrinkwrapfile we will be essentially locking down CLI dependencies during installation on users machines.This is useful when installing the CLI globally, but prevents users from having full control of their dependency tree if installing the CLI locally.
See more here
Describe the solution you'd like
Publishing an
npm-shrinkwrapfile to pin CLI dependencies.Describe alternatives you've considered
#2208
#1597
Can you submit a pull request?
Yes