-
Notifications
You must be signed in to change notification settings - Fork 3.4k
Integrating with node
The node project currently bundles npm in every version. In order to allow our team to release new semver-major versions of the npm CLI, we have some guidelines to follow. Please note that these are guidelines, they are not exhaustive and failures may not be the responsibility of the npm team to address. Our duty is to do our best and to determine the root cause of any new failures so that we may discuss them with the node project before a new version is bundled.
To ensure this one, we will have a GitHub action triggered by new releases that downloads and builds the current node release lines with an updated npm and runs the node project's tests.
No new failures installing the packages defined by citgm.
The set of packages curated by citgm is reasonably diverse. When a release is published, we will use citgm (or some derivative) to download the latest published version of each package and run npm install followed by npm ls to verify we have generated a valid package tree.
After npm install and npm ls verify that we are able to create a valid package tree, we additionally run each of the project's tests.
To ensure our users can work smoothly in both the latest npm release, as well as previous versions, we must be diligent about only making breaking changes to package-lock.json files when explicitly requested. Since breaking changes to the lock file are signified by a change in the lockfileVersion property, our automated testing will include checking each package in citgm for an existing package-lock.json. If one is found, we assert that the lockfileVersion found within does not change after npm install is run.