I've been reading about the latest NPM madness with a gigantic bowl of popcorn in hand. 🍿 Who thought it would be a good idea for NPM to automatically "upgrade" dependencies to newer versions? Version pinning should be the default behavior, like other sane environments do (eg Java, Rust).
In fact, here's an angry rant comment I left in a JS-based build system about a year ago:
"Always explicitly pick versions for all JS dependencies!!
The Kotlin front-end plugin will warn us if we try to add a dependency without a version.
Don't ignore those warnings, you'll regret it later if you do.
Even worse, the version you didn't know you were depending on gets overwritten by the rebuild
so you can't go look it up after you suddenly realize you need it.
The only way to restore working order to your project is to guess what version you depended on
for each end every dependency that's now broken by an unexpected (and unwanted) update.
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!