I find NPM dependencies being unreliable after i release my software.
If i will rebuild that software later it will contain different depdendencies versions, depends on if i am using those “^, *, ~” thingies.
I might not fully understood
package-lock.json but in my environment(corporate network), the integrity somehow always differs, multiple proxies inside the network, and i end up recreating the
package-lock.json once in a while, meaning… bringing up new stuff that can make my software fail.
Are there any plans on forcing packages to use fixed versions inside their depdendencies?