| ▲ | whilenot-dev 3 days ago | |
To add to this: the hash in the lock file is the checksum of the published tarball, not the commit hash. | ||
| ▲ | cluckindan 3 days ago | parent [-] | |
And then someone runs `npm install` on their CI | ||
| ▲ | whilenot-dev 3 days ago | |
To add to this: the hash in the lock file is the checksum of the published tarball, not the commit hash. | ||
| ▲ | cluckindan 3 days ago | parent [-] | |
And then someone runs `npm install` on their CI | ||