Hacker News new | past | comments | ask | show | jobs | submit login

…so would Cargo? If you install a new package, why wouldn’t you expect it to show up in your lock file?

No, you guys don't understand.. npm updates the package lock even when not adding a new package, i.e. the initial `npm install`. It's insane I'm think to go back to yarn again..

I'm with you, the default behavior is so counter intuitive.

You can use ‘npm ci’ for actually sensible install behaviour.

Hmm, that's pretty stupid. What is the rationale behind this? That you check before you run an install?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact