Using npm install on build servers may update the dependency tree which will make builds inconsistent and nondeterministic.īut this was not the only red flag, the second red flag was that when I changed the build script to run npm ci it started failing with an error saying it can only install packages with an existing package-lock.json. Never use npm install on your build servers, there is a dedicated npm command for CI/CD. The first red flag was that when I looked at the CI/CD build script I saw that it was executing an npm install to install the npm packages used by the React client. Upon further inspection there was couple of issues found, that raised some red flags of some developers misunderstanding on how to build an application with npm. It was throwing errors on resolving the dependencies. The fix was purely a back-end fix behind the API, which should not have had any effect on the React client, but when the build server started building the pull request in GitHub, it was failing to build the React client.
The product consisted of an API and a React client that communicated with the API. An old customer reported a bug in one of the older versions of the product, and a decision was made to fix the bug and release a patch for it.
0 kommentar(er)
