Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

NPM lock files seem to include hashes for integrity checking, so as long as you check the lock file into the VCS, what's the difference?


Wrong question; NPM isn't bedrock. The question to be answered if there is no difference is, "In that case, why bother with NPM?"




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: