From c3829046387aeb9a5bbba4c9ead3be46f2e357f0 Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Sun, 5 Mar 2023 20:56:28 -0800 Subject: [PATCH] docs: Remove bad advice about pinning versions. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Because `yarn.lock` includes transitive dependencies, it already pins our dependencies more comprehensively than `package.json` would if we followed this bad advice, which we don’t, as of commit 9b0401b76d5412899197f7f827468b24742dee8c (#13118). Signed-off-by: Anders Kaseorg --- docs/subsystems/html-css.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/docs/subsystems/html-css.md b/docs/subsystems/html-css.md index 832cf82da3..d738438a30 100644 --- a/docs/subsystems/html-css.md +++ b/docs/subsystems/html-css.md @@ -180,12 +180,7 @@ first add it to the appropriate place under `static/`. `package.json` for management by yarn, this allows them to be upgraded easily and not bloat our codebase. Run `./tools/provision` for yarn to install the new packages and update its lock file. You should also update - `PROVISION_VERSION` in `version.py` in the same commit. When adding modules - to `package.json`, please pin specific versions of them (don't using carets - `^`, tildes `~`, etc). We prefer fixed versions so that when the upstream - providers release new versions with incompatible APIs, it can't break Zulip. - We update those versions periodically to ensure we're running a recent - version of third-party libraries. + `PROVISION_VERSION` in `version.py` in the same commit. - Third-party files that we have patched should all go in `web/third/`. Tag the commit with "[third]" when adding or modifying a third-party package. Our goal is to the extent possible