Workflow disruption
Created by: Timer
Between 8:15 PM - 9:15 PM (EST) newly created applications could not be started with npm run start.
Failed to compile.
Error in ./src/index.js
Module build failed: TypeError: /Users/joe/Desktop/testing/src/index.js: Cannot read property 'scope' of undefined
@ multi mainOne of our dependencies released a backwards incompatible change in a minor release. We typically try to avoid this by pinning our package versions, but we currently have no way of ensuring deterministic builds.
Few users were affected, but situations like these raise questions about how we can prevent this from happening in the future.
We want to ensure we keep our users' trust in our reliability, and I think this deserves some discussion about what can be done.
Is there anything that prevents us from shipping releases with npm-shrinkwrap.json and yarn.lock files (does yarn try use dependents lock files?)?
Should we start bundling dependencies again? There seems to be hard feelings about them: https://github.com/facebookincubator/create-react-app/pull/1068. Are they better in NPM 4? Can we push to make them better?
Or should we live with that accidents happen?