From e21011fce1561826a0e9054d94c4ab5293953a10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Dalfors?= Date: Mon, 8 Apr 2024 10:46:22 +0200 Subject: [PATCH] use --frozen-lockfile to ensure dependency integrity across builds --- .travis.yml | 2 +- appveyor.yml | 2 +- docker/cloneBuildAndTest.sh | 2 +- scripts/prepare-release.ts | 6 +++--- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 22e9731..46d8b11 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,7 +25,7 @@ services: - docker install: - - yarn install + - yarn install --frozen-lockfile - if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get update && sudo apt-get -y install snap squashfs-tools && sudo snap install snapcraft --classic; fi; script: diff --git a/appveyor.yml b/appveyor.yml index 43b3cc5..52e5fb1 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -10,7 +10,7 @@ install: - ps: Install-Product node 19 build_script: - - yarn + - yarn install --frozen-lockfile - yarn build - yarn prepare-release - yarn package appx diff --git a/docker/cloneBuildAndTest.sh b/docker/cloneBuildAndTest.sh index 674fa83..ba21b25 100755 --- a/docker/cloneBuildAndTest.sh +++ b/docker/cloneBuildAndTest.sh @@ -5,7 +5,7 @@ git clone https://github.com/thomasnordquist/MQTT-Explorer.git /app cd /app git checkout travis-ui-tests -yarn +yarn install --frozen-lockfile yarn build yarn ui-test diff --git a/scripts/prepare-release.ts b/scripts/prepare-release.ts index 8301645..61532e3 100644 --- a/scripts/prepare-release.ts +++ b/scripts/prepare-release.ts @@ -17,18 +17,18 @@ async function prepareRelease() { // Install app dependencies chdir('app') - await exec('yarn') + await exec('yarn', ['install', '--frozen-lockfile']) chdir('..') // Install electron dependencies - await exec('yarn') + await exec('yarn', ['install', '--frozen-lockfile']) // Build App and Electron backend await exec('yarn', ['build']) // Clean up await fs.remove('node_modules') - await exec('yarn', ['install', '--production']) // Do not clean up, electron version detection will fail otherwise + await exec('yarn', ['install', '--production', '--frozen-lockfile']) // Do not clean up, electron version detection will fail otherwise await fs.remove(path.join('app', 'node_modules')) chdir(originalDir)