chore: generate lockfile for audit, install speed

wkillerud · wkillerud · commit 984d6414f41b · 2025-05-23T11:59:03.000+02:00
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
@@ -20,16 +20,12 @@ jobs:
       - name: Install Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: 20
+          node-version: 22
 
-      - name: Install dependencies
-        run: npm install
+      - run: npm ci
 
-      - name: Lint
-        run: npm run lint
+      - run: npm run lint
 
-      - name: Run all tests
-        run: npm test
+      - run: npm test
 
-      - name: Generate and check types
-        run: npm run types
+      - run: npm run types
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -28,22 +28,17 @@ jobs:
       - name: Install Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: 20
+          node-version: 22
 
-      - name: Install dependencies
-        run: npm install
+      - run: npm ci
 
-      - name: Lint
-        run: npm run lint
+      - run: npm run lint
 
-      - name: Run all tests
-        run: npm test
+      - run: npm test
 
-      - name: Generate and check types
-        run: npm run types
+      - run: npm run types
 
-      - name: Release and publish
-        run: npx semantic-release
+      - run: npx semantic-release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/.gitignore b/.gitignore
@@ -6,7 +6,6 @@ coverage/
 node_modules/
 *.log
 .vscode
-package-lock.json
 node_modules
 node_modules/**/*
 .DS_Store
diff --git a/.npmrc b/.npmrc
@@ -1,2 +1,18 @@
-package-lock=false
+; Don't download optionalDependencies and peerDependencies.
+; Conflicting peerDependencies is a source of issues with npm install.
+; This setting forces us to be explicit about listing dependencies.
+omit=optional
+omit=peer
+
+registry=https://registry.npmjs.org
+
+; Prefer specifying dependency versions explicitly. Renovate will open
+; pull requests that handle most dependency updates for you.
 save-exact=true
+
+; Treat conflicting peerDependencies as a failure,
+; even if npm can reasonably guess an appropriate resolution.
+strict-peer-deps=true
+
+; Renovate will update packageManager for us.
+update-notifier=false
diff --git a/package-lock.json b/package-lock.json
