Commit ec37d89

committed

tidy: use a lockfile for js tools instead of npx

this makes us less vulnerable to MITM and supply chain attacks. it also means that the CI scripts are no longer responsible for tracking the versions of these tools. it should also avoid the situation where local tsc and CI disagree on the presense of errors due to them being different versions.

1 parent 36cd096 commit ec37d89Copy full SHA for ec37d89

6 files changed

+2969

-13

lines changed

.gitignore
package-lock.json
package.json
src
- ci/docker/host-x86_64/mingw-check-1
  - Dockerfile
- tools/tidy/src
  - ext_tool_checks.rs
  - ext_tool_checks
    - rustdoc_js.rs

6 files changed

+2969

-13

lines changed

`‎.gitignore‎`

-Original file line number
+Diff line change
 ## Node
 node_modules
 -package-lock.json
 -package.json
 /src/doc/rustc-dev-guide/mermaid.min.js
 ## Rustdoc GUI tests

Comments

(0)