I prefer to have the lockfile commited to git.
But this is a matter of some debate -- there's not one clearly bet way to do it.
Advantages:
- Everyone is working with the same config, which is nice.
- We don't all have to rebuild the lockfile ourselves when something changes.
- The CI is a bit more stable.
Disadvantages:
- The primary one I know of is that the project can get stale -- if no one runs an update, it can keep using ols version of deps for who knows how long, and you may no discover incompatibilities with newer package versions for a long while.
I think the best way to address that is to have a CI job run pixi update once in a while to keep things fresh.
But I don't want to make the change without some consensus.
This was discussed some in #107 -- but I don't think a consensus was reached.
@ocefpaf: you suggested that having the lockfile in git, with a CI job that updates it once in a while would defeat the purpose of the cache -- I don't thnk that's the case.
The idea is that the lockfile would be tested / updated in a separate job -- so a full set of tests would still be run with a single lockfile -- which would use the cache fine, wouldn't it? or maybe I misunderstand how the cache works.
I prefer to have the lockfile commited to git.
But this is a matter of some debate -- there's not one clearly bet way to do it.
Advantages:
Disadvantages:
I think the best way to address that is to have a CI job run pixi update once in a while to keep things fresh.
But I don't want to make the change without some consensus.
This was discussed some in #107 -- but I don't think a consensus was reached.
@ocefpaf: you suggested that having the lockfile in git, with a CI job that updates it once in a while would defeat the purpose of the cache -- I don't thnk that's the case.
The idea is that the lockfile would be tested / updated in a separate job -- so a full set of tests would still be run with a single lockfile -- which would use the cache fine, wouldn't it? or maybe I misunderstand how the cache works.