build: Lock NPM dependencies for npm install

[rzr]

I observed a regression caused to dependencies updates,
build is file but you can't use UI to add things
(browser complains on module.export = App)
Probably caused by babel update from beta49 to rc2 (TBC).

Project prefers yarn over npm,
but npm install could be used by developers or scripts.

Note that, Adding a (potentially unaligned) lock file,
could create ambiguity
but IMHO it's better to support both than only yarn.

Related links:

https://stackoverflow.com/questions/44552348/should-i-commit-yarn-lock-and-package-lock-json-files

yarnpkg/yarn#5654 (comment)

Change-Id: I9489e365b6d3a70102a7d2ae1e44feb7aeb28c06
Signed-off-by: Philippe Coval [email protected]

[codecov-io]

Codecov Report

Merging #1286 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #1286   +/-   ##
=======================================
  Coverage   75.33%   75.33%           
=======================================
  Files         123      123           
  Lines        5916     5916           
  Branches      824      824           
=======================================
  Hits         4457     4457           
  Misses       1287     1287           
  Partials      172      172

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0ae5fab...11b1a2e. Read the comment docs.

[Swaagie]

Imho committing both lockfiles until npm and yarn settle on a solution would improve developer experience. Everybody benefits from having both. If you don't like big git diffs something we've been doing lately is adding a .gitattributes file with the following content:

package-lock.json binary

It will prevent git/github from showing the diffs. In addition the yarn.lock file could be added as well. If you still want to see the diffs (after updating a specific package) git diff --text will force show the diff.

[hobinjk]

Thanks for looking into this! I think in the future we want to switch to only NPM since yarn doesn't really have enough benefits to justify installing yet another binary on the pi. This is great step in that direction.

[rzr]

Thanks, if anyone want to face the bug I described in commit message just rm lock files and install deps.

I am not yet familiar enough with babel to dig deeper

[Swaagie]

@rzr I can take a look at it tomorrow. I've spend way to much time in webpack and babel configs... 😛