Suppress warnings

[rkristelijn]

When running npm i in the APM-Final folder, I get these warnings;

npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN [email protected] requires a peer of [email protected] - 3 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of popper.js@^1.14.7 but none is installed. You must install peer dependencies yourself.

you can simply avoid these by installing jquery and popper.js as a dev dependency:

npm i -D jquery
npm i -D popper.js

as for package-lock.json

https://github.com/npm/npm/blob/v5.0.0/doc/files/package-lock.json.md
[...]package-lock.json is automatically generated for any operations where npm modifies either the node_modules tree, or package.json. It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.

This file is intended to be committed into source repositories, and serves various purposes[...]

[DeborahK]

Thank you for your comments.

The course does not use jquery or popper as specified in the course here: https://app.pluralsight.com/course-player?clipId=728a1cc2-26f0-46ab-9d15-4e5f37a55ae3&startTime=188.84

We only use the style classes, not any of the JavaScript libraries of bootstrap, so we don't need these dependencies.

And regarding the lock file ... I, too, had thought it was a good idea to provide the lock file with the check in. And for team projects, it may be a good idea. The team is then notified when there are any issues.

But if I do provide the lock file as part of these downloaded files, then any time there is a security fix (amazingly often) and some library author deletes a dependency and provides a new version ... anyone trying to install my files gets introduced to Angular with a big install fail.

So I opted to remove that file from my repo.

Make sense?