training.shoppinpal.com
  • Introduction
  • 1. The Ideal Workspace
    • The Perfect Machine
      • For Biz Team
      • For Developers
      • For Designers
    • Setup a machine in the cloud
      • Solution
      • Setup box on Azure
        • Create a machine on Azure
        • Test drive your remote machine
        • Setup Dropbox On Azure
      • Setup box on DigitalOcean
        • Setup UI
        • Shared FileSystem
          • Dropbox
            • Use locally developed node modules in another project
          • sshfs
        • Long Running Sessions
      • Feedback
  • 2. Learning Git
    • Static Code Analysis
  • 3. The Backend
    • Use Containers
    • Setup a loopback project
    • Lockdown
    • Build a better mousetrap
    • The abyss stares back
    • Built-in models
    • Extending built-in models
    • Understanding UserModel
    • Boot Scripts
    • Promises
    • Find roles for current user
    • Loopback Console
    • Current User
  • 4. Multi-tenancy With Loopback
    • What is Multi-Tenancy
    • Architecting with Loopback
    • Define scope for Roles
    • Role Resolvers
    • Access Control For Tenants
    • Better Programming with multi-tenancy
  • 5. The Frontend
    • The Browser
    • Unit Testing
      • Motivation behind this blog
      • How to write a test
      • Karma and Jasmin
      • Writing Tests
    • End-2-End Testing
    • Angular 1.x
    • Angular 2
      • Testing
  • 6. ElasticSearch
    • Better Search with NGram
    • NGram with Elasticsearch
    • Fun with Path Hierarchy Tokenizer
    • Working with Mappings and Analyzers
  • 7. Promises
    • What are Promises
    • Promise Implementations
    • Nuances
    • What should we use
  • 8. Learning Docker
    • Docker Swarm
  • 9. Queues & Workers
    • PHP workers in AWS EBS
    • NodeJS workers in AWS EBS
      • SQS Daemon by AWS
      • SQS Daemon in NodeJS
      • SQS polling by worker
    • Gearman
  • 10. Docker
    • Capabilities
  • Appendix
    • Bug in WebStorm deployments
    • The Perfect Terminal
    • Scalable App Deployment with AWS
    • Chrome Tips & Tricks
    • Host your own Gitbook
    • Gitbook Tips & Tricks
    • How to handle support incidents
    • Dev Resources
    • Debug e2e Tests on CircleCI
    • Logging
    • Authentication Principles
    • Mac
    • nvm
    • Unify testing with npm
      • Debugging Mocha
    • Sequence Diagrams
    • Project Sync via IDE
      • SFTP with WebStorm
      • SFTP with Visual Studio
    • Soft Linking
    • NodeJS Profiling
      • How to find node.js performance optimization killers
    • Setup Packer on Azure
Powered by GitBook
On this page
  1. 3. The Backend

Lockdown

PreviousSetup a loopback projectNextBuild a better mousetrap

Last updated 7 years ago

  • Make sure you're in the loopback project directory:

    $ pwd
    /home/codio/workspace/loopback-zero-to-hero
  • If not, then get in there:

    $ cd ~/workspace/loopback-zero-to-hero/
  • Its easy to let the flexible versioning notations (*, ~ or ^) in package.json fool us into working against different versions of dependencies! Since features and bugs vary across versions, let us make sure to work with precisely defined versions for all dependencies.

  • The package.json file is lenient and uses the ^ symbol to let you install anything newer than the listed version. For example, the current package.json file which was generated by slc and it contains:

    "loopback": "^2.14.0",
    "loopback-boot": "^2.6.5",
    "loopback-datasource-juggler": "^2.19.0",

    but if you inspect what was installed (when npm install auto ran as part of project setup) you'll see much newer versions:

    $ npm ls | grep loopback
    ...
  • Now let's freeze the versions so any development or deployments in the future will use these installed versions and nothing else:

    $ npm shrinkwrap
    ...
    wrote npm-shrinkwrap.json
  • A new file is produced. Examine and you will see a much more explicit file that tracks the versions of every dependency and sub-dependency etc. As long as you leave this file in your project and preferably check it into your source control repository, you can expect consistent behavior across developers and deployments. From now on whenever npm install is run, it will ignore the wishy-washy package.json and instead pay attention to npm-shrinkwrap.json

  • Good deal! onwards and upwards...

npm-shrinkwrap.json