To follow best practices for security, we should lock down package versions (like we do in Node.js repos with npm shrinkwrap).
To follow best practices for security, we should lock down package versions (like we do in Node.js repos with npm shrinkwrap).