You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We're using a Docker deployment of Medusa based on this repository where I work, and I think I've found something you should be aware of. It looks like module versions are being controlled using yarn.lock, but the Dockerfile provided runs npm install. This means the yarn.lock file is completely ignored when building using Docker, and results in the latest version of all Node modules being installed.
The result of this is that the Medusa backend has been upgrading itself each time we deploy it, without our knowledge. medusa migrations run is run on every deploy, so most of the update migrations will have worked, but obviously the more in-depth migrations and potential code changes have not been put in place.
Is there something I've missed, or is this a problem that should be rectified?
The text was updated successfully, but these errors were encountered:
Hi there,
We're using a Docker deployment of Medusa based on this repository where I work, and I think I've found something you should be aware of. It looks like module versions are being controlled using
yarn.lock
, but the Dockerfile provided runsnpm install
. This means theyarn.lock
file is completely ignored when building using Docker, and results in the latest version of all Node modules being installed.The result of this is that the Medusa backend has been upgrading itself each time we deploy it, without our knowledge.
medusa migrations run
is run on every deploy, so most of the update migrations will have worked, but obviously the more in-depth migrations and potential code changes have not been put in place.Is there something I've missed, or is this a problem that should be rectified?
The text was updated successfully, but these errors were encountered: