What to build
Upgrade the package engine to enforce exact version locks for every package added. This prevents accidental downstream peer issues from semantic version expressions (^ or ~). Additionally, loop back post-install to run a programmatic audit scan to catch vulnerability flags early.
Files to modify
Specs
- Section 5.4 (Dependency Resolution Algorithm) guidelines.
Acceptance criteria
Dependencies
What to build
Upgrade the package engine to enforce exact version locks for every package added. This prevents accidental downstream peer issues from semantic version expressions (
^or~). Additionally, loop back post-install to run a programmatic audit scan to catch vulnerability flags early.Files to modify
src/dependencies.jsSpecs
Acceptance criteria
^) and tilde (~) symbols from all dependencies dynamically pushed via code logic.npm auditverification block following execution steps.Dependencies