Build Environment
Pinned Versions
All tool versions are pinned to ensure reproducible builds across local development and CI.
| Tool | Version | Source of truth |
|---|---|---|
| Node.js | 20.19.0 | .nvmrc |
| Python | 3.12 | .python-version |
| npm | lockfileVersion 3 | website/package-lock.json |
npm Dependencies
All npm dependencies in website/package.json use exact version specifiers (no ^ or ~ ranges). The lockfile pins the full dependency tree.
To update a dependency, change the version in package.json and run npm install to regenerate the lockfile. Submit both files in a PR.
Python Dependencies
Python dev dependencies are listed in requirements-dev.txt with range specifiers for flexibility. The CI environment installs these fresh on each run.
CI Workflows
All GitHub Actions workflows reference:
node-version-file: ".nvmrc"(not a hardcoded version)python-version: "3.12"(standardized across all workflows)
Updating Versions
When updating a pinned version:
- Update the source of truth file (
.nvmrc,.python-version, orpackage.json) - Update all workflows if the version file name changes
- Test locally before pushing
- Submit as a dedicated version-bump PR