[erlang-questions] rebar3 dependencies
Wed Mar 23 15:49:55 CET 2016
On 03/23, Roberto Ostinelli wrote:
>Yes, but in hex dependencies you can just add a dependency by name :)
>Fortunately enough AFAIK rebar.lock sets the sha, and rebar with hex only
>allows for exact versions specifiers (i.e. *no* expressions like '~>1.1').
rebar.lock currently only holds the package name. We check SHAs, but
against the index only. The feature for better hash checking is
discussed at https://github.com/erlang/rebar3/issues/1136 right now.
More information about the erlang-questions