DEV Community

Boris Shulyak
Boris Shulyak

Posted on

Manage project dependencies correctly

Choosing npm packages

Suppose you need to select a library, and you already know the requirements for which you are searching for this library. Here's what to consider when making the final decision:

  • Bundle size. - Compare the bundle size of each package using https://pkg-size.dev/.
  • Over engineering. - Evaluate how much unnecessary functionality this package offers. If it affects the bundle size, it's better to look for alternatives.
  • Popularity. - The number of GitHub stars and monthly downloads.
  • Activity. - How recently and how often the package has been updated? Activity in terms of issues and pull requests.
  • Code quality. - Read the source code of the package.

Updating npm package versions

  • Do not hurry to upgrade to major versions (especially in the context of big frameworks like Next.js), waite for at least 1-2 minor/patch versions afterward (unless it is needed and we embraced the risks).
  • When updating a version, carefully read the package's Changelog to avoid breaking changes.
  • Test all the functionality related to the updated package.

How to manage dependency versions

  • Strictly specify versions of all npm packages. - Do not use any symbols (^, ~, etc.) - this can lead to sudden bugs, as you might easily overlook that some packages have been updated, miss testing-related functionality, fail to inform QA about it, and as a result, deliver bugs to production.
  • Use dependabot.

Choosing a Dependency Manager

  • Use pnpm - This is just one recommendation, but it's too big of a topic to discuss here.

Read More

Heroku

This site is built on Heroku

Join the ranks of developers at Salesforce, Airbase, DEV, and more who deploy their mission critical applications on Heroku. Sign up today and launch your first app!

Get Started

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay