1/20/2024 0 Comments Npm update all packages to latest![]() ![]() This file contains the list of the changes (bugfixes / features) released with each new version. Usually, a lot of dependencies have a CHANGELOG.md file at the root of their repository. To correctly update your dependencies and being able to adapt your code with the potential breaking changes, it's important that your dependencies contain a CHANGELOG file, some documentation or even better a migration guide. So instead of keeping it up-to-date and having it included in our final bundle, I simply removed it and recreate the function we needed directly in the project ! #What are the changes ? For example, in one of my client's project, I found that we've installed a big dependency and we were using only one function of it. Then, you can check if you really need a dependency for the usage you're doing of it. Just remove them by running yarn remove your-dependency. So the first step is to check if your dependencies are really used. What are they used for ? Do you really need them ? Are they correctly ordered between dependencies and devDependencies ? This may sound a bit obvious but if you're working on a project that you haven't initialized or where people were free to add dependencies, I'm pretty sure that you don't have a full control of what you're using. And finally, this page contains the list of the latests security advisories. To avoid this, yarn and npm both have a cli command that will show you the dependencies you're using that are not up-to-date with their latest security patches: yarn audit or npm audit. □ About safety, you can find in this very good article what could happen if your dependencies are not updated when a security issue is found and fixed. By doing so, you'll face less breaking changes at the same time and keep a better control of the changes you'll introduce. I suggest you to update them once every month or at least once every 2 months. If you want to keep your project secure, fast and enjoy the latest features of all your dependencies, it's important to keep them regularly up-to-date. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |