npm dependency management best practices

I'm a relative newcomer to the node community. I recently got on board so that I could put together a build for a complex web application that's been under development for several years. The two key tools in my build are Grunt and Browserify, but the application uses jQuery, Backbone, d3 and a smattering of other libraries and plugins as well.

A problem that I've been running into is this: by default, when I install and save a package with npm, it sets up the package with a semver expression that captures all future releases of the package whenever you run npm update. Like this article explains well, that may seem like a good thing at first ("give me this package and all future upgrades"), but it exposes your own application to any non-backwards compatible updates the package maintainer makes... The article also provides some recommended best practices, but it was written almost 4 years ago to the day; I'm hoping there are other, newer ideas.

What sort of solutions do you use to resolve this issue? I can't keep wasting time updating my software every time a breaking change is made in a library I rely on. I want to update when I am good and ready, not whenever I run npm update.

-------------Problems Reply------------

Use npm shrinkwrap to save the tree of dependencies containing the exact versions, so when you npm install it'll use those exact versions.

The npm outdated command will tell you what packages are outdated.

Instead of npm update which updates all your packages, update specific packages with npm install <pkg>@<version> --save

Category:javascript Views:6 Time:2018-08-08

Related post

  • Maven and AppServer dependency management best practice 2010-12-08

    I am developing a web-app and use maven for dependency management (duh). Some of the needed jars are already available in the server lib folder, but do not match the "maven naming scheme", ie missing the version suffix. I would like to use them for d

  • What are some Java memory management best practices? 2009-03-09

    I am taking over some applications from a previous developer. When I run the applications through Eclipse, I see the memory usage and the heap size increase a lot. Upon further investigation, I see that they were creating an object over-and-over in a

  • Password Management Best Practices (soup to nuts, not just storage or generation) 2008-11-06

    We have a site with personal user information. I need to know best-practices for password management. These are average users - should I impose 'hard' passwords? Is there any disadvantage to using the user's email address as a userid? How should I ha

  • What are source control and configuration management best practices? 2009-04-14

    I am thinking of a list that I could refer other developers to with things like: One build script, such as makefile, will build and test entire project All components to needed build the system need to be source controlled Anybody have such a list? I

  • unix file management: best practice for moving files from a staging directory to a final directory 2011-03-30

    I have a file management process that I need some input on. I'm not sure what's the best approach for this. Here is the basic process flow: 1) Files are created from mulitple servers in: /dmp/stage/<date> /dmp/stage/20110329 /dmp/stage/20110330

  • Objective-C memory management--best practices when returning objects? 2009-03-28

    Suppose I have a function like this: - (NSSet *) someFunction { //code... return [[[NSSet alloc] initWithObjets:obj1, obj2, nil] autorelease]; } When I call this function, do I need to do retain/release the return value? I'm assuming I do. However, w

  • Rails i18n Config File Management Best Practices 2009-05-08

    I'm in the process doing an i18n conversion of a RoR website. I'm using Sven Fuchs textmate bundle along with NewDesk's translate plugin. I've started with the yaml files provided by Sven Fuchs here (

  • Rails migration management - best practices? 2009-06-17

    What are best practices for migration management? For instance, when debugging a migration, do you edit the original migration or add an edit migration before committing to the repository? Thanks! --------------Solutions------------- I tend to edit t

  • Dependency Injection best practices and anti-patterns 2009-11-05

    I'm relatively unskilled in Dependency Injection, and I'd like to learn some best practices and anti-patterns to use and avoid respectively when using DI. --------------Solutions------------- I really enjoyed this article regarding DI, as it's target

  • Dependency injection - best practice for fully decoupled components? 2010-06-19

    I want to use dependency injection (Unity) and at the moment I'm thinking about how to setup my project (it's a fancy demo I'm working on). So, to fully decouple all components and have no more assembly dependencies, is it advisable to create an asse

  • MVC-3 User-Image Management - Best Practices 2011-01-02

    Developing using MVC-3, Razor, C# Been searching around and cannot find advice I'm looking for. My site will contain user-uploaded images (possibly a high number). What is the best practice for managing these pictures (placement, breakdown into sub-f

  • Java Statics Primitives, Objects, Methods and the Heap (Memory Management & Best Practices) 2012-03-01

    Okay, so I have been developing in Java for a little over a year now and am making an effort to dive deeper into the language and its best practices. So here is what I know: Java "passes by type" - that is primitives pass by copy and object reference

  • Enterprise Library Data Access Block Transaction Management Best Practice 2009-10-08

    What is the best practice for processing a batched series of CRUD operations in a single transaction with the Enterprise Library Data Access Block that it won't be esclated to a distributed transaction? Edit Full Source: public void BatchInsertEvents

  • Release management - best practice 2008-09-25

    I work for a product development company.We first do internal releases,and then public release.I was wondering, how other product developing companies manage their release? How do you give release number? Tag the source control? --------------Solutio

  • ios/iphone sdk form management best practices 2011-06-03

    I'm working on an iPhone app that will have involve a lot of forms. Currently I have a ViewController class for each settings page which has an UITableView loaded with possible settings. When someone clicks on a setting they are taken taken to a new

  • Background consumer thread lifetime management best practices 2010-08-24

    I have a C# class library which starts up a background consumer thread (lazily) which listens for tasks to complete from a producer/consumer queue. This class library can be used from any type of .NET application and is currently in use under an ASP.

  • Visual c++ native memory management best practices 2011-02-10

    I am an old C# programmer and a C programmer (without dynamic memory allocation), but would like to learn a bit about Visual C++ programming. The question that bothers me is related to memory management in C++. In C#, garbage collector takes care of

  • File management best practices 2012-04-13

    Hi I am currently working on a WPF application which needs extensive file management (users should be able to upload files to a central server and download files from that server) currently i have created a fairly simple wcf based server to handle th

  • Fragment Management Best Practices for Multiple ListFragments 2012-02-04

    I am planning on having 3 fragmentlists contained within one activity. The goal is you select the talk option from the first list, then it transitions to the run list based on what you clicked in talk list, and then in the run list, based on what you

  • how to learn best practices for state management in 2011-03-23

    I am new in programming ,specially in web base programming. i want to learn best practices about state management techniques. I mean when we have to create sessions?, when to use sessions how to check null sessions? , when to use cookies ? when to us

  • Best practices when taking a small project on your own 2009-07-14

    I've always worked in small companies, mostly doing small websites, and they all sucked in project management. That means I have no experience whatsoever (even though I learned a little bit studying on my own) about the best practices and tools when

  • What's the best practice to deploy (manage dependency) the django reusable apps in a real production project? 2011-09-29

    In our project we are using some django reusable apps, we are considering how to make the continuous and automatic deployment easy and painless. We have 2 options: option#1: use "pip install xxx" to install all dependencies reusable apps. Write a scr

  • npm nested dependency management 2012-03-13

    I have a question about best practices in managing npm nested dependencies. Let me explain my situation, and please tell me what I'm doing wrong, or what's the best way to approach this. I'm running an app using express.js and express-mongostore in a

  • Best practices for exception management in Java or C# 2009-01-03

    I'm stuck deciding how to handle exceptions in my application. Much if my issues with exceptions comes from 1) accessing data via a remote service or 2) deserializing a JSON object. Unfortunately I can't guarantee success for either of these tasks (c

  • Web app deployment Best Practices : how to manage local & live files? 2009-02-15

    I am writing php web applications, and simply deploy them via FTP. To make it work, I often have some tweaking/debugging to do given that I have little control over the (free) web server hosting me, so what's working in my local environment might not

Copyright (C), All Rights Reserved.

processed in 0.101 (s). 11 q(s)