You Don't Know Your Dependencies

BerlinJS

May 2019

@a0viedo

I'm from Buenos Aires, Argentina

I work as platform engineer

I help run NodeConf Argentina and also collaborate with other local communities

Hi! I'm Alejandro

@a0viedo

Pinning deps: yay or nay

@a0viedo

^2.3.1

2.3.1

@a0viedo

Little known fact #2

Verdaccio is great to caching dependencies

@a0viedo

Little known fact #3

npm has the option to reference the filesystem

{
  "dependencies": {
    "cool": "file:../test-dir"
  }
}

lock-what?

npm / yarn / pnpm

@a0viedo

I've pushed a lockfile...now what?

npm ci

@a0viedo

npx dep-verify

npx tbv

You Don't Know Your Dependencies

By Alejandro Oviedo García

You Don't Know Your Dependencies

  • 1,299