Questions tagged [dependency-management]

Currently working on projects utilizing the serverless framework to eventually be deployed to AWS Lambda, my end goal is to have them run seamlessly with the same version of node that is supported on AWS Lambda - which happens to be node 6.10.3. Despite ad ...

Let's imagine a scenario where I have a package.json structured like this: { "name": "my-app", "version": "0.1.0", "dependencies": { "@aws-sdk/client-s3": "^3.21.0", & ...

I had a similar question to the one asked on Stack Overflow about package.json and package-lock.json (in summary; "what's the difference between package.json and package-lock.json?") and found some insightful answers there. However, I still have some relat ...

Imagine having a dependency called some_dep that has a security vulnerability. The guidance provided on GitHub is to “Upgrade some_dep to version 2.2.3 or newer.” But things become complex when you realize that some_dep is a necessary dependency of an ...

Imagine this scenario: You are currently working on a project called cool-app and it relies on both react and cool-package: "dependencies": { "react": "^16.0.0", "cool-package": "^1.0.0" } Unfortunatel ...

During my JavaScript module development process, I utilize npm link to easily install my local version into projects that require the module as a dependency. This method provides a seamless workflow. Although not quite as ideal as TDD, this approach simpl ...

There seems to be a discrepancy in the results I get when installing a package with --global compared to a local installation. For instance I recently installed https://github.com/sverweij/dependency-cruiser $ npm install --save-dev dependency-cruiser W ...