back
loading skill details...
>
Dependency Management Table of Contents Overview When to Use Quick Start Reference Guides Best Practices Overview Comprehensive dependency management across JavaScript/Node.js, Python, Ruby, Java, and other ecosystems. Covers version control, conflict resolution, security auditing, and best practices for maintaining healthy dependencies. When to Use Installing or updating project dependencies Resolving version conflicts Auditing security vulnerabilities Managing lock files (package-lock.json, Gemfile.lock, etc.) Implementing semantic versioning Setting up monorepo dependencies Optimizing dependency trees Managing peer dependencies Quick Start Minimal working example: # Initialize project npm init -y # Install dependencies npm install express npm install --save-dev jest npm install --save-exact lodash # Exact version # Update dependencies npm update npm outdated # Check for outdated packages # Audit security npm audit npm audit fix # Clean install from lock file npm ci # Use in CI/CD # View dependency tree npm list npm list --depth=0 # Top-level only Reference Guides Detailed implementations in the references/ directory: Guide Contents Package Manager Basics Package Manager Basics Semantic Versioning (SemVer) Semantic Versioning (SemVer) Dependency Lock Files Dependency Lock Files Resolving Dependency Conflicts Resolving Dependency Conflicts Security Vulnerability Management Security Vulnerability Management Monorepo Dependency Management Monorepo Dependency Management Peer Dependencies Peer Dependencies Performance Optimization Performance Optimization CI/CD Best Practices CI/CD Best Practices Dependency Update Strategies Dependency Update Strategies Best Practices ✅ DO Commit lock files to version control Use npm ci or equivalent in CI/CD pipelines Regular dependency audits (weekly/monthly) Keep dependencies up-to-date (automate with Dependabot) Use exact versions for critical dependencies Document why specific versions are pinned Test after updating dependencies Use semantic versioning correctly Minimize dependency count Review dependency licenses ❌ DON'T Manually edit lock files Mix package managers (npm + yarn in same project) Use npm install in CI/CD (use npm ci) Ignore security vulnerabilities Use wildcards (*) for versions Install packages globally when local install is possible Commit node_modules to git Use latest tag in production Blindly run npm audit fix Install unnecessary dependencies 1d:[
don't have the plugin yet? install it then click "run inline in claude" again.
by @clawhub