What does it mean to upgrade your dependancies? How do you deal with security issues or error messages when you do? What if you're the creator of an npm library - when do you issue upgrades? And should you built something yourself or use a third party version?
const podcast = {
episode: 184,
title: 'Why so hard? Upgrading your Dependencies.',
topics: [
'software', 'upgrades', 'Dependencies'
],
guest: 'n/a'
hosts: [
'Ward Bell', 'John Papa'
]
};
Recording date: April 28, 2022
John Papa @John_Papa
Ward Bell @WardBell
Dan Wahlin @DanWahlin
Craig Shoemaker @craigshoemaker
Brought to you by
Resources:
- Angular Experience Podcast - S2E12 - Ward Bell on How to Fire Your Boss
- Auditing package dependencies for security vulnerabilities with npm audit
- Automated dependency updates built into GitHub dependabot
- Angular’s ng update CLI
- Jasmine tests
- Snyk
- Bulma
- Node-sass deprecated?
- DevOps and CI/CD with Jenkins
- AG-Grid
Timejumps
- 01:18 Topic introduction
- 03:10 What does it mean to upgrade your dependancies?
- 06:48 Dealing with security issues
- 12:00 Getting error messages when updating
- 20:17 Sponsor: Ag Grid
- 21:19 Managing npm libraries you've created
- 27:26 Having a strategy
- 30:42 Should you build it yourself or use a third party version?
- 33:17 Final thoughts
Podcast editing on this episode done by Chris Enns of Lemon Productions.
