Web Rush

Episode 184: Why so hard? Upgrading Your Dependencies.

Episode Summary

What does it mean to upgrade your dependancies? How do you deal with security issues or error messages when you do? What if you're the creator of an npm library - when do you issue upgrades? And should you built something yourself or use a third party version?

Episode Notes

Recording date: April 28, 2022

John Papa @John_Papa

Ward Bell @WardBell

Dan Wahlin @DanWahlin

Craig Shoemaker @craigshoemaker

Brought to you by

• AG Grid

  

Resources:

• Angular Experience Podcast - S2E12 - Ward Bell on How to Fire Your Boss
• Auditing package dependencies for security vulnerabilities with npm audit
• Automated dependency updates built into GitHub dependabot
• Angular’s ng update CLI
• Jasmine tests
• Snyk
• Bulma
• Node-sass deprecated?
• DevOps and CI/CD with Jenkins
• AG-Grid

Timejumps

• 01:18 Topic introduction
• 03:10 What does it mean to upgrade your dependancies?
• 06:48 Dealing with security issues
• 12:00 Getting error messages when updating
• 20:17 Sponsor: Ag Grid
• 21:19 Managing npm libraries you've created
• 27:26 Having a strategy
• 30:42 Should you build it yourself or use a third party version?
• 33:17 Final thoughts

Podcast editing on this episode done by Chris Enns of Lemon Productions.