Three tips for becoming a package management wizard

If you’ve worked anywhere in the JavaScript ecosystem before you’re probably aware of just how crazy things can get once you start to pull in even just a small number of npm packages.

1) Always (yes, always) pin specific version of your dependencies. Every day there will be packages in your stack getting updated and unless you want to spend all your time fixing bugs in dependencies you probably don’t want to be the first person to start running the new version.

2) Sometimes your dependencies will have unpinned dependencies! This can wreck your day just as quickly as point 1. You need to check your git logs and review changes in your package/yarn.lock file to see when your package stack changes. You can directly pin a good version of a dependencies dependency and keep everything working.

3) If you’re stuck then patch your broken dependencies using patch-package. It allows you to apply a patch to a dependency as it’s getting installed and makes managing which patches you’re applying to your stack wonderfully easy!