Dependency management articles

6/2/2024 • EN

Migrating to rocks.nvim

A developer shares their experience migrating their Neovim configuration from lazy.nvim to the rocks.nvim package manager, discussing its benefits and drawbacks.

dependency management lua neovim package manager Plugin Management

Jonas Hietala

4/28/2024 • EN

Keeping dependencies up-to-date

Discusses the challenges of keeping software dependencies updated and compares manual vs. automated strategies for managing updates effectively.

Automated Updates dependency management security software maintenance version control

Martijn Hols

3/4/2024 • EN

Please Stop Sending Me Nested Dependency Security Reports

An open source maintainer explains why automated security reports about nested dependencies are often unhelpful and asks developers to stop sending them.

dependency management npm open source security vulnerability

Josh Goldberg

12/13/2023 • EN

Maven Coordinates of the most popular JDBC Drivers

A reference list of Maven coordinates (groupId and artifactId) for the most popular JDBC drivers, sourced from jOOQ integration tests.

Databases dependency management Java jdbc Maven

Lukas Eder

11/16/2023 • EN

Automatically Update npm Package Dependencies with Dependabot

A guide to configuring Dependabot for automated npm dependency updates, including targeted updates for critical packages.

Dependabot dependency management github npm Package Updates

Colby Fayock

10/30/2023 • EN

My User Experience Porting Off setup.py

A developer's detailed account of the challenges faced while migrating a Python package from setup.py to pyproject.toml for Python 3.12 support.

dependency management packaging pyproject.toml Python Setuppy

Gregory Brown

10/17/2023 • EN

Per-Project Development Environments with Nix

A guide to using Nix for creating isolated, per-project development environments to manage different dependency versions without conflicts.

dependency management Development Environments Nix

Michael Lynch

8/14/2023 • EN

The line between writing functions yourself and using open source modules

A developer's analysis of when to write custom code versus using open-source packages, considering maintenance, team skills, and bundle size.

dependency management JavaScript open source software development Third Party Packages

Paul Armstrong

3/24/2023 • EN

A clean codebase is a happy codebase

A developer argues for proactively cleaning up unused code and dependencies to prevent future technical debt and hidden bugs.

clean code Code Maintenance dependency management software development technical debt

Paul Armstrong

2/28/2023 • EN

Dependency management with dependabot

A guide on implementing Dependabot for automated dependency updates and vulnerability management to improve software supply chain security.

Dependabot dependency management Devsecops security Software Supply Chain

Shane Lee

12/18/2022 • EN

Maven, What Are You Waiting For?!

A developer explores issues building Apache Flink with modern Maven due to blocked HTTP repositories in dependencies, offering troubleshooting insights.

Apache Flink build tools dependency management Maven software development

Gunnar Morling

12/18/2022 • EN

Maven, What Are You Waiting For?!

A developer details issues building Apache Flink with modern Maven due to blocked HTTP repositories in dependencies, offering troubleshooting insights.

Apache Flink build tools dependency management Maven software development

Gunnar Morling

8/30/2022 • EN

Cannot resolve symbol ‘VERSION_3_17’ in jOOQ generated code

Explains and resolves the 'Cannot resolve symbol VERSION_3_17' compilation error in jOOQ generated code due to version mismatches.

code generation Compilation Error dependency management Jooq Version Mismatch

Lukas Eder

8/29/2022 • EN

Rewriting my blog in Rust for fun and profit

A developer details their journey rewriting their personal blog's static site generator from Haskell/Hakyll to a custom Rust solution to improve speed and reduce dependencies.

Blog Migration dependency management performance rust static-site-generator

Jonas Hietala

4/18/2022 • EN

Directory.Packages.props, a solution to unify your NuGet package versions

Explains how to use Directory.Packages.props to centrally manage NuGet package versions across multiple projects in a .NET solution.

.net dependency management Directorypackagesprops Nuget package management

Tim Deschryver

2/22/2022 • EN

Node.JS: Upgrading indirect dependencies

Explains how to upgrade indirect npm dependencies, covering semantic versioning, caret/tilde ranges, and practical steps for security updates.

dependency management Node.js npm package.json semantic versioning

Jason Walton

2/5/2022 • EN

Lua Log #4: Build a (Terrible) Package

A developer shares the process of creating and distributing a Lua package using LuaRocks, despite the package being unfinished and having quirks.

dependency management lua luarocks package management rockspec

Matt Layman

1/19/2022 • EN

Dealing with dependencies

Practical strategies for updating PHP projects when external dependencies don't yet support the latest PHP version, including testing, contributing, and finding alternatives.

Backward Compatibility dependency management open source php Version Updates

Brent