Echo JS 0.11.0

<~>
fcambus 3583 days ago. 
I would be interested to know your personal experiences about managing npm module dependencies within your projects.

I'm aware of tools such as David which automatically tracks dependencies, and can even display badges one can embed in README files : https://david-dm.org

Basically, what I'm wondering about precisely is when to decide to update the package.json file. Also, now that the  caret (^) prefix appeared (and is the new default when doing npm install --save), there is an even greater number of available options to consider.

What are your thoughts on this topic?

bevacqua 3583 days ago. link 3 points 
You can use [Gemnasium][0] too, to get email notifications when new versions of things you depend upon have been released.

I'd say you have to update once in a while or if you run into walls because of bugs that have been fixed in later releases. Other than that I feel like being obsessed with updating your dependencies is a waste of time for little gain, because Node-folk update their packages pretty frequently..

[0]: https://gemnasium.com/
fcambus 3579 days ago. link 1 point 
Thanks for your input Nico. Actually, that's pretty much what I've been doing, and what I believe mostly everyone is doing : only updating in case I need to use new features.

It's always good to have someone else point of view though.
bevacqua 3578 days ago. link 2 points 
For what is worth, Gemnasium just emailed me about a new feature where they seemingly have a CLI that auto-updates deps in your projects granted that your tests pass after the update... May be another approach
bahmutov 3582 days ago. link 2 points 
I use badges from david-dm.org and whenever I see red (minor patch out of date) for either dependencies or dev dependencies I use my tool next-update (https://github.com/bahmutov/next-update) to actually update dependencies one by one to latest version. The key is that next-update runs your tests and tells you if something fails. So you upgrade only with dependencies that do not break your project. There is even a public anonymous stats telling how likely a particular update to break stuff http://next-update.herokuapp.com/

I also use grunt-nice-package https://github.com/bahmutov/grunt-nice-package to remove all *, ^ and ~ from dependency versions - I want to have the exact versions, even a patch update can break stuff.
fcambus 3575 days ago. link 1 point 
next-update looks interesting, I will give it a try. Meanwhile, I posted it on the site as I think it can be useful for everyone.

Thanks for your input.