Updating the Dependencies
Failure to update dependencies makes your product increasingly difficult to maintain and it can bring security risks.
Why Updating the Dependencies Is Important
Updating dependencies should be a regular part of your job. Use our DX Scanner practice called DependeciesVersion to find out if the libraries you are using are updated.
What is a dependency? A dependency is something your product needs to function. It could be a plugin, a database, or an external library. Some dependencies that you use may need updates which you should check regularly. Otherwise, your product can malfunction.
Failure to update the dependencies will make your product hard to maintain and can lead to your developer's time being taken up by routine, meaningless work. A straightforward upgrade should not take more than just a few hours.
Source: Updating Dependencies Sucks
Upgrades can be released often, and keeping up with them can be challenging. Use tools for each library to automate this job:
- for JavaScript: npm-check-updates
- for Java: Dependabot
- for C#: NuGet
Why Keep Dependencies Updated?
What are the reasons for updating the dependencies?
- Your product can malfunction
- You will not be able to use new features added in the latest versions
- You may miss out on performance improvements provided by updates
- Security issue fixes can be missed or delayed
- Maintenance overheads of old versions could be reduced
- Bug fixes are often contained in the new versions
Maintaining an application with a large codebase requires a lot of discipline, and having your dependencies up to date should be a top priority for your team and organization. Failure to make this a regular practice will slowly make your codebase more difficult to maintain, hindering your team’s productivity and satisfaction.
Problems the Updated Dependencies Solve
How to Keep Dependencies Updated
- Check out the new versions
- Review the changelogs
- How new is it? Is it sufficiently stable?
- Check the requirements
- The new version may require new or expanded hardware or network resources.
- Plan the upgrade
- Estimate the time - how long will it take?
- Ensure you have a plan to roll back the changes in case of an upgrade failure.
- Protect the current state of your product, and minimize disruption to business as usual processes.
- Log
- Document your steps. Use a Logbook and write down the changes made by your team members. It can also be useful to establish best practice for upgrading other products.
Common Pitfalls of Updating Dependencies
- The updates are so complex that they also require an update of other dependencies
- Updating features instead of updating dependencies that seem less important or attractive
- Rolling back to the previous version instead of fixing a crashed application
- Trying to resolve version conflicts of dependency instead of focusing on keeping the product working as it used to
Resources for Updating the Dependencies
- Medium: Give your outdated libraries some respect
- Code Trotter: How to efficiently update your npm dependencies ?
- Gap Intelligence: Application Dependencies: When and Why You Should Upgrade
- Depfu: Updating Dependencies Sucks
Want to write for DXKB?
Feel free to contribute. People from DXKB community will be more than happy.
Related articles
ALL ARTICLES
Package Management
Package management allows you to automatically download, install, and update software using remote repositories and in a consistent manner. Package managers are software tools that eliminate maintaining the software manually.
Read moreDocumentation Testing
Documentation testing is a process of improving your existing documentation through feedback. Understanding how to get feedback is crucial for building good documentation and positive developer experience.
Read moreDockerizing
Dockerizing is the process of packing, deploying, and running applications using Docker containers. Docker is an open source tool that ships your application with all the necessary functionalities as one package.
Read moreJavascript Front-End Build Tools
If you are a front-end developer, build tools can save you valuable time. They can do almost anything: download libraries, run tests, bundle packages, automatize tasks, and so much more.
Read moreBus Factor
A Bus Factor measures the minimum number of team members who have to be hit by a bus to put the project in jeopardy. The goal is to increase your Bus Factor as much as possible.
Read moreALL ARTICLES