Discusses the unsustainable expectation of long-term support for open source software and the necessity of regular updates.
The article critiques the web's dependency management, arguing it's broken and should be a native platform feature, not reliant on bundlers.
Introducing Poe the Poet, a tool for managing project tasks and commands via pyproject.toml, demonstrated with a Python documentation setup.
Explains dependency cooldowns, a strategy to reduce supply chain attack risk by delaying automatic dependency updates.
A developer shares technical optimizations for websites and Eleventy projects, covering performance profiling, dependency replacement, and bot settings.
A critique of JavaScript's dependency management after a major supply-chain attack, arguing for systemic change but predicting stagnation.
Qodo AI's new Package Health Reviewer uses Snyk Advisor to automate security and maintenance checks for open-source dependencies in CI/CD pipelines.
Using uv run with Make to test Python code across multiple versions, replacing tools like Tox or Nox.
A guide to using git worktree with Python projects, including a helper script to automate virtual environment and dependency management.
Analyzes common tight coupling patterns in Node.js code, such as global variables and hardcoded dependencies, and their impact on maintainability.
A proposal for managing optional software dependencies using meta-packages, avoiding complexity in package managers.
A guide on using RenovateBot's custom managers with regex to update package versions in non-standard file locations like Dockerfiles and C# code.
A guide to understanding and using the cargo.toml file, the central configuration file for managing Rust projects and dependencies with Cargo.
Fixing Xcode 16.1's Swift package fetch failure caused by a global Git configuration change.
Explains the Tip & Tail release model used by OpenJDK to manage Java library dependencies and releases, helping developers innovate faster.
A developer shares their experience migrating their Neovim configuration from lazy.nvim to the rocks.nvim package manager, discussing its benefits and drawbacks.
Discusses the challenges of keeping software dependencies updated and compares manual vs. automated strategies for managing updates effectively.
A reference list of Maven coordinates (groupId and artifactId) for the most popular JDBC drivers, sourced from jOOQ integration tests.
A guide to configuring Dependabot for automated npm dependency updates, including targeted updates for critical packages.
A guide to using Nix for creating isolated, per-project development environments to manage different dependency versions without conflicts.
