A developer's analysis of when to write custom code versus using open-source packages, considering maintenance, team skills, and bundle size.
A developer argues for proactively cleaning up unused code and dependencies to prevent future technical debt and hidden bugs.
A guide on implementing Dependabot for automated dependency updates and vulnerability management to improve software supply chain security.
A developer explores issues building Apache Flink with modern Maven due to blocked HTTP repositories in dependencies, offering troubleshooting insights.
A developer details issues building Apache Flink with modern Maven due to blocked HTTP repositories in dependencies, offering troubleshooting insights.
Explains and resolves the 'Cannot resolve symbol VERSION_3_17' compilation error in jOOQ generated code due to version mismatches.
A developer details their journey rewriting their personal blog's static site generator from Haskell/Hakyll to a custom Rust solution to improve speed and reduce dependencies.
Explains how to use Directory.Packages.props to centrally manage NuGet package versions across multiple projects in a .NET solution.
Explains how to upgrade indirect npm dependencies, covering semantic versioning, caret/tilde ranges, and practical steps for security updates.
A developer shares the process of creating and distributing a Lua package using LuaRocks, despite the package being unfinished and having quirks.
Practical strategies for updating PHP projects when external dependencies don't yet support the latest PHP version, including testing, contributing, and finding alternatives.
Explains how to use a specific folder from a GitHub repository as an npm dependency using the degit tool.
Satirical proposal to pay developers to delete npm modules, highlighting security risks of excessive dependencies in the Node ecosystem.
A critique of Python's chaotic packaging ecosystem and its negative impact on Linux distribution maintainers, calling for the PSF to address the issue.
Critique of proxy.golang.org's permanent caching, which hides broken dependencies and creates hidden risks in the Go ecosystem.
A guide on how to upgrade Node.js dependencies and fix vulnerabilities after running a yarn audit, including manual and automated methods.
A guide to using Pipenv for managing Python virtual environments, focusing on deterministic dependency resolution with Pipfile.lock.
A guide to creating and managing Python virtual environments using the native venv module, with helpful bash functions.
Explains the Facade design pattern in JavaScript, focusing on managing dependencies and simplifying complex APIs for better code maintainability.
Explains the purpose and mechanics of package-lock.json in Node.js projects, detailing how it ensures consistent dependency installations.
