When possible, I prefer to upgrade dependencies incrementally rather than making several version jumps. So, we try not to go from React 16 to 19. We go from 16 to 17, then to 18, and finally to 19. The Risks of Jumping Multiple Versions It’s very tempting to jump to the latest release. It feels like time travel; putting your application on the latest in the fewest number of steps. What’s not to like? ...
A policy I favor with dependency management: go forward. Going backward is an exception that we must plan to remedy. Example Consider a CVE in a dependency at version 5.0 (v5.0). We’re advised that v6.0 and v4.0 are safe. Which way should we go, forward or backward? We want to default to forward. Even if we’ve been on v4.0 before and know it is compatible. Even if we aren’t sure that v6.0 is “solid” or if it takes some code changes to implement. ...
Permanently forking a library is something I’ve observed on several teams. But, there are tradeoffs that aren’t always obvious. ...
Don’t miss my next essay
Hear from me immediately when I post: no ads, unsubscribe anytime.