Large dependency graph #221
Comments
kachkaev
changed the title
|
We could accept a PR swapping this dependency for a lighter alternative. I'm not sure what that alternative would be though. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
👋 folks! I’ve just tried
manypkginstead ofcheck-dependency-version-consistency– looks great!There is a minor internal issue I would like to bring up. Installing
@manypkg/[email protected]adds quite a lot of transient dependencies some of which are quite dated. An example would be[email protected]that has not been updated for six years.Because of that, the lock file gets quite polluted. Here is my diff after swapping
check-dependency-version-consistencywith@manypkg/cli(quite a lot of new stuff):Because the new dependency graph is quite big and parts of it are dated, there is a risk of bumping into security advisories that will be hard to address. It’d be great if the number of deps could be made smaller and libraries like
spawndamnitcould be replaced with something else, if possible.Despite this small concern, great tool folks! I really like the simplicity of the DX you’ve created!
The text was updated successfully, but these errors were encountered: