name: deps_npm
router_kit: FullStackKit
description: npm/yarn dependency management, package.json best practices ve version control.
metadata:
skillport:
category: development
tags: [architecture, automation, best practices, clean code, coding, collaboration, compliance, debugging, deps npm, design patterns, development, documentation, efficiency, git, optimization, productivity, programming, project management, quality assurance, refactoring, software engineering, standards, testing, utilities, version control, workflow] - deps-security
📦 Deps NPM
npm dependency management ve best practices.
📋 package.json Best Practices
{
"name": "my-app",
"version": "1.0.0",
"engines": { "node": ">=20.0.0" },
"scripts": {
"dev": "vite",
"build": "tsc && vite build",
"lint": "eslint .",
"test": "vitest"
}
}
🔒 Version Control
| Prefix | Anlamı | Örnek |
|---|
^1.2.3 | Minor updates OK | 1.x.x |
~1.2.3 | Patch only | 1.2.x |
1.2.3 | Exact version | 1.2.3 |
npm ci
📊 Dependency Types
{
"dependencies": {},
"devDependencies": {},
"peerDependencies": {}
}
Deps NPM v1.1 - Enhanced
🔄 Workflow
Kaynak: NPM Security Best Practices
Aşama 1: Audit & Analysis
Aşama 2: Update Strategy
Aşama 3: CI/CD Protection
Kontrol Noktaları
| Aşama | Doğrulama |
|---|
| 1 | node_modules silinip npm ci yapılınca proje çalışıyor mu? |
| 2 | Production build, devDependencies olmadan çalışıyor mu? |
| 3 | Tüm versiyonlar 'Exact' veya 'Tilde/Caret' stratejisine uygun mu? |