There can be many benefits to updating your packages. But, of course, there can also be some downsides. We'll take a look at both as well as some considerations for picking a package version, which can help reduce the possible downsides.
The upsides
- Security updates - making your codebase more secure
- New features - making it possible to use latest js/packages features
- Bug fixes - making available to devs any package bug fixes (they do happen)
- Optimizations - being able to take advantage of any significant code optimizations in packages or other general improvements
- Future-proofing - making it easier to make any future version updates and better future-proofing your code
- Lowering build artifacts sizes - going through your packages might show you some packages that are no longer needed because of other dependency updates or have you realize a package was just not being used. Whatever the method, this can lead to a lower final bundle size, which can speed up various parts of your CI/CD process as well as improve the user experience.
The downsides
- Testing needs - it is very important to be aware that updating packages can also introduce new bugs as well as regressions in terms of performance and/or functionality. Therefore, it is imperative to properly test your application, especially after making major package changes.
- Version conflicts - depending on the complexity of your application and the amount of package used/installed, there might be conflicts between required package versions.
npm can deal with some of these but usually these will have to be manually resolved.
- Time - because of the possible need for extra testing, writing new tests, and resolving package version conflicts, updating package versions will take time. It is good to account for that.
Picking a version
It is also good to be aware that updating to the latest available version might not always be the best option. There are various things to consider when picking a package version.
- Most popular - Sometimes, compromising a little by using the latest, most popular version can yield you many other benefits. Such as:
- Documentation availability - being able to more easily parse through existing documentation if one for the old/new code is not existent or not as detailed
- Community support - there tends to be more help and knowledge available for package versions that were more widely used and/or were used for longer periods of time
- Guidelines - Other times, you might want to refer to the maintainers of the package. There might be some guidelines from them as to how long specific package versions will be maintained for and how the version numbers reflect that, similar to Node.js's even/odd release cycle.
- Minor/major - minor version releases (e.g. 1.1 -> 1.2) tend to have a lower chance of containing breaking changes than major ones (e.g. 1.x -> 2.x). Using this method can still help solve issues like resolving bugs in the package but is less likely to be future-proof, if there are newer major versions.
- Compatibility - this one is more so a requirement for consideration. The chose package version must be able to be installed with your other packages.
Happy versioning!
