5 Tips for Updating Project Dependencies

by | Jan 30, 2019

When you’ve been working on the same project for a while, and you’re focused on your sprint work, the project’s dependencies can get a tad out of date.  It can be even worse with projects you’re not actively working on but are still in production.  Bringing these back to the latest stable version on a regular basis is important for many reasons and here are a few tips to help get your project dependencies back up to date.


1. Document everything
Nothing is worse than getting part of the way into solving this mess and getting lost in the details causing you to have to start over from the beginning.  Taking organized notes as you go along can help you understand the scope of the changes needed as well as help keep you on track as you make progress.  Here are the items I tend to capture as I update dependencies:

  • Before State – what version each dependency was when I started the current round of updates
  • Latest Stable Version – what is the latest stable version of each dependency, even if I can’t upgrade that far
  • End State – what version I was able to upgrade to for each dependency
  • Date of Upgrade
  • Notes – What blocked me from getting to latest stable or what are the reasons I’m waiting to upgrade a particular dependency

2. Go slow and make granular commits
I’ve found that it pays to work through this slowly.  Trying too many updates at once increases the chances that you’ll find one breaking update that you can’t resolve right away, causing you to have to undo it all and start over.  Committing a very small number of updates at a time also helps in case you have to rollback.

3. Read the documentation
Doing a small amount of research into each dependency that need to be upgraded and what it depends on can help you understand the implications of the upgrade and what breaking changes you might be pulling in.

4. Update related dependencies together
I tend to do related dependencies together when I can as a way of keeping it all organized.  I’ve also found doing it this way can eliminate some of the errors since they might depend on each other.

5. Testing strategies
When updating project dependencies, testing is the most important step.  I smoke test every application that is affected, even when I think that the update is minimal.  Having a suite of automated tests to run really helps my confidence level too.  When updating dependencies in a shared library make sure to test all applications that might be affected.