如何保持 package.json 受控
Thu// September 11, 2025Tom MacWright
Thu// September 11, 2025Tom MacWright
Val Town is a React application with a ton of dependencies. It's complicated, and we have to deal with dependency upgrades all the time. We are committing the cardinal sin of overcomplicating the web: our node_modules directory is 863MB as of this writing. Whew!
Val Town 是一个依赖众多的 React 应用,很复杂,我们得不断处理依赖升级。我们正在犯下把 Web 搞复杂的大忌:截至本文写作时,我们的 node_modules 目录已达 863MB。哇!
Is it, though? Are we installing dependencies freely, taking on technical debt left and right? I'd say not really.
真的吗?我们是否在随意安装依赖,四处累积技术债?我觉得并非如此。
The thing is, there's some essential complexity in what we're trying to build. We aren't going to DIY our own TypeScript transpiler or avoid installing CodeMirror and use a textarea for our code editing. I spend a little time every week looking through package.json and thinking which of these can I remove? Sometimes I find a dependency that can be yanked, but a lot of times I come up empty-handed: we actually need all this junk. My ability to judge other people fades as I learn the hard way how principles make contact with reality.
问题在于,我们要构建的东西本身就存在本质复杂性。我们不会自己 DIY 一个 TypeScript 转译器,也不会为了代码编辑而弃用 CodeMirror 去用一个 textarea。我每周都会花点时间翻看 package.json,心里想着这些里哪些可以删掉?有时确实能拔掉一个依赖,但更多时候我空手而归:我们确实需要这一堆“垃圾”。随着我一次次在现实中碰壁,我对别人的评判能力也逐渐消退。
But that's not to say that there's no art in dependency grooming. There are a bunch of techniques and tools that all fit together into a general sort of dependency hygiene that I've developed. I'm not sure I've written it down anywhere in full. Here's a shot.
但这并不意味着依赖梳理没有艺术。我摸索出一套技巧和工具,组合成一套我称之为“依赖卫生”的做法。我好像还没完整写下来。这里试着整理一下。
Read all new dependencies (except React)
阅读所有新的依赖(React 除外)
Rule #1 is to read. This is very literal: read the source code of any dependency that you're about to introduce into your project. And, of course, the README. I highly recommend doing this the old fashioned way, with your eyes and brain, but LLMs can be helpful too if that's more your speed: but don't offload the whole task to a robot. Ac...