Makefile

## Actions

# --ignore-platform - to avoid compilation binary files
# --no-bin-links - to not create executables in node_modules/.bin/
YARN_ARGS=\
--link-duplicates \
--no-bin-links \
--ignore-optional \
--ignore-scripts \
--disable-pnp \
--strict-semver \
--prefer-offline \
--non-interactive

restore:
	@yarn install --frozen-lockfile --force $(YARN_ARGS)

install: ##	Install the project dependencies
	@yarn install $(YARN_ARGS)

NPM.md

Version

Latest LTS Version: 18.12.1 (includes npm 8.19.2) — https://nodejs.org/en/download/

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md

"engines" : { 
    "npm" : ">=8.0.0 <9.0.0",
    "node" : ">=16.0.0 <17.0.0"
}

Versioning

So if you see ~1.0.2 it means to install version 1.0.2 or the latest patch version such as 1.0.4. If you see ^1.0.2 it means to install version 1.0.2 or the latest minor or patch version such as 1.1.0.

• = - fixed version (1.0.2)
• ~ - patches only (1.0.2, 1.0.4)
• ^ - monor only (1.0.2, 1.1.0)

Install

sudo npm install npm@latest -g

Update Node

sudo npm cache clean -f
sudo npm install -g n
sudo n stable

or with NVM:

nvm install stable

Project checkout

Install locked dependences

rm -rf node_modules/ && npm cache verify && npm ci

Refresh lock file

rm -rf node_modules/ package-lock.json && npm cache verify && npm install

Security

npx npm-check-updates -g
npm i --package-lock-only && npm audit; rm -f package-lock.json

Rebuild hooks

rm -rf .git/hooks && npm rebuild

Upgrade Babel

npx babel-upgrade --write

Update packages

Audit

npm audit fix --audit-level critical

• Critical: Highest severity that requires immediate attention.
• High: These findings need developers to address them urgently.
• Moderate: These findings are of medium severity and developers have more time to address them.
• Low: These findings are of the lowest severity and developers can remediate them at their convenience.

NCU

npx npm-check-updates -u

Outdated

npm outdated

Douples

npm find-dupes
npm dedupe

---

• https://github.com/nodesecurity/nsp
• http://npmplease.com/

package.json

{
  "scripts": {
    "cc": "rimraf node_modules/.cache/babel-loader && rimraf .expo/web/cache && rimraf ./node_modules/.cache/terser-webpack-plugin && rimraf android ios && watchman watch-del-all",
    "test": "jest",
    "test:watch": "jest --watchAll",
    "lint": "npm run lint:prettier && npm run lint:eslint",
    "lint:eslint": "eslint --cache --ignore-path .gitignore --fix --ext .ts,.tsx .",
    "lint:prettier": "prettier --cache --ignore-path .gitignore --write ./**/**/*.{ts,tsx,md,json}",
    "prepare": "husky install"
  },
  "jest": {
    "preset": "jest-expo"
  },
  "lint-staged": {
    "*.{ts,tsx}": [
      "eslint --cache --fix --ignore-path .gitignore --ext .ts,.tsx"
    ],
    "*.{ts,tsx,md,json}": "prettier --cache --write --ignore-path .gitignore"
  },
  "private": true
}

YARN.md

Get Started

brew

brew install yarn --without-node
brew link --overwrite yarn

corepack (recommended)

npm install -g corepack
corepack enable
yarn exec env

Switch yarn version

globally

corepack prepare [email protected] --activate

locally

yarn set version 1.22.21

Install

.yarnrc

--install.frozen-lockfile true

command:

NODE_ENV=development yarn install --frozen-lockfile --silent

Check dependencies

yarn why eslint - is a command to make yarn output what version is being used and why

Workspaces

yarn workspace run
yarn workspace some-package add @babel/preset-es2015 -S
yarn workspace some-package run test

• https://yarnpkg.com/blog/2017/08/02/introducing-workspaces/

Lerna

yarn global add lerna

Is Lerna is something different?

Update packages

yarn add ...@^.. --ignore-engines
yarn add ...@^.. -D --ignore-engines