matthewblewitt/npm-checklist.md

Created November 29, 2018 12:00

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/matthewblewitt/95f467ce99498281c645bcceb83c7f00.js"></script>
Save matthewblewitt/95f467ce99498281c645bcceb83c7f00 to your computer and use it in GitHub Desktop.

Download ZIP

npm checklist

Raw

npm-checklist.md

Always use latest npm via npm install -g npm@latest
Make distinction between dependencies and devDependencies
Use reproducible builds via npm ci (requires lockfiles on all projects)
Exclude devDependencies from production builds using npm ci --production
Regularly review npm audit reports and make production issues a release blocker

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment