1.6 KiB
1.6 KiB
Dependency Lifecycle Management
Purpose
Keep dependencies healthy over time by balancing security, compatibility, maintainability, and upgrade cost.
When to use
- Upgrading libraries, frameworks, runtimes, or tooling
- Auditing dependency risk or staleness
- Reducing upgrade backlog and ecosystem drift
- Planning how to adopt breaking changes safely
Inputs to gather
- Current dependency versions and their role in the system
- Changelogs, upgrade guides, and breaking changes
- Existing test coverage and high-risk integration points
- Security, support-window, or maintenance concerns
How to work
- Prefer focused upgrade batches that are easy to validate and revert.
- Separate mechanical version bumps from behavior-changing adaptation when possible.
- Read authoritative release notes before changing usage patterns.
- Verify the highest-risk integration paths, not just installation success.
- Capture follow-up work when a safe incremental upgrade leaves known deprecated patterns behind.
Output expectations
- Upgrade plan or completed upgrade with adaptation notes
- Risk summary for changed dependencies
- Verification results and known remaining debt
Quality checklist
- The upgrade reduces risk or maintenance burden meaningfully.
- Breaking changes are understood before implementation.
- Validation covers the most likely failure surfaces.
- Residual deprecations or postponed steps are documented clearly.
Handoff notes
- Note whether the work is a full upgrade, a safe intermediate step, or a reconnaissance pass.
- Pair with test strategy and release/change summary when adoption affects developer workflow or runtime behavior.