Keeping Track of Node Package Versions with Prometheus
The guy who wrote this is gone.
The guy who wrote this is now a consultant at the company.
The guy who wrote this is retired.
NPM passed a total number of 1 million unique packages last June. It is common for our backend applications to depend on the top ten packages:
- lodash
- request
- react
- express
- moment
- async
- … Etc
And those packages are being updated every month! Who has the time to keep track of what package is running in which services in production?
As soon as you have a product deployed into the production environment and serving customers, you will have a need to stay on top of packages.
A recent example is the Amazon RDS Certificate Authority change that required most Node developers who use Database SSL connection (a good idea in general) to update their mysql packages.
It is easy enough to update the package by doing a quick scan in package.json if you only have Dev andProd environments and a backend monolith. But, what if you have microservices and more environments?
