JavaScript with npm
We support JavaScript and Yarn in all versions transparently. The following Yarn features are supported:
| Lockfiles | ✓ | Automatically detected and generated |
| Private registries | ✓ | Automatically detected, but Depfu needs authentication details |
| Private scopes | ✓ | Automatically detected, but Depfu needs authentication details |
| Workspaces | ✓ | Automatically detected and updated (beta) |
| Updating of Git gems | In Beta | |
External registries
We support private packages on npmjs.org and dedicated external registries, be it SaaS registries like like Gemfury and packagecloud or self-hosted like your own NPM registry and tools like Verdaccio.
Packages from monorepos
In the JavaScript ecosystem it’s quite common to have many smaller packages, all coming from a single monorepo. Some prominent examples are React and Babel. These frameworks are split up into several individual packages, but they’re always getting released at the same time and with the same version number.
So when we encounter a new release from one of these packages, we check if the same exact version got released for the other packages from the same monorepo as well. If yes, we group them together into a single PR, that will update all packages you’re using from that group.
Workspaces
Workspaces support for npm is currently in beta, so please report anything strange or wrong you're seeing.
An npm project with configured workspaces is automatically detected and the workspaces' package.json files are updated in the same manner as the root one. The workspaces in the subdirectories do not have to be added one by one to Depfu, in fact, doing that will probably break things.