I’ve been using NodeJS for a project of mine and I was used to setup my package.json in this way:
"some_external_lib": ">= 1.0.0",
"another_external_lib": ">= 1.4.0"
I thought: the newer a library is, the better.
And I was wrong. In this way there’s no control on what is going to production/staging servers, if a new version of some_external_lib becomes available, let’s say 1.5.0-i-am-very-alhpa, that unstable code will be deployed on production.
Since the local environment is no longer aligned with production/staging (even if we cast a npm install locally), any bug introduced by unstable code will be very hard to spot in the local environment (likely you’ll end up debugging on production server).
Lesson learned: eradicate any “>=” from your package.json.