Frontend dependencies

We use yarn@1 to manage frontend dependencies.

There are a few exceptions in the GitLab repository, stored in vendor/assets/.

What are production and development dependencies?

These dependencies are defined in two groups within package.json, dependencies and devDependencies. For our purposes, we consider anything that is required to compile our production assets a “production” dependency. That is, anything required to run the webpack script with NODE_ENV=production. Tools like eslint, jest, and various plugins and tools used in development are considered devDependencies. This distinction is used by omnibus to determine which dependencies it requires when building GitLab.

Exceptions are made for some tools that we require in the compile-production-assets CI job such as webpack-bundle-analyzer to analyze our production assets post-compile.

Updating dependencies

See the main Dependencies page for general information about dependency updates.

Blocked dependencies

We discourage installing some dependencies in GitLab repository because they can create conflicts in the dependency tree. Blocked dependencies are declared in the blockedDependencies property of the GitLab package.json.

Dependency notes


BootstrapVue is a component library built with Vue.js and Bootstrap. We wrap BootstrapVue components in GitLab UI with the purpose of applying visual styles and usage guidelines specified in the Pajamas Design System. For this reason, we recommend not installing BootstrapVue directly in the GitLab repository. Instead create a wrapper of the BootstrapVue component you want to use in GitLab UI first.