~/VibeHandbook
$39
Read the BookReferencePhilosophyGet the PDFFAQ

Chapter 05 · 04

Packages and dependencies

Nobody writes a whole app from scratch. The hard, common problems — formatting dates, handling payments, rendering a calendar — have already been solved and packaged up by other people. A is a reusable chunk of code you pull into your project instead of writing it yourself. Your project's dependencies are the list of packages it relies on.

In the JavaScript world the tool that manages this is npm (Node Package Manager). Two files do the bookkeeping:

  • package.json — the human-readable list of what your project needs, plus the commands to run it. You (or the AI) edit this.
  • the (package-lock.json or similar) — an exact, machine-generated record of every package and its precise version, so the app builds identically on your machine, a teammate's, and the server. You don't edit this by hand; you let the tool manage it.
{
  "name": "my-app",
  "scripts": {
    "dev": "next dev",
    "build": "next build"
  },
  "dependencies": {
    "next": "16.0.0",
    "react": "19.0.0"
  }
}

Why care? When the AI says "let's add a library for this," it's editing package.json and you're trusting someone else's code — fewer, well-known dependencies are safer than a pile of obscure ones. And when a build mysteriously breaks, a mismatched is a usual suspect, where "delete and reinstall the packages" is a real, common fix.

Want it offline?

Get the PDF + EPUB + downloadable prompt library + version updates.

$ Get the PDF — $39