Dependency Graph - CI/CD Glossary Definition
A dependency graph is the directed graph of which packages depend on which others, used by resolvers to install a consistent set and by tools to find vulnerabilities and detect cycles.
What it powers
Resolution, deduplication, and security scanning all walk this graph. GitHubs Dependabot reads it to alert on vulnerable transitive packages buried deep in the tree.
Inspecting it
Use npm ls, pipdeptree, or cargo tree to print the graph and see why a given version was selected.
Related guides
Transitive Dependency - CI/CD Glossary DefinitionTransitive Dependency: A transitive dependency is a package you do not require directly but that one of your…
Peer Dependency - CI/CD Glossary DefinitionPeer Dependency: A peer dependency is a package your library expects the host project to provide rather than…
Monorepo Tooling - CI/CD Glossary DefinitionMonorepo Tooling: Monorepo tooling is software (Nx, Turborepo, Bazel, Lerna, pnpm workspaces) that manages ma…