Governing npm Dependencies Across a Monorepo

To prevent dependency drift in a monorepo, use a single source of truth for versioning at the root level. This means each package declares its dependencies, but the version comes from the root. This approach ensures consistency and makes it easier to update dependencies. Use pnpm and tools like pnpm-lock.yaml to enforce this pattern.