Cleaning House in an Nx Monorepo: Removing 120 Unused Dependencies Safely By John James | Published 9/27/2025 | Read time ~3 min --- Overview The author used Knip to identify and remove around 120 unused dependencies from a large Nx monorepo containing roughly 500 dependencies. This cleanup reduced install times by about one minute and cut down security warnings, improving overall developer experience. --- The Situation Large Nx monorepo with ~500 dependencies scattered across apps and libs. Installs were slow; security alerts were noisy. Goal: clean up dependencies without breaking builds or developer workflow. --- Why Knip over Depcheck? Depcheck was the previous tool but is outdated and struggles with modern setups and monorepos. Knip is actively maintained, monorepo-aware, and better at analyzing entry points and config references. Knip builds a dependency graph based on imports and package.json entries, providing a solid initial hint at unused packages. --- Process Initial Scan: Run yarn dlx knip to list unused dependencies. Testing Safety: Run these commands to catch breakages after removals: Iterative Removal: Uninstall each flagged package. Run full build, test, lint, e2e, codegen/typegen. Boot the relevant app locally. If breakage occurs, reinstall and document the reason in a Knip ignore list. Address False Positives: About 40% were false positives, common cases included: Dependencies referenced only in configs (Jest presets/runners). CLI tools used only in scripts or CI. Plugin discovery patterns. Type-only or build tool dependencies. Maintained an ignore list with comments for future clarity. --- Sample Knip Configuration Monorepo-aware configuration with workspace-specific and global ignored dependencies: --- Verification Loop Remove one package at a time. Build, test, lint, and run dev servers to confirm stability. Conduct preview deploys and manual checks for missing assets or console errors. Restore any causing issues and add to ignore list. --- Results Reduced from ~510 to ~390 unique packages. Saved approximately 1 minute on yarn install in local and CI environments. Reduced CVE security alerts. No disruptions to developer workflow or application stability. --- Insights on Knip’s Effectiveness Excels at common React and server app entry points and conventional config file scanning. Struggles with dependencies used only in scripts or CI. Human validation remains essential to avoid false removals. --- Best Practices for Merging Batch PR to avoid spamming multiple small changes. Deploy to a preview branch and test thoroughly. Merge during low-traffic times for easy rollbacks if necessary. --- Additional Features Knip can also detect unused files, enums, and types—useful for code cleanup. Same caution applies: treat findings as hints, verify before removal. --- Future Recommendations Integrate Knip into CI pipelines initially as a report-only tool. Allow a sprint to tune ignore lists. Optionally fail builds on new unused dependencies to prevent bloat resurgence. --- Summary The author’s approach combined the power of Knip’s dependency