OpenSkillIndex← back to search
claude-codeautomation

Claude-skill-registry ln-710-dependency-upgrader

Coordinates dependency upgrades across all detected package managers

install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/ln-710-dependency-upgrader" ~/.claude/skills/majiayu000-claude-skill-registry-ln-710-dependency-upgrader-cf69fc && rm -rf "$T"
manifest: skills/data/ln-710-dependency-upgrader/SKILL.md
tags
#dependency-management#package-upgrades#automation#npm#nuget#pip
source content

ln-710-dependency-upgrader

Type: L2 Domain Coordinator Category: 7XX Project Bootstrap Parent: ln-700-project-bootstrap

Coordinates dependency upgrades by detecting package managers and delegating to appropriate L3 workers.

Overview

AspectDetails
InputDetected stack from ln-700
OutputAll dependencies upgraded to latest compatible versions
Workersln-711 (npm), ln-712 (nuget), ln-713 (pip)

Workflow

See diagram.html for visual workflow.

Phases: Pre-flight → Detect → Security Audit → Delegate → Collect → Verify → Report

Phase 0: Pre-flight Checks

Verify project state before starting upgrade.

CheckMethodBlock if
Uncommitted changes
git status --porcelain
Non-empty output
Create backup branch
git checkout -b upgrade-backup-{timestamp}
Failure
Lock file existsCheck for lock fileMissing (warn only)

Skip upgrade if uncommitted changes exist. User must commit or stash first.

Phase 1: Detect Package Managers

Detection Rules

Package ManagerIndicator FilesWorker
npmpackage.json + package-lock.jsonln-711
yarnpackage.json + yarn.lockln-711
pnpmpackage.json + pnpm-lock.yamlln-711
nuget*.csproj filesln-712
piprequirements.txtln-713
poetrypyproject.toml + poetry.lockln-713
pipenvPipfile + Pipfile.lockln-713

Phase 2: Security Audit (Pre-flight)

Security Checks

Package ManagerCommandBlock Upgrade
npm
npm audit --audit-level=high
Critical only
pip
pip-audit --json
Critical only
nuget
dotnet list package --vulnerable
Critical only

Release Age Check

OptionDefaultDescription
minimumReleaseAge14 daysSkip packages released < 14 days ago
ignoreReleaseAgefalseOverride for urgent security patches

Per Renovate best practices: waiting 14 days gives registries time to pull malicious packages.

Phase 3: Delegate to Workers

CRITICAL: All delegations use Task tool with 

subagent_type: "general-purpose"
for context isolation.

Prompt template:

Task(description: "Upgrade deps via ln-71X",
     prompt: "Execute ln-71X-{worker}. Read skill from ln-71X-{worker}/SKILL.md. Context: {delegationContext}",
     subagent_type: "general-purpose")

Anti-Patterns:

  • ❌ Direct Skill tool invocation without Task wrapper
  • ❌ Any execution bypassing subagent context isolation

Delegation Context

Each worker receives standardized context:

FieldTypeDescription
projectPathstringAbsolute path to project
packageManagerenumnpm, yarn, pnpm, nuget, pip, poetry, pipenv
options.upgradeTypeenummajor, minor, patch
options.allowBreakingboolAllow breaking changes
options.testAfterUpgradeboolRun tests after upgrade

Worker Selection

Package ManagerWorkerNotes
npm, yarn, pnpmln-711-npm-upgraderHandles all Node.js
nugetln-712-nuget-upgraderHandles .NET projects
pip, poetry, pipenvln-713-pip-upgraderHandles all Python

Phase 4: Collect Results

Result Schema

FieldTypeDescription
statusenumsuccess, partial, failed
upgrades[]arrayList of upgraded packages
upgrades[].packagestringPackage name
upgrades[].fromstringPrevious version
upgrades[].tostringNew version
upgrades[].breakingboolIs breaking change
warnings[]arrayNon-blocking warnings
errors[]arrayBlocking errors

Phase 5: Verify Build

Build Commands by Stack

StackCommand
Node.js
npm run build
or 
yarn build
.NET
dotnet build --configuration Release
Python
pytest
or 
python -m pytest

On Build Failure

  1. Identify failing package from error
  2. Search Context7/Ref for migration guide
  3. Apply known fixes
  4. If still fails: rollback package, log warning

Phase 6: Report Summary

Report Schema

FieldTypeDescription
totalPackagesintTotal packages analyzed
upgradedintSuccessfully upgraded
skippedintAlready latest
failedintRolled back
breakingChangesintMajor version upgrades
buildVerifiedboolBuild passed after upgrade
durationstringTotal time

Configuration

Options:
  # Upgrade scope
  upgradeType: major          # major | minor | patch

  # Breaking changes
  allowBreaking: true
  autoMigrate: true           # Apply known migrations

  # Security
  auditLevel: high            # none | low | moderate | high | critical
  minimumReleaseAge: 14       # days, 0 to disable
  blockOnVulnerability: true

  # Scope
  skipDev: false              # Include devDependencies
  skipOptional: true          # Skip optional deps

  # Verification
  testAfterUpgrade: true
  buildAfterUpgrade: true

  # Rollback
  rollbackOnFailure: true

Error Handling

Recoverable Errors

ErrorRecovery
Peer dependency conflictTry --legacy-peer-deps
Build failureRollback package, continue
Network timeoutRetry 3 times

Fatal Errors

ErrorAction
No package managers foundSkip this step
All builds failReport to parent, suggest manual review

References

Version: 1.1.0 Last Updated: 2026-01-10