| name | update-package-locks |
| description | Use when refreshing package-lock.json files in ng-mocks. |
Use this skill when the task is to refresh lockfiles without permanently changing the repo's normal install flow.
Create a plain Markdown checklist that AI Agent can follow:
- [ ] Identify which lockfiles and compose services need to change
- [ ] Run `npm update` wrapper to update dependencies
- [ ] Run `npm install` wrapper flow to normalize lockfiles
- [ ] Confirm the update and install wrapper passes completed
- [ ] Summarize results, risks, and follow-ups
compose.yml.npm install to npm update.sh compose.sh <target> to refresh dependencies.compose.yml back to npm install.sh compose.sh <target> again so the resulting lockfile matches the normal CI install flow.sh test.sh <target> for this pure lockfile refresh workflow unless the user explicitly asks for tests or the task includes non-lockfile code changes that need test coverage.# Root lockfile
sh compose.sh root
# tests-e2e lockfile
sh compose.sh e2e
# Specific target lockfile
sh compose.sh <target>
sh compose.sh <target> once while the service command is temporarily npm update, then sh compose.sh <target> again after restoring npm install.sh compose.sh once with all relevant service commands temporarily set to npm update, then running sh compose.sh again after restoring all service commands to npm install.sh test.sh as part of this skill's default validation.compose.yml in an npm update state after finishing.npm install, npm update, or ad-hoc node commands when the wrapper flow covers the task.COMPOSE_PROJECT_NAME.Use when triaging or fixing ng-mocks GitHub issues and bug reports in a dedicated worktree based on upstream/main, with a local issue-* regression test, a focused source fix, coverage validation, e2e matrix checks, a conventional commit message, and a pull request.
Use when syncing or simplifying example code in docs/articles or README.md so embedded docs samples stay aligned with examples tests while removing compatibility noise from the published snippets.
Use when preparing GitHub Dependabot pull requests by listing open PRs, verifying they are authored by app/dependabot, enabling auto-merge, and approving them without merging manually.
Use when replaying the current local branch onto upstream/main, or onto another provided remote branch, by stashing local changes, resetting to the target branch, and cherry-picking missing commits back one by one.
Use when updating major Node.js versions across ng-mocks projects, including CI/CD, .nvmrc, Docker images, npm compatibility, @types/node, and wrapper-based validation.