ワンクリックで
ln-710-dependency-upgrader
Coordinates dependency upgrades across all detected package managers
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Coordinates dependency upgrades across all detected package managers
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
| name | ln-710-dependency-upgrader |
| description | Coordinates dependency upgrades across all detected package managers |
Paths: File paths (
shared/,references/,../ln-*) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root.
Type: L2 Domain Coordinator Category: 7XX Project Bootstrap Parent: ln-700-project-bootstrap
Coordinates dependency upgrades by detecting package managers and delegating to appropriate L3 workers.
| Aspect | Details |
|---|---|
| Input | Detected stack from ln-700 |
| Output | All dependencies upgraded to latest compatible versions |
| Workers | ln-711 (npm), ln-712 (nuget), ln-713 (pip) |
See diagram.html for visual workflow.
Phases: Pre-flight → Detect → Security Audit → Delegate → Collect → Verify → Report
Verify project state before starting upgrade.
| Check | Method | Block if |
|---|---|---|
| Uncommitted changes | git status --porcelain | Non-empty output |
| Create backup branch | git checkout -b upgrade-backup-{timestamp} | Failure |
| Lock file exists | Check for lock file | Missing (warn only) |
Skip upgrade if uncommitted changes exist. User must commit or stash first.
| Package Manager | Indicator Files | Worker |
|---|---|---|
| npm | package.json + package-lock.json | ln-711 |
| yarn | package.json + yarn.lock | ln-711 |
| pnpm | package.json + pnpm-lock.yaml | ln-711 |
| nuget | *.csproj files | ln-712 |
| pip | requirements.txt | ln-713 |
| poetry | pyproject.toml + poetry.lock | ln-713 |
| pipenv | Pipfile + Pipfile.lock | ln-713 |
| Package Manager | Command | Block Upgrade |
|---|---|---|
| npm | npm audit --audit-level=high | Critical only |
| pip | pip-audit --json | Critical only |
| nuget | dotnet list package --vulnerable | Critical only |
| Option | Default | Description |
|---|---|---|
| minimumReleaseAge | 14 days | Skip packages released < 14 days ago |
| ignoreReleaseAge | false | Override for urgent security patches |
Per Renovate best practices: waiting 14 days gives registries time to pull malicious packages.
CRITICAL: All delegations use Task tool with
subagent_type: "general-purpose"for context isolation.
Prompt template:
Task(description: "Upgrade deps via ln-71X",
prompt: "Execute ln-71X-{worker}. Read skill from ln-71X-{worker}/SKILL.md. Context: {delegationContext}",
subagent_type: "general-purpose")
Anti-Patterns:
Each worker receives standardized context:
| Field | Type | Description |
|---|---|---|
| projectPath | string | Absolute path to project |
| packageManager | enum | npm, yarn, pnpm, nuget, pip, poetry, pipenv |
| options.upgradeType | enum | major, minor, patch |
| options.allowBreaking | bool | Allow breaking changes |
| options.testAfterUpgrade | bool | Run tests after upgrade |
| Package Manager | Worker | Notes |
|---|---|---|
| npm, yarn, pnpm | ln-711-npm-upgrader | Handles all Node.js |
| nuget | ln-712-nuget-upgrader | Handles .NET projects |
| pip, poetry, pipenv | ln-713-pip-upgrader | Handles all Python |
| Field | Type | Description |
|---|---|---|
| status | enum | success, partial, failed |
| upgrades[] | array | List of upgraded packages |
| upgrades[].package | string | Package name |
| upgrades[].from | string | Previous version |
| upgrades[].to | string | New version |
| upgrades[].breaking | bool | Is breaking change |
| warnings[] | array | Non-blocking warnings |
| errors[] | array | Blocking errors |
| Stack | Command |
|---|---|
| Node.js | npm run build or yarn build |
| .NET | dotnet build --configuration Release |
| Python | pytest or python -m pytest |
| Field | Type | Description |
|---|---|---|
| totalPackages | int | Total packages analyzed |
| upgraded | int | Successfully upgraded |
| skipped | int | Already latest |
| failed | int | Rolled back |
| breakingChanges | int | Major version upgrades |
| buildVerified | bool | Build passed after upgrade |
| duration | string | Total time |
Options:
# Upgrade scope
upgradeType: major # major | minor | patch
# Breaking changes
allowBreaking: true
autoMigrate: true # Apply known migrations
# Security
auditLevel: high # none | low | moderate | high | critical
minimumReleaseAge: 14 # days, 0 to disable
blockOnVulnerability: true
# Scope
skipDev: false # Include devDependencies
skipOptional: true # Skip optional deps
# Verification
testAfterUpgrade: true
buildAfterUpgrade: true
# Rollback
rollbackOnFailure: true
| Error | Recovery |
|---|---|
| Peer dependency conflict | Try --legacy-peer-deps |
| Build failure | Rollback package, continue |
| Network timeout | Retry 3 times |
| Error | Action |
|---|---|
| No package managers found | Skip this step |
| All builds fail | Report to parent, suggest manual review |
Version: 1.1.0 Last Updated: 2026-01-10