Run any Skill in Manus with one click

$pwd:

dependency-upgrade

Name: Dependency Upgrade
Author: yu-iskw

// Upgrade outdated npm dependencies in the pnpm monorepo (recursive update, latest, targeted packages). Use when the user asks to upgrade dependencies, bump packages, refresh lockfile, pnpm update, outdated packages, latest versions, or dependency refresh—not monorepo release versions.

Run Skill in Manus

$ git log --oneline --stat

stars:0

forks:0

updated:May 14, 2026 at 00:33

File Explorer

2 files

SKILL.md

readonly

name	dependency-upgrade
description	Upgrade outdated npm dependencies in the pnpm monorepo (recursive update, latest, targeted packages). Use when the user asks to upgrade dependencies, bump packages, refresh lockfile, pnpm update, outdated packages, latest versions, or dependency refresh—not monorepo release versions.
compatibility	Requires pnpm and Node.js matching [.node-version](../../../.node-version). Run all install/update commands from the repository root where `pnpm-workspace.yaml` and `pnpm-lock.yaml` live. Does not replace the version-bump skill for workspace package `"version"` fields.

Dependency upgrade (pnpm workspace)

Trigger scenarios

Activate when the user says or implies:

Upgrade dependencies, devDependencies, outdated packages, or refresh the lockfile
pnpm update, bump npm packages, latest deps, get packages as new as possible
Upgrade one dependency everywhere it appears (e.g. @aws-sdk/client-s3 across workspaces)
Security / advisory-driven bumps (use updates + tests; do not claim CVE analysis without evidence)

Not this skill

Topic	Use instead
Bumping parser package versions	version-bump
Editing *`workspace:`** links	Leave as-is unless adding/removing packages

Dependencies live in dependencies / devDependencies / optionalDependencies. Release package semver is the "version" field—different workflow.

Why tiered upgrades (short)

Approach	Feasibility	Risk	Fit for agents	Score
Tiered: outdated → range update → targeted `@latest` → full `--latest` with consent	High	Controlled	Matches monorepo + CI	92
Only `pnpm -r update --latest`	High	High breaks	Poor default	45
npm-check-updates as primary	Medium	Medium	Second toolchain; pnpm is canonical here	48
Manual edit every package.json	Low	High drift	Error-prone	35
Upgrade without lint/test/knip	High	Unknown	Violates repo gates	unacceptable

Default path: inventory → conservative → targeted → aggressive only with explicit user OK.

Agent workflow

Inventory (recommended): From repo root, pnpm outdated -r. Optional: pnpm outdated -r --long if the installed pnpm supports it and the output helps triage.
Conservative (safest default): pnpm -r update — refreshes the lockfile within existing semver ranges in each package.json.
Targeted “newest” for named packages: pnpm -r update <pkg>@latest (e.g. pnpm -r update @aws-sdk/client-s3@latest) so every workspace that declares <pkg> moves to latest and package.json ranges update as pnpm applies. For a single workspace only: pnpm --filter <workspace-name> add <pkg>@latest (dev: pnpm --filter <ws> add -D <pkg>@latest).
Aggressive (requires explicit user consent): pnpm -r update --latest — may jump majors across the tree. State the risk; do not run without confirmation.

After any meaningful dependency or lockfile change:

pnpm lint:report
pnpm coverage:report
pnpm knip

All three must exit 0. If SDKs, bundlers, TypeScript, or ESLint majors moved, also run pnpm build or full root build script. See AGENTS.md quality gates.

Full command notes, examples, and edge cases: references/pnpm-upgrade-workflow.md.

related-skills.json

same repository

lint-fix.md

from "yu-iskw/dbt-artifacts-parser-ts"

Format code, run linters and static analysis, and find unused code (ESLint + Knip). Use when the user asks to fix lint, format code, run formatters, find dead code, unused exports, run knip, fix style, tidy code, or run eslint --fix.

2026-05-140

manage-adr.md

from "yu-iskw/dbt-artifacts-parser-ts"

Manage Architecture Decision Records (ADRs). Use this to initialize, create, list, and link ADRs to document architectural evolution. Requires 'adr-tools' to be installed.

2026-05-140

postmortem.md

from "yu-iskw/dbt-artifacts-parser-ts"

Use at the end of a coding session to summarize outcomes, failures, inefficiencies, and root causes, then output a concise postmortem report with ranked improvements for next time. Output only in chat; do not edit project files unless the user explicitly asks. Skip nit-picks and one-off mistakes.

2026-05-140

version-bump.md

from "yu-iskw/dbt-artifacts-parser-ts"

Interactively bump package versions for the parser package. Use when the user asks to bump version, increment version, set release version, or release dbt-artifacts-parser.

2026-05-140

dbt-parser-refresh.md

from "yu-iskw/dbt-artifacts-parser-ts"

Regenerates TypeScript types from dbt artifact JSON schemas. Use when the user asks to update parsers, sync with upstream, refresh types, or regenerate parser types from existing schemas.

2026-05-080

deep-problem-solving.md

from "yu-iskw/dbt-artifacts-parser-ts"

Interactive deep research and decision support: frame the real problem (XY-aware), ask exactly 10 multiple-choice questions one at a time, then produce a rigorous comparative evaluation (default 5 approaches, 0–100 scores) and recommendation. Use when the user wants structured discovery before committing to a solution, a scored comparison of approaches, or to avoid jumping straight to an answer—especially for architecture, strategy, or high-stakes trade-offs.

2026-04-130

package.json

"author": "yu-iskw"

"repository": "yu-iskw/dbt-artifacts-parser-ts"

View GitHub Repository View Creator Repositories

$ install --global

$ download --local

Run Skill in Manus

$ useful --forSOC

Software DevelopersComputer and Mathematical Occupations15-1252L4

name	dependency-upgrade
description	Upgrade outdated npm dependencies in the pnpm monorepo (recursive update, latest, targeted packages). Use when the user asks to upgrade dependencies, bump packages, refresh lockfile, pnpm update, outdated packages, latest versions, or dependency refresh—not monorepo release versions.
compatibility	Requires pnpm and Node.js matching [.node-version](../../../.node-version). Run all install/update commands from the repository root where `pnpm-workspace.yaml` and `pnpm-lock.yaml` live. Does not replace the version-bump skill for workspace package `"version"` fields.

Dependency upgrade (pnpm workspace)

Trigger scenarios

Activate when the user says or implies:

Upgrade dependencies, devDependencies, outdated packages, or refresh the lockfile
pnpm update, bump npm packages, latest deps, get packages as new as possible
Upgrade one dependency everywhere it appears (e.g. @aws-sdk/client-s3 across workspaces)
Security / advisory-driven bumps (use updates + tests; do not claim CVE analysis without evidence)

Not this skill

Topic	Use instead
Bumping parser package versions	version-bump
Editing *`workspace:`** links	Leave as-is unless adding/removing packages

Dependencies live in dependencies / devDependencies / optionalDependencies. Release package semver is the "version" field—different workflow.

Why tiered upgrades (short)

Approach	Feasibility	Risk	Fit for agents	Score
Tiered: outdated → range update → targeted `@latest` → full `--latest` with consent	High	Controlled	Matches monorepo + CI	92
Only `pnpm -r update --latest`	High	High breaks	Poor default	45
npm-check-updates as primary	Medium	Medium	Second toolchain; pnpm is canonical here	48
Manual edit every package.json	Low	High drift	Error-prone	35
Upgrade without lint/test/knip	High	Unknown	Violates repo gates	unacceptable

Default path: inventory → conservative → targeted → aggressive only with explicit user OK.

Agent workflow

Inventory (recommended): From repo root, pnpm outdated -r. Optional: pnpm outdated -r --long if the installed pnpm supports it and the output helps triage.
Conservative (safest default): pnpm -r update — refreshes the lockfile within existing semver ranges in each package.json.
Targeted “newest” for named packages: pnpm -r update <pkg>@latest (e.g. pnpm -r update @aws-sdk/client-s3@latest) so every workspace that declares <pkg> moves to latest and package.json ranges update as pnpm applies. For a single workspace only: pnpm --filter <workspace-name> add <pkg>@latest (dev: pnpm --filter <ws> add -D <pkg>@latest).
Aggressive (requires explicit user consent): pnpm -r update --latest — may jump majors across the tree. State the risk; do not run without confirmation.

After any meaningful dependency or lockfile change:

pnpm lint:report
pnpm coverage:report
pnpm knip

All three must exit 0. If SDKs, bundlers, TypeScript, or ESLint majors moved, also run pnpm build or full root build script. See AGENTS.md quality gates.

Full command notes, examples, and edge cases: references/pnpm-upgrade-workflow.md.

dependency-upgrade

Dependency upgrade (pnpm workspace)

Trigger scenarios

Not this skill

Why tiered upgrades (short)

Agent workflow

More from this repository

More from this repository

Dependency upgrade (pnpm workspace)

Trigger scenarios

Not this skill

Why tiered upgrades (short)

Agent workflow