一键导入
dependency-management-principles
Dependency management: version pinning, vulnerability scanning, dependency hygiene. go.mod, package.json, Cargo.toml, pubspec.yaml.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Dependency management: version pinning, vulnerability scanning, dependency hygiene. go.mod, package.json, Cargo.toml, pubspec.yaml.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
WCAG accessibility: semantic HTML, ARIA, keyboard nav, contrast, screen readers. For all user-facing interfaces.
Document architectural decisions using ADR format. Use during research when choosing approaches, introducing deps/patterns, or changing arch.
REST/HTTP API design: resource naming, status codes, error formats, versioning, pagination.
Kubernetes deployment and GitOps patterns: rolling/blue-green/canary strategies, ArgoCD/Flux manifests, K8s secrets management. Supplement to ci-cd-principles.
CI/CD pipeline patterns: stages, Dockerfile, GitHub Actions, artifact management, environment promotion, rollback. Layered by deployment complexity.
Structured code review protocol: inspect against full rule set. Use for audit workflows, code reviews, or when user requests review. Produces findings document with severity tags.
| name | dependency-management-principles |
| description | Dependency management: version pinning, vulnerability scanning, dependency hygiene. go.mod, package.json, Cargo.toml, pubspec.yaml. |
| user-invocable | false |
Production: exact versions (1.2.3, not ^1.2.0). Prevents supply chain attacks, unexpected breakage. Reproducible builds.
Lock files: package-lock.json, pnpm-lock.yaml, yarn.lock, Cargo.lock, go.sum, pubspec.lock, poetry.lock.
Every dep = liability (security, build time, maintenance). Before adding: "50 lines to implement?" "Critical?" "Actively maintained?" "Latest stable?"