// Update Python dependencies with uv, regenerate lock and Konflux requirements files, then verify lint, types, and tests. Fix breakage from API changes in bumped packages. Use when the user says "deps update", "bump dependencies", or "update deps".
Find functions with high cyclomatic complexity, length, or parameter count. Use when the user asks for complexity hotspots or refactor candidates.
Find unused functions, classes, imports, and unreachable code paths. Use when the user asks for dead code or cleanup candidates.
Find code duplication in the codebase. Supports branch-scoped or full sweep. Use when the user asks to find duplicated code or repeated patterns before a PR.
Investigate CI job failures on a GitHub pull request (checks, Prow, or GitHub Actions). Use when the user pastes a PR URL and asks about CI failures or red checks.
Step-by-step workflow for committing staged changes and opening a pull request for lightspeed-agentic-sandbox.
Performs a strict clean rebase of a feature branch onto main with minimal conflict resolution and full validation. Use when the user asks to rebase carefully and run tests + verify until green.
| name | deps-update |
| description | Update Python dependencies with uv, regenerate lock and Konflux requirements files, then verify lint, types, and tests. Fix breakage from API changes in bumped packages. Use when the user says "deps update", "bump dependencies", or "update deps". |
This repository uses uv, uv.lock, and make requirements to produce
requirements.x86_64.txt and requirements.aarch64.txt for Konflux hermetic
builds (see CLAUDE.md / AGENTS.md).
Before changing anything:
upstream vs origin):
git fetch upstream # or: git fetch origin
git checkout upstream/main # or: origin/main
git checkout -b chore/deps-update
uv lock --check to confirm the lock file is consistent.uv run python --version to record the Python version.If a specific package was requested, bump only that package:
uv lock --upgrade-package {package}
uv sync --all-extras
Otherwise bump everything:
uv lock --upgrade
uv sync --all-extras
Capture the output of uv lock --upgrade — it lists version changes for the
commit message and report.
Then regenerate pinned requirements for both architectures:
make requirements
make format
make verify
If verification fails, fix calling code to match new APIs (do not pin old versions unless there is a confirmed upstream regression). Re-run until clean.
make test
Same triage as in the original deps-update skill: distinguish API-induced test breakage from real regressions.
git diff --name-only
If only pyproject.toml, uv.lock, and requirements.*.txt changed —
you may commit with a clear message after summarizing bumps for the user.
If source or test files changed — wait for user acknowledgment before committing. Then use raise-pr to open the PR.
Typical commit for deps-only:
git add pyproject.toml uv.lock requirements.x86_64.txt requirements.aarch64.txt
git commit -m "chore: bump dependencies"
requirements.*.txt — always regenerate via make requirements.make verify + make test.