dependency-management_skill

This skill helps manage Rust and Node.js dependencies by adding, updating, auditing, and resolving conflicts across cargo and npm.
  • Shell

29

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill shunsukehayashi/miyabi-claude-plugins --skill dependency-management

  • SKILL.md4.3 KB

Overview

This skill manages Rust (Cargo) and Node.js (npm) dependencies: adding, updating, auditing, and resolving version conflicts. It automates safe update patterns, dependency-tree inspection, and security audits to keep projects buildable and secure. Use it to run targeted updates, fix conflicts, and enforce workspace-wide versions.

How this skill works

The skill runs common CLI commands (cargo, cargo-audit, cargo-udeps, npm) to inspect dependency trees, check for outdated packages, perform audits, and apply updates. It suggests update frequency by semantic version level, generates commands for targeted updates, and provides workspace-level patterns to unify versions. It also outlines conflict detection and concrete fixes (workspace pins, feature adjustments).

When to use it

  • Before or after dependency updates to validate build and tests
  • When a build or test fails due to version conflicts
  • On a regular cadence (weekly/monthly) for patch and minor updates
  • Before releases to ensure no known vulnerabilities
  • When cleaning unused dependencies or pruning duplicates

Best practices

  • Follow semantic update cadence: patch weekly, minor monthly, major quarterly
  • Run tests after every update: cargo test --all or npm test
  • Audit frequently: cargo audit and npm audit in CI with deny/exit rules
  • Use workspace-level dependency pins to avoid duplicate versions across crates
  • Prefer targeted updates for risky packages and run cargo tree / npm outdated to scope changes

Example use cases

  • Perform a safe patch update: run cargo update, cargo test --all, cargo audit
  • Resolve duplicate Rust crates: cargo tree -d, then unify with [workspace.dependencies]
  • Add a new npm package and audit: npm install <pkg>, npm audit, npm test
  • Detect unused Rust dependencies with cargo-udeps and remove them
  • Run CI checks that fail on vulnerabilities: cargo audit --deny warnings

FAQ

Use cargo tree -d to locate duplicates or cargo tree -i <crate> to see reverse dependencies; for npm use npm ls <pkg> to trace dependents.

When should I pin versions in a workspace?

Pin workspace dependencies when multiple crates must share a single implementation or when duplicate versions cause build/test instability; declare them under [workspace.dependencies].

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
dependency-management skill by shunsukehayashi/miyabi-claude-plugins | VeilStrat