- Home
- Skills
- Shunsukehayashi
- Miyabi Claude Plugins
- Dependency Management
dependency-management_skill
- Shell
29
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill shunsukehayashi/miyabi-claude-plugins --skill dependency-management- SKILL.md4.3 KB
Overview
This skill manages Rust (Cargo) and Node.js (npm) dependencies: adding, updating, auditing, and resolving version conflicts. It automates safe update patterns, dependency-tree inspection, and security audits to keep projects buildable and secure. Use it to run targeted updates, fix conflicts, and enforce workspace-wide versions.
How this skill works
The skill runs common CLI commands (cargo, cargo-audit, cargo-udeps, npm) to inspect dependency trees, check for outdated packages, perform audits, and apply updates. It suggests update frequency by semantic version level, generates commands for targeted updates, and provides workspace-level patterns to unify versions. It also outlines conflict detection and concrete fixes (workspace pins, feature adjustments).
When to use it
- Before or after dependency updates to validate build and tests
- When a build or test fails due to version conflicts
- On a regular cadence (weekly/monthly) for patch and minor updates
- Before releases to ensure no known vulnerabilities
- When cleaning unused dependencies or pruning duplicates
Best practices
- Follow semantic update cadence: patch weekly, minor monthly, major quarterly
- Run tests after every update: cargo test --all or npm test
- Audit frequently: cargo audit and npm audit in CI with deny/exit rules
- Use workspace-level dependency pins to avoid duplicate versions across crates
- Prefer targeted updates for risky packages and run cargo tree / npm outdated to scope changes
Example use cases
- Perform a safe patch update: run cargo update, cargo test --all, cargo audit
- Resolve duplicate Rust crates: cargo tree -d, then unify with [workspace.dependencies]
- Add a new npm package and audit: npm install <pkg>, npm audit, npm test
- Detect unused Rust dependencies with cargo-udeps and remove them
- Run CI checks that fail on vulnerabilities: cargo audit --deny warnings
FAQ
Use cargo tree -d to locate duplicates or cargo tree -i <crate> to see reverse dependencies; for npm use npm ls <pkg> to trace dependents.
When should I pin versions in a workspace?
Pin workspace dependencies when multiple crates must share a single implementation or when duplicate versions cause build/test instability; declare them under [workspace.dependencies].