dependency-upgrade
Master major dependency version upgrades, compatibility analysis, staged upgrade strategies, and comprehensive testing approaches.
About this skill
This skill empowers AI agents to master the intricate process of major dependency version upgrades. It enables the agent to conduct thorough compatibility analyses, devise strategic staged upgrade plans, and design comprehensive testing approaches to minimize risks and ensure stability. The agent can clarify upgrade goals, identify constraints, and apply relevant best practices. It's equipped to provide actionable steps and verification processes, and can even refer to an internal `implementation-playbook.md` resource for detailed examples, making it invaluable for maintaining robust and up-to-date software projects.
Best use case
A software development team needs to upgrade critical libraries or packages to their latest major versions to leverage new features, patch security vulnerabilities, or improve performance. The AI agent, using this skill, can assist in generating a detailed plan, identifying potential breaking changes, suggesting a rollout strategy, and outlining necessary testing procedures to ensure a smooth transition.
Master major dependency version upgrades, compatibility analysis, staged upgrade strategies, and comprehensive testing approaches.
A clear, actionable, and well-structured plan for dependency upgrades, including identified compatibility issues, a recommended staged deployment strategy, and a comprehensive testing regimen. The outcome will facilitate a safer and more efficient upgrade process, leading to a stable and updated software environment.
Practical example
Example input
Our project 'AwesomeApp' uses `React@16.x` and `Node.js@14.x`. We want to upgrade to `React@18.x` and `Node.js@18.x` to take advantage of new features and long-term support. Outline a detailed upgrade plan including compatibility checks, staging strategy, and testing approaches for our JavaScript/TypeScript monorepo.
Example output
**Dependency Upgrade Plan for 'AwesomeApp' (React & Node.js)**
**Goal:** Safely upgrade `React` from 16.x to 18.x and `Node.js` from 14.x to 18.x, minimizing disruptions and leveraging new features.
**Phase 1: Compatibility Analysis & Research**
1. **Review Official Migration Guides:** Consult React 18 Upgrade Guide and Node.js 18 LTS documentation for breaking changes and new features.
2. **Codebase Scan (React):** Use static analysis tools (e.g., ESLint, AST parsers) to identify deprecated lifecycle methods, `ReactDOM.render` calls, and potential concurrent mode issues.
3. **Codebase Scan (Node.js):** Identify use of deprecated APIs or modules that have changed behavior in Node.js 18.
4. **Transitive Dependency Check:** Analyze `package.json` for dependencies that might be incompatible with React 18 or Node.js 18. Update or find alternatives as needed.
**Phase 2: Staged Upgrade Strategy**
1. **Isolate Upgrades:** Prioritize upgrading Node.js first, as it's a foundational runtime, then React.
2. **Feature Branch:** Create a dedicated Git branch (e.g., `feature/upgrade-react-node`).
3. **Incremental Changes:** Apply changes in smaller, manageable commits for easier debugging.
4. **Environment Setup:** Create a separate CI/CD environment or local Docker setup for testing the upgraded versions.
**Phase 3: Implementation & Local Testing**
1. **Upgrade Node.js:**
* Update development environments, CI/CD pipelines, and `package.json` engines field.
* Verify existing scripts and build processes.
* Run all existing unit and integration tests.
2. **Upgrade React:**
* Update `package.json`: `npm install react@^18 react-dom@^18 --save`.
* Modify `ReactDOM.render` to `ReactDOM.createRoot`.
* Address any deprecated lifecycle methods (e.g., `componentWillMount`).
* Implement `StrictMode` for early detection of potential issues.
* Refactor class components to functional components with Hooks where appropriate (optional but recommended).
* Run all existing unit and integration tests.
**Phase 4: Comprehensive Testing & Validation**
1. **Automated Tests:** Execute full suite of unit, integration, and end-to-end (Cypress/Playwright) tests.
2. **Performance Testing:** Conduct benchmark tests to compare performance metrics pre- and post-upgrade.
3. **Manual QA & UAT:** Perform critical path user journey testing and involve key stakeholders for user acceptance testing.
4. **Rollback Plan:** Document clear steps and procedures to revert changes if critical, unresolvable issues are discovered post-deployment.
5. **Monitoring:** Set up enhanced logging and performance monitoring for the upgraded environment.
**Next Steps:** Begin with in-depth research of the official migration guides for React 18 and Node.js 18. If detailed code examples for specific refactoring tasks are required, open and review `resources/implementation-playbook.md` for guidance.When to use this skill
- When a software project requires upgrading major versions of its dependencies. When needing a structured approach to analyze compatibility, plan staged deployments, or define comprehensive testing strategies for dependency updates. When the goal is to mitigate risks associated with major version shifts and ensure project stability.
When not to use this skill
- The task is unrelated to dependency upgrade
- You need a different domain or tool outside this scope
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/dependency-upgrade/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How dependency-upgrade Compares
| Feature / Agent | dependency-upgrade | Standard Approach |
|---|---|---|
| Platform Support | Claude | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | medium | N/A |
Frequently Asked Questions
What does this skill do?
Master major dependency version upgrades, compatibility analysis, staged upgrade strategies, and comprehensive testing approaches.
Which AI agents support this skill?
This skill is designed for Claude.
How difficult is it to install?
The installation complexity is rated as medium. You can find the installation instructions above.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
AI Agent for Product Research
Browse AI agent skills for product research, competitive analysis, customer discovery, and structured product decision support.
SKILL.md Source
# Dependency Upgrade
Master major dependency version upgrades, compatibility analysis, staged upgrade strategies, and comprehensive testing approaches.
## Do not use this skill when
- The task is unrelated to dependency upgrade
- You need a different domain or tool outside this scope
## Instructions
- Clarify goals, constraints, and required inputs.
- Apply relevant best practices and validate outcomes.
- Provide actionable steps and verification.
- If detailed examples are required, open `resources/implementation-playbook.md`.
## Use this skill when
- Upgrading major framework versions
- Updating security-vulnerable dependencies
- Modernizing legacy dependencies
- Resolving dependency conflicts
- Planning incremental upgrade paths
- Testing compatibility matrices
- Automating dependency updates
## Semantic Versioning Review
```
MAJOR.MINOR.PATCH (e.g., 2.3.1)
MAJOR: Breaking changes
MINOR: New features, backward compatible
PATCH: Bug fixes, backward compatible
^2.3.1 = >=2.3.1 <3.0.0 (minor updates)
~2.3.1 = >=2.3.1 <2.4.0 (patch updates)
2.3.1 = exact version
```
## Dependency Analysis
### Audit Dependencies
```bash
# npm
npm outdated
npm audit
npm audit fix
# yarn
yarn outdated
yarn audit
# Check for major updates
npx npm-check-updates
npx npm-check-updates -u # Update package.json
```
### Analyze Dependency Tree
```bash
# See why a package is installed
npm ls package-name
yarn why package-name
# Find duplicate packages
npm dedupe
yarn dedupe
# Visualize dependencies
npx madge --image graph.png src/
```
## Compatibility Matrix
```javascript
// compatibility-matrix.js
const compatibilityMatrix = {
'react': {
'16.x': {
'react-dom': '^16.0.0',
'react-router-dom': '^5.0.0',
'@testing-library/react': '^11.0.0'
},
'17.x': {
'react-dom': '^17.0.0',
'react-router-dom': '^5.0.0 || ^6.0.0',
'@testing-library/react': '^12.0.0'
},
'18.x': {
'react-dom': '^18.0.0',
'react-router-dom': '^6.0.0',
'@testing-library/react': '^13.0.0'
}
}
};
function checkCompatibility(packages) {
// Validate package versions against matrix
}
```
## Staged Upgrade Strategy
### Phase 1: Planning
```bash
# 1. Identify current versions
npm list --depth=0
# 2. Check for breaking changes
# Read CHANGELOG.md and MIGRATION.md
# 3. Create upgrade plan
echo "Upgrade order:
1. TypeScript
2. React
3. React Router
4. Testing libraries
5. Build tools" > UPGRADE_PLAN.md
```
### Phase 2: Incremental Updates
```bash
# Don't upgrade everything at once!
# Step 1: Update TypeScript
npm install typescript@latest
# Test
npm run test
npm run build
# Step 2: Update React (one major version at a time)
npm install react@17 react-dom@17
# Test again
npm run test
# Step 3: Continue with other packages
npm install react-router-dom@6
# And so on...
```
### Phase 3: Validation
```javascript
// tests/compatibility.test.js
describe('Dependency Compatibility', () => {
it('should have compatible React versions', () => {
const reactVersion = require('react/package.json').version;
const reactDomVersion = require('react-dom/package.json').version;
expect(reactVersion).toBe(reactDomVersion);
});
it('should not have peer dependency warnings', () => {
// Run npm ls and check for warnings
});
});
```
## Breaking Change Handling
### Identifying Breaking Changes
```bash
# Use changelog parsers
npx changelog-parser react 16.0.0 17.0.0
# Or manually check
curl https://raw.githubusercontent.com/facebook/react/main/CHANGELOG.md
```
### Codemod for Automated Fixes
```bash
# React upgrade codemods
npx react-codeshift <transform> <path>
# Example: Update lifecycle methods
npx react-codeshift \
--parser tsx \
--transform react-codeshift/transforms/rename-unsafe-lifecycles.js \
src/
```
### Custom Migration Script
```javascript
// migration-script.js
const fs = require('fs');
const glob = require('glob');
glob('src/**/*.tsx', (err, files) => {
files.forEach(file => {
let content = fs.readFileSync(file, 'utf8');
// Replace old API with new API
content = content.replace(
/componentWillMount/g,
'UNSAFE_componentWillMount'
);
// Update imports
content = content.replace(
/import { Component } from 'react'/g,
"import React, { Component } from 'react'"
);
fs.writeFileSync(file, content);
});
});
```
## Testing Strategy
### Unit Tests
```javascript
// Ensure tests pass before and after upgrade
npm run test
// Update test utilities if needed
npm install @testing-library/react@latest
```
### Integration Tests
```javascript
// tests/integration/app.test.js
describe('App Integration', () => {
it('should render without crashing', () => {
render(<App />);
});
it('should handle navigation', () => {
const { getByText } = render(<App />);
fireEvent.click(getByText('Navigate'));
expect(screen.getByText('New Page')).toBeInTheDocument();
});
});
```
### Visual Regression Tests
```javascript
// visual-regression.test.js
describe('Visual Regression', () => {
it('should match snapshot', () => {
const { container } = render(<App />);
expect(container.firstChild).toMatchSnapshot();
});
});
```
### E2E Tests
```javascript
// cypress/e2e/app.cy.js
describe('E2E Tests', () => {
it('should complete user flow', () => {
cy.visit('/');
cy.get('[data-testid="login"]').click();
cy.get('input[name="email"]').type('user@example.com');
cy.get('button[type="submit"]').click();
cy.url().should('include', '/dashboard');
});
});
```
## Automated Dependency Updates
### Renovate Configuration
```json
// renovate.json
{
"extends": ["config:base"],
"packageRules": [
{
"matchUpdateTypes": ["minor", "patch"],
"automerge": true
},
{
"matchUpdateTypes": ["major"],
"automerge": false,
"labels": ["major-update"]
}
],
"schedule": ["before 3am on Monday"],
"timezone": "America/New_York"
}
```
### Dependabot Configuration
```yaml
# .github/dependabot.yml
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 5
reviewers:
- "team-leads"
commit-message:
prefix: "chore"
include: "scope"
```
## Rollback Plan
```javascript
// rollback.sh
#!/bin/bash
# Save current state
git stash
git checkout -b upgrade-branch
# Attempt upgrade
npm install package@latest
# Run tests
if npm run test; then
echo "Upgrade successful"
git add package.json package-lock.json
git commit -m "chore: upgrade package"
else
echo "Upgrade failed, rolling back"
git checkout main
git branch -D upgrade-branch
npm install # Restore from package-lock.json
fi
```
## Common Upgrade Patterns
### Lock File Management
```bash
# npm
npm install --package-lock-only # Update lock file only
npm ci # Clean install from lock file
# yarn
yarn install --frozen-lockfile # CI mode
yarn upgrade-interactive # Interactive upgrades
```
### Peer Dependency Resolution
```bash
# npm 7+: strict peer dependencies
npm install --legacy-peer-deps # Ignore peer deps
# npm 8+: override peer dependencies
npm install --force
```
### Workspace Upgrades
```bash
# Update all workspace packages
npm install --workspaces
# Update specific workspace
npm install package@latest --workspace=packages/app
```
## Resources
- **references/semver.md**: Semantic versioning guide
- **references/compatibility-matrix.md**: Common compatibility issues
- **references/staged-upgrades.md**: Incremental upgrade strategies
- **references/testing-strategy.md**: Comprehensive testing approaches
- **assets/upgrade-checklist.md**: Step-by-step checklist
- **assets/compatibility-matrix.csv**: Version compatibility table
- **scripts/audit-dependencies.sh**: Dependency audit script
## Best Practices
1. **Read Changelogs**: Understand what changed
2. **Upgrade Incrementally**: One major version at a time
3. **Test Thoroughly**: Unit, integration, E2E tests
4. **Check Peer Dependencies**: Resolve conflicts early
5. **Use Lock Files**: Ensure reproducible installs
6. **Automate Updates**: Use Renovate or Dependabot
7. **Monitor**: Watch for runtime errors post-upgrade
8. **Document**: Keep upgrade notes
## Upgrade Checklist
```markdown
Pre-Upgrade:
- [ ] Review current dependency versions
- [ ] Read changelogs for breaking changes
- [ ] Create feature branch
- [ ] Backup current state (git tag)
- [ ] Run full test suite (baseline)
During Upgrade:
- [ ] Upgrade one dependency at a time
- [ ] Update peer dependencies
- [ ] Fix TypeScript errors
- [ ] Update tests if needed
- [ ] Run test suite after each upgrade
- [ ] Check bundle size impact
Post-Upgrade:
- [ ] Full regression testing
- [ ] Performance testing
- [ ] Update documentation
- [ ] Deploy to staging
- [ ] Monitor for errors
- [ ] Deploy to production
```
## Common Pitfalls
- Upgrading all dependencies at once
- Not testing after each upgrade
- Ignoring peer dependency warnings
- Forgetting to update lock file
- Not reading breaking change notes
- Skipping major versions
- Not having rollback planRelated Skills
framework-migration-deps-upgrade
You are a dependency management expert specializing in safe, incremental upgrades of project dependencies. Plan and execute dependency updates with minimal risk, proper testing, and clear migration pa
nerdzao-elite
Senior Elite Software Engineer (15+) and Senior Product Designer. Full workflow with planning, architecture, TDD, clean code, and pixel-perfect UX validation.
nerdzao-elite-gemini-high
Modo Elite Coder + UX Pixel-Perfect otimizado especificamente para Gemini 3.1 Pro High. Workflow completo com foco em qualidade máxima e eficiência de tokens.
multi-platform-apps-multi-platform
Build and deploy the same feature consistently across web, mobile, and desktop platforms using API-first architecture and parallel implementation strategies.
monorepo-architect
Expert in monorepo architecture, build systems, and dependency management at scale. Masters Nx, Turborepo, Bazel, and Lerna for efficient multi-project development. Use PROACTIVELY for monorepo setup,
minecraft-bukkit-pro
Master Minecraft server plugin development with Bukkit, Spigot, and Paper APIs.
memory-safety-patterns
Cross-language patterns for memory-safe programming including RAII, ownership, smart pointers, and resource management.
macos-spm-app-packaging
Scaffold, build, sign, and package SwiftPM macOS apps without Xcode projects.
legacy-modernizer
Refactor legacy codebases, migrate outdated frameworks, and implement gradual modernization. Handles technical debt, dependency updates, and backward compatibility.
i18n-localization
Internationalization and localization patterns. Detecting hardcoded strings, managing translations, locale files, RTL support.
fp-refactor
Comprehensive guide for refactoring imperative TypeScript code to fp-ts functional patterns
dotnet-backend-patterns
Master C#/.NET patterns for building production-grade APIs, MCP servers, and enterprise backends with modern best practices (2024/2025).