bump-deps

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Bump Dependencies

升级依赖项

Analyze outdated dependencies and safely upgrade them with breaking change detection.

分析过时依赖项并安全升级，同时检测破坏性变更。

Workflow

工作流程

Detect package manager based on current directory:
- If in
```
frontend/
```
  directory or working with TypeScript/JavaScript: use
```
pnpm
```
  reference
- If in
```
backend/
```
  directory or working with Python: use
```
uv
```
  reference
List outdated dependencies using the package manager-specific command from the reference
Spawn background analysis tasks for EACH notable upgrade:
CRITICAL: You MUST spawn the
```
package-upgrade-analyzer
```
sub-agent as a background Task for EACH and EVERY notable upgrade. Do NOT take shortcuts.
```
Task(
  subagent_type="package-upgrade-analyzer",
  run_in_background=true,
  prompt="Analyze upgrade for {package_name} from {old_version} to {new_version}. GitHub: {repo_url}"
)
```
Notable upgrades include:
- Major version bumps (e.g., v4 → v5)
- Packages with known breaking changes
- Core dependencies (React, Next.js, FastAPI, SQLAlchemy, etc.)
Spawn ALL tasks in a single message with multiple tool calls for maximum parallelism.
Wait for all background tasks to complete:
- Use
```
TaskOutput
```
  to retrieve results from each background task
- Once ALL tasks are complete, ultrathink about the suggestions, migration guides, and release notes
- Invoke the
```
Plan
```
  tool and its sub-agents to strategically address the breaking changes
- Plan carefully to maintain as much of the original behavior as possible
Ask clarifying questions:
- If the migration path forward is ambiguous, ASK questions
- Do NOT proceed unless you're sure about the safety of the dependency version bumps
Generate PR summary document:
Write a
```
.claude/scratchpad/PR.md
```
file using the PR template. Ensure that all package identifiers are properly wrapped in backticks for readability.

Create PR (user confirmation required):

After generating

.claude/scratchpad/PR.md

, use

AskUserQuestion

to confirm:

AskUserQuestion(
  question="Ready to create the PR? You can edit .claude/scratchpad/PR.md first if needed.",
  header="Create PR?",
  options=[
    { label: "Create PR", description: "Create the PR with current PR.md content" },
    { label: "Let me edit first", description: "I'll edit PR.md and confirm when ready" }
  ]
)

Once the user confirms, derive

PR_TITLE

and create the PR:

Deriving
PR_TITLE
:

Scope: Use
```
app
```
for frontend (pnpm),
```
api
```
for backend (uv)
Content (pick first applicable):
- ≤3 notable packages: List them by name with target major version → "deps(app): bump
```
react-query
```
  to v5,
```
next
```
  to v15"
- >3 packages with notable ones: Highlight 1-2 notable + count → "deps(api): bump
```
sqlalchemy
```
  to v2 (+4 packages)"
- Many minor bumps only: Just the count → "deps(app): bump 12 dependencies"
Keep under 72 characters

bash

PR_TITLE="deps(app): bump react-query to v5, next to v15"
gh pr create --base dev --head "$(git rev-parse --abbrev-ref HEAD)" --title "$PR_TITLE" --body-file .claude/scratchpad/PR.md

After successful PR creation:

bash

# Clean up the scratchpad file
rm .claude/scratchpad/PR.md

Return the PR URL to the user.

检测包管理器：基于当前目录自动识别：
- 若处于
```
frontend/
```
  目录或处理TypeScript/JavaScript项目：使用
```
pnpm
```
  参考文档
- 若处于
```
backend/
```
  目录或处理Python项目：使用
```
uv
```
  参考文档
列出过时依赖项：使用参考文档中对应包管理器的命令
为每个重要升级启动后台分析任务：
重要提示：你必须为每一个重要升级启动
```
package-upgrade-analyzer
```
子Agent作为后台Task。切勿图省事。
```
Task(
  subagent_type="package-upgrade-analyzer",
  run_in_background=true,
  prompt="Analyze upgrade for {package_name} from {old_version} to {new_version}. GitHub: {repo_url}"
)
```
重要升级包括：
- 主版本号升级（例如：v4 → v5）
- 已知存在破坏性变更的包
- 核心依赖项（React、Next.js、FastAPI、SQLAlchemy等）
为实现最大并行效率，需在单条消息中发起多个工具调用来启动所有任务。
等待所有后台任务完成：
- 使用
```
TaskOutput
```
  获取每个后台任务的结果
- 待所有任务完成后，仔细梳理建议、迁移指南和发布说明
- 调用
```
Plan
```
  工具及其子Agent来针对性处理破坏性变更
- 谨慎规划，尽可能保留原有功能
提出澄清问题：
- 若迁移路径不明确，务必提出问题
- 除非确定依赖版本升级是安全的，否则不要继续操作
生成PR摘要文档：
使用PR模板编写
```
.claude/scratchpad/PR.md
```
文件。确保所有包标识符都用反引号包裹，以提高可读性。

创建PR（需用户确认）：

生成

.claude/scratchpad/PR.md

后，使用

AskUserQuestion

确认：

AskUserQuestion(
  question="Ready to create the PR? You can edit .claude/scratchpad/PR.md first if needed.",
  header="Create PR?",
  options=[
    { label: "Create PR", description: "Create the PR with current PR.md content" },
    { label: "Let me edit first", description: "I'll edit PR.md and confirm when ready" }
  ]
)

用户确认后，生成

PR_TITLE

并创建PR：

生成
PR_TITLE
的规则：

范围：前端（pnpm）使用
```
app
```
，后端（uv）使用
```
api
```
内容（按优先级选择）：
- ≤3个重要包：列出包名及目标主版本 → "deps(app): bump
```
react-query
```
  to v5,
```
next
```
  to v15"
- >3个包且包含重要包：突出1-2个重要包+总数 → "deps(api): bump
```
sqlalchemy
```
  to v2 (+4 packages)"
- 仅多个小版本升级：仅标注数量 → "deps(app): bump 12 dependencies"
长度控制在72字符以内

bash

PR_TITLE="deps(app): bump react-query to v5, next to v15"
gh pr create --base dev --head "$(git rev-parse --abbrev-ref HEAD)" --title "$PR_TITLE" --body-file .claude/scratchpad/PR.md

PR创建成功后：

bash

# 清理临时文件
rm .claude/scratchpad/PR.md

将PR链接返回给用户。

Important Notes

重要说明

Always analyze breaking changes BEFORE upgrading
Use parallel Task agents for efficiency
Focus on safety over speed - better to ask than to break production
Consider rollback strategies for risky upgrades

升级前务必分析破坏性变更
使用并行Task Agent提升效率
安全优先于速度——宁可询问也不要破坏生产环境
为高风险升级考虑回滚策略

Additional Instructions

额外说明

The remaining instructions are behavior overrides by the user.

<user-guidelines>

$ARGUMENTS

</user-guidelines>

以下是用户指定的行为覆盖规则。

<user-guidelines>

$ARGUMENTS

</user-guidelines>