safe-deps
OfficialRefresh dependencies safely with one report.
Software Engineering#npm#security audit#peer dependencies#pull request automation#dependency update#semver analysis#Linear tickets
Authorpaywhereb
Version1.0.0
Installs0
System Documentation
What problem does it solve?
safe-deps removes the guesswork of upgrading npm dependencies by automatically recomputing what is safe to bump versus what needs human triage.
Core Features & Use Cases
- Curated refresh: Enumerates all outdated npm packages from the current lockfile and classifies each update as SAFE or RISKY using deterministic semver rules.
- One SAFE PR bundle: Applies all SAFE upgrades in a single branch and creates a single pull request for fast, shippable improvements.
- Actionable RISKY triage report: Groups risky upgrades by peer-dependency compatibility and produces a structured report with recommendations (do alone, do as group, or skip this cycle).
- Guardrails and repo checks: Enforces a clean working tree, repo-default-branch constraints, audit/build/test gates, and an optional per-repo guard hook from .claude/eng-workflow.json.
Quick Start
Run the safe-deps skill to create a SAFE refresh PR and get a grouped RISKY report for manual review.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: safe-deps Download link: https://github.com/paywhereb/paywhere-claude-plugins/archive/main.zip#safe-deps Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.