upgrade-packages

Installation
SKILL.md

Upgrade packages

Safe, incremental dependency upgrades for pnpm projects. Pair with fix-dependency-security for audit and install hardening.

Principles

  1. Prefer non-breaking upgrades — stay within semver ranges in package.json (^, ~) before jumping majors.
  2. One logical change per commit — e.g. “bump patch/minors” vs “Next 15 → 16 + codemods”.
  3. Framework libs are worth major upgradesnext, react, react-dom, typescript, tailwindcss, and the active linter (@biomejs/biome in devprofile; eslint in ESLint-based repos) — but require changelog review, codemods, and code fixes; never bump only the version pin.
  4. Keep related packages aligned — React + types + DOM; Next + @next/env override; linter + its plugins (Biome or ESLint ecosystem).
  5. Install with SFW when supply-chain hardening is enabled: sfw pnpm install / sfw pnpm update.

Upgrade tiers

Installs
2
Repository
p10ns11y/skills
GitHub Stars
1
First Seen
Jun 8, 2026
upgrade-packages — p10ns11y/skills