Update Dependencies Skill
This skill guides you through the process of updating dependencies in the Nitro repository.
Step-by-Step Process
Ensure Clean State
Check that you're on a clean main branch with latest changes.
- •Clean working directory on main branch
- •Latest changes pulled from remote
git checkout main git pull origin main git status # Should show "nothing to commit, working tree clean"
(if branch name starts with chore, you can stay in it, no need to pull or change branch or clean state)
Initial Install
Run an initial install to ensure everything is up to date:
pnpm install
Run pnpm upgrade -r
Run pnpm upgrade -r to update non-major versions.
After upgrade, check git diff:
- •Make sure range types does not change in
dependenciesfield (example:"h3": "^2.0.1-rc.7"should remain"h3": "^2.0.1-rc.7",not"h3": "2.0.1-rc.7",) - •Make sure dependencies are not converted to
link:..(example:"nitro": "latest",should remain same, instead of"nitro": "link:../..")
Fix workspace package link references:
pnpm upgrade -r often incorrectly converts workspace package references (like "nitro": "latest") to link format ("nitro": "link:../..") in monorepo packages.
Check git diff for any workspace packages that were converted to link: format:
# Check for any link: conversions in modified files git diff --name-only | xargs grep -l '"link:' 2>/dev/null
If found, revert them back to their original format. For this repo, "nitro" should always be "latest":
# Revert nitro link references back to latest in all modified package.json files
git diff --name-only | grep 'package.json$' | while read file; do
if grep -q '"nitro": "link:' "$file" 2>/dev/null; then
sed -i 's/"nitro": "link:[^"]*"/"nitro": "latest"/g' "$file"
echo "Fixed: $file"
fi
done
Fix caret prefix removal:
If any dependencies in root package.json lost their ^ prefix, restore them manually.
Check for Outdated Dependencies
Find outdated dependencies:
pnpm outdated -r
IMPORTANT: Check for newer beta/alpha/rc versions manually. pnpm outdated doesn't show pre-release updates.
Check each package with beta/alpha/rc versions in package.json:
# List all versions including pre-releases pnpm show vite versions --json | grep -E "beta|alpha|rc" | tail -5 pnpm show youch versions --json | grep -E "beta|alpha|rc" | tail -5
Or check all versions for a specific package:
pnpm show <package-name> versions
4. Update Dependencies
Manually update all dependencies to their latest versions in package.json:
- •Update both
dependenciesanddevDependencies - •Keep the range prefix (e.g.,
^for caret ranges) - •For beta/alpha/rc packages: Update to the latest pre-release tag found in step 3
- •Example:
vite: "8.0.0-beta.6"→"8.0.0-beta.7" - •Example:
h3: "^2.0.1-rc.7"→"^2.0.1-rc.8"(if available)
- •Example:
- •Maintain version range conventions (prefer
^over exact versions) - •Do not update
@azure/functions
5. Clean Install
Remove lock file and node_modules, then reinstall:
rm -rf node_modules pnpm-lock.yaml pnpm i
6. Lint and Fix
Run linting and auto-fix issues:
pnpm format
7. Build Project
Build the project to ensure compatibility:
pnpm build
9. Fix Remaining Issues
If there are lint or type errors:
- •Review the output carefully
- •Fix issues manually following the project conventions
- •Re-run
pnpm formatto verify lint fixes - •Re-run
pnpm typecheckto verify type fixes. Ignore errors, only report them in the end.
10. Final
Do not commit changes. Only summarize what happened.
Common Issues
Breaking Changes
If a dependency has breaking changes:
- •Check the package's changelog/release notes
- •Update code to match new API if needed
- •Consider pinning to previous major version if breaking changes are too extensive
Build Failures
If the build fails after updates:
- •Check for TypeScript errors first:
pnpm typecheck - •Review error messages for deprecated APIs
- •Consider updating dependencies one at a time to isolate issues
Lock File Conflicts
- •Test thoroughly after updates, especially major version bumps
- •Review changelogs for significant updates