Workflow: python-upgrade-workflow
This skill guides you through the process of safely upgrading Python dependencies. It automatically detects the package manager in use (uv, poetry, pipenv, or pip) and provides specific steps for each.
Prerequisites
Before starting, ensure:
- • The relevant package manager is installed and available in the PATH (
uv,poetry,pipenv, orpip). - • A dependency definition file exists (
pyproject.toml,Pipfile, orrequirements.txt). - • A test suite (e.g.,
pytest) is configured and passing in the current state.
Steps
1. Preparation & Detection
- •
Detect Package Manager:
- •Check for lockfiles/definition files to identify the tool:
- •
uv.lock-> uv - •
poetry.lockor[tool.poetry]inpyproject.toml-> poetry - •
Pipfile.lockorPipfile-> pipenv - •
requirements.txt-> pip
- •
- •Note: If multiple exist, prefer the one with a lockfile or strictly follow the project's contribution guidelines.
- •Check for lockfiles/definition files to identify the tool:
- •
Health Check (Baseline):
- •uv:
uv lock --check - •poetry:
poetry check - •pipenv:
pipenv check - •pip:
pip check - •All: Run the test suite (e.g.,
pytest) to confirm tests pass before any changes. - •Verification: Do not proceed if the baseline is broken.
- •uv:
- •
Back up Lockfile:
- •uv:
cp uv.lock uv.lock.bak - •poetry:
cp poetry.lock poetry.lock.bak - •pipenv:
cp Pipfile.lock Pipfile.lock.bak - •pip:
cp requirements.txt requirements.txt.bak - •Verification: Check that the backup file exists.
- •uv:
2. Execution (Upgrade)
Choose Option A (Full Upgrade) or Option B (Targeted Upgrade).
Option A: Full Upgrade (All dependencies)
- •uv:
- •Run
uv lock --upgrade - •Run
uv sync
- •Run
- •poetry:
- •Run
poetry update
- •Run
- •pipenv:
- •Run
pipenv update
- •Run
- •pip:
- •Run
pip list --outdated --format=freezeto see what will be upgraded. - •Run
pip install --upgrade -r requirements.txt(if packages are unpinned) OR upgrade packages individually. - •Run
pip freeze > requirements.txt - •Warning:
pip freezeusually removes comments fromrequirements.txt.
- •Run
Option B: Targeted Upgrade (Specific package)
Replace <package_name> with the desired package.
- •uv:
- •Run
uv lock --upgrade-package <package_name> - •Run
uv sync
- •Run
- •poetry:
- •Run
poetry update <package_name>
- •Run
- •pipenv:
- •Run
pipenv update <package_name>
- •Run
- •pip:
- •Run
pip install --upgrade <package_name> - •Run
pip freeze > requirements.txt
- •Run
Verification: Check that the lockfile (or requirements.txt) has been modified.
3. Validation & Inspection
- •
Consistency Check:
- •uv:
uv lock --check - •poetry:
poetry check - •pipenv:
pipenv check - •pip:
pip check
- •uv:
- •
Inspect Changes:
- •uv:
uv tree --depth 1 - •poetry:
poetry show --tree(or justpoetry show) - •pipenv:
pipenv graph - •pip:
pip freeze(compare with backup)
- •uv:
- •
Run Tests:
- •Run the test suite again.
- •Verification: Ensure all tests pass with the upgraded dependencies.
4. Finalization
- •
Cleanup:
- •If tests pass, remove the backup:
rm <lockfile>.bak. - •Verification: Backup file is removed.
- •If tests pass, remove the backup:
- •
Commit Changes:
- •Commit the lockfile and definition file (e.g.,
uv.lock&pyproject.toml,poetry.lock&pyproject.toml, etc.). - •Message suggestion: "chore(deps): upgrade dependencies" or "chore(deps): upgrade <package_name>"
- •Commit the lockfile and definition file (e.g.,
Rollback / Failure Handling
If validation fails:
- •Restore Lockfile:
- •
mv <lockfile>.bak <lockfile>(e.g.,mv uv.lock.bak uv.lock)
- •
- •Sync Environment (Restore original state):
- •uv:
uv sync - •poetry:
poetry install - •pipenv:
pipenv sync - •pip:
pip install -r requirements.txt
- •uv:
- •Report Failure:
- •Provide test failure logs.
- •List attempted upgrades.