What managers are supported?

npm, yarn (classic & berry), and pnpm.

How are breaking changes handled?

The tool detects breaking changes by comparing current vs latest major versions and consulting breaking_changes_patterns.md; it may block upgrades or apply migrations based on the findings.

What outputs does the tool produce?

Updated package.json, the corresponding lock file, and a migration report detailing changes and rationale.

ln-711-npm-upgrader

npx machina-cli add skill levnikolaevich/claude-code-skills/ln-711-npm-upgrader --openclaw

Files (1)

SKILL.md

7.5 KB

Paths: File paths (shared/, references/, ../ln-*) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root.

ln-711-npm-upgrader

Type: L3 Worker Category: 7XX Project Bootstrap Parent: ln-710-dependency-upgrader

Upgrades Node.js dependencies using npm, yarn, or pnpm with automatic breaking change detection and migration.

Overview

Aspect	Details
Input	Project path, package manager type
Output	Updated package.json, lock file, migration report
Supports	npm, yarn (classic & berry), pnpm

Workflow

See diagram.html for visual workflow.

Phases: Pre-flight → Analyze → Security Audit → Check Outdated → Identify Breaking → Apply Upgrades → Apply Migrations → Verify Build → Report

Phase 0: Pre-flight Checks

Check	Required	Action if Missing
Lock file (package-lock.json, yarn.lock, pnpm-lock.yaml)	Yes	Warn and run `npm install` first
package.json	Yes	Block upgrade

Workers assume coordinator (ln-710) already verified git state and created backup.

Phase 1: Analyze Dependencies

Read package.json and categorize dependencies for upgrade priority.

Dependency Categories

Category	Examples	Priority
framework	react, vue, angular	2 (after peer deps)
build	vite, webpack, esbuild	3
ui	@radix-ui/*, tailwindcss	4
state	@tanstack/react-query, zustand	5
utils	lodash, date-fns	6
dev	eslint, prettier, typescript	7
peer	@types/*, typescript	1 (first)

Phase 2: Security Audit

Commands

Manager	Command
npm	`npm audit --audit-level=high`
yarn	`yarn audit --level high`
pnpm	`pnpm audit --audit-level high`

Actions

Severity	Action
Critical	Block upgrade, report
High	Warn, continue
Moderate/Low	Log only

Phase 3: Check Outdated

Commands

Manager	Command
npm	`npm outdated --json`
yarn	`yarn outdated --json`
pnpm	`pnpm outdated --json`

Phase 4: Identify Breaking Changes

Detection

MANDATORY READ: Load breaking_changes_patterns.md for full patterns.

Compare current vs latest major versions
Check breaking_changes_patterns.md for known patterns
Query Context7/Ref for migration guides

Common Breaking Changes

Package	Breaking Version	Key Changes
react	18 → 19	JSX Transform, ref as prop
vite	5 → 6	ESM only, Node 18+
eslint	8 → 9	Flat config required
tailwindcss	3 → 4	CSS-based config
typescript	5.4 → 5.5+	Stricter inference

Phase 5: Apply Upgrades

Upgrade Order

Peer dependencies (TypeScript, @types/*)
Framework packages (React, Vue core)
Build tools (Vite, webpack)
UI libraries (after framework)
Utilities (lodash, date-fns)
Dev dependencies (testing, linting)

Commands

Manager	Command
npm	`npm install <package>@latest --save`
yarn	`yarn add <package>@latest`
pnpm	`pnpm add <package>@latest`

Peer Dependency Conflicts

Situation	Solution
ERESOLVE error	`npm install --legacy-peer-deps`
Still fails	`npm install --force` (last resort)

MCP Tools for Migration Search

Priority Order (Fallback Strategy)

Priority	Tool	When to Use
1	mcp__context7__query-docs	First choice for library docs
2	mcp__Ref__ref_search_documentation	Official docs and GitHub
3	WebSearch	Latest info, community solutions

Context7 Usage

Step	Tool	Parameters
1. Find library	mcp__context7__resolve-library-id	libraryName: "react", query: "migration guide"
2. Query docs	mcp__context7__query-docs	libraryId: "/facebook/react", query: "react 18 to 19 migration"

MCP Ref Usage

Action	Tool	Query Example
Search	mcp__Ref__ref_search_documentation	"react 19 migration guide breaking changes"
Read	mcp__Ref__ref_read_url	URL from search results

WebSearch Fallback

Use when Context7/Ref return no results:

"<package> <version> breaking changes migration {current_year}"
"<package> <error message> fix stackoverflow"

Phase 6: Apply Migrations

Process

Use MCP tools (see section above) to find migration guide
Apply automated code transforms via Edit tool
Log manual migration steps for user

Do NOT apply hardcoded migrations. Always fetch current guides via MCP tools.

Phase 7: Verify Build

Commands

Check	Command
TypeScript	`npm run check` or `npx tsc --noEmit`
Build	`npm run build`
Tests	`npm test` (if available)

On Failure

Identify failing package from error
Search Context7/Ref for fix
If unresolved: rollback package, continue with others

Phase 8: Report Results

Report Schema

Field	Description
project	Project path
packageManager	npm, yarn, or pnpm
duration	Total time
upgrades.major[]	Breaking changes applied
upgrades.minor[]	Feature updates
upgrades.patch[]	Bug fixes
migrations[]	Applied migrations
skipped[]	Already latest
buildVerification	PASSED or FAILED
warnings[]	Non-blocking issues

Configuration

Options:
  # Upgrade scope
  upgradeType: major          # major | minor | patch

  # Breaking changes
  allowBreaking: true
  autoMigrate: true
  queryMigrationGuides: true  # Use Context7/Ref

  # Security
  auditLevel: high            # none | low | moderate | high | critical
  minimumReleaseAge: 14       # days

  # Peer dependencies
  legacyPeerDeps: false
  force: false

  # Verification
  runBuild: true
  runTests: false
  runTypeCheck: true

  # Rollback
  createBackup: true
  rollbackOnFailure: true

Error Handling

Error	Cause	Solution
ERESOLVE	Peer dep conflict	--legacy-peer-deps
ENOENT	Missing lock file	npm install first
Build fail	Breaking change	Apply migration via Context7
Type errors	Version mismatch	Update @types/*

Rollback

Restore package.json and lock file from git, then run clean install to restore previous state.

References

Definition of Done

Lock file and package.json verified present
Dependencies categorized and prioritized (peer deps first)
Security audit completed (critical blocks upgrade)
Outdated packages identified via npm/yarn/pnpm outdated
Breaking changes detected via breaking_changes_patterns.md and MCP tools
Upgrades applied in priority order with rollback on failure
Build and type checks pass after upgrades
Report returned with major/minor/patch counts, migrations, and build status

Version: 1.1.0 Last Updated: 2026-01-10

Source

git clone https://github.com/levnikolaevich/claude-code-skills/blob/master/ln-711-npm-upgrader/SKILL.mdView on GitHub

Overview

ln-711-npm-upgrader upgrades Node.js dependencies using npm, yarn, or pnpm with automatic breaking change detection and migration. It updates package.json and lock files, and generates a migration report to document changes and rationale. The workflow emphasizes pre-flight checks, security audits, and a guided upgrade path to minimize build breaks.

How This Skill Works

The tool reads package.json, classifies dependencies by priority, checks for outdated packages, and compares current vs latest major versions. It loads breaking_changes_patterns.md for known patterns and follows the phase sequence: Pre-flight, Analyze, Security Audit, Check Outdated, Identify Breaking Changes, Apply Upgrades, Apply Migrations, Verify Build, and Report to guide upgrades. It outputs updated package.json, the corresponding lock file, and a migration report to document changes and rationale.

When to Use It

You're upgrading dependencies in a Node.js project that uses npm, yarn, or pnpm.
You need to detect and handle breaking changes when upgrading major versions.
You want to ensure a lock file exists before upgrading.
You require a migration plan and documented changes via a migration report.
You need post-upgrade verification by running a build to confirm changes.

Quick Start

Step 1: Point the upgrader at your project path and select the package manager (npm, yarn, or pnpm).
Step 2: Run the workflow to analyze, upgrade, and migrate dependencies; review the migration report.
Step 3: Run a local build, verify changes, and commit updated package.json, lock file, and migration notes.

Best Practices

Ensure the coordinator has a backup and the repo is clean before starting (per Phase 0).
Check for the appropriate lock file (package-lock.json, yarn.lock, or pnpm-lock.yaml) before proceeding.
Read package.json and prioritize peer dependencies first (Phase 1).
Run a security audit and address critical/high findings before applying upgrades (Phase 2).
After upgrades, verify the build and review the migration report to confirm stability.

Example Use Cases

Upgrade a React + Vite project from React 18 to 19 and Vite 5 to 6, while detecting ESM-only changes.
In a Yarn Berry monorepo, upgrade tailwindcss from 3 to 4 and align related UI libs.
In a TypeScript-heavy project, update @types/* and typescript, handling peer dependencies first.
Resolve an ERESOLVE error by applying legacy-peer-deps as a last resort during upgrades.
Run the build after upgrades and generate a migration report to document changes.

Frequently Asked Questions

Add this skill to your agents