update-deps

# Update Dependencies Update project dependencies safely: reconcile open Dependabot PRs into one unified change, run the project's security audit, validate boot-affecting changes against the real CI environment, and open a single PR — instead of stopping at local commits. This skill is framework-agnostic. It **detects** the project's package manager, test/lint commands, audit suite, and CI workflow rather than assuming a stack. ## Command Options - `--dry-run`: Show what would be updated without making changes - `--major`: Include major version updates (default: minor/patch only) - `--package <name>`: Update specific package only - `--skip-tests`: Skip running tests between updates ## Workflow at a glance ```text Detect → Reconcile Dependabot → Update → Audit → Validate on real CI → Open PR → Verify auto-close ``` Each stage feeds the next. Don't skip the audit or the real-CI validation for boot-affecting changes — those are the two stages that catch what local tests can't. ## Your task ### 1. Detect the environment (do not hardcode) Detect both the package manager **and** the project's real entry points. The runners below are common defaults, not assumptions — always confirm against what the repo actually uses. - **Package manager**: - `package.json` (npm/yarn/pnpm) — check the lockfile to disambiguate - `Gemfile` (bundler) - `requirements.txt` / `pyproject.toml` (pip/poetry/uv) - `Cargo.toml` (cargo) - `go.mod` (go modules) - **Test/lint/CI entry points...