A Claude Code plugin marketplace for dependency management tools.
/plugin marketplace add bastidood/dependency-wrangler
/plugin install dependabump@dependency-wranglerOrchestrates dependency bumping across package managers: npm, pnpm, yarn, bun, uv, and cargo.
/dependabump:bump-dependencies <package-manager>| Flag | Effect |
|---|---|
--include-major |
Include major version bumps (deferred by default) |
--include-patch |
Analyze patch bumps (assumed safe by default) |
The workflow detects outdated packages, scrapes changelogs, assesses codebase impact, and proposes a staged upgrade plan ordered from safest to riskiest.
Warning
Running this workflow across ~20 dependencies can consume up to half of the 5-hour rate limits in a $100 Claude Max subscription. With ~40 parallelized dependencies, you may even hit rate limits on a single run entirely.
This is why the --include-major and --include-patch flags are disabled by default. Typically, most unexpected breaking changes occur in minor version bumps anyway.
But, it's still better to not be in this situation in the first place. When it comes to dependency management, it's far easier to keep up than catch up.
flowchart TD
orchestrator["/dependabump:bump-dependencies"] --> finder
finder["Dependency Finder
(Haiku)"]
finder -- outdated list --> fan_out
fan_out{"Fan-out per Package"}
fan_out -- "pkg-1" --> scraper_1["Changelog Scraper
(Sonnet)"]
fan_out -- "pkg-2" --> scraper_2["Changelog Scraper
(Sonnet)"]
fan_out -- "pkg-N" --> scraper_n["Changelog Scraper
(Sonnet)"]
scraper_1 --> join{Join}
scraper_2 --> join
scraper_n --> join
join -- changelogs --> assessor["Impact Assessor
(Opus)"]
assessor -- verdicts --> planner["Refactor Planner
(Sonnet)"]
planner -- staged plan --> present([Ask How to Proceed])
Intermediate results are written to a .dependabump/ scratch directory. Please add this to your .gitignore file.
.dependabump/
├── changelogs/*.md # per-package changelog summaries
└── impact.md # consolidated codebase impact reportPrerequisites
- This GitHub CLI:
gh - The package manager you intend to bump:
npm,pnpm,cargo+cargo-outdated,uv, etc.