From 5a735aa4dd57817dc900ba852ab983b06c5e82bb Mon Sep 17 00:00:00 2001 From: brianhdk Date: Mon, 16 Feb 2026 15:14:01 +0100 Subject: [PATCH] docs(skills): preserve npm/nuget version ranges in upgrades --- .agents/skills/upgrade-dependencies/SKILL.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.agents/skills/upgrade-dependencies/SKILL.md b/.agents/skills/upgrade-dependencies/SKILL.md index ea0382b4..ad7f36c6 100644 --- a/.agents/skills/upgrade-dependencies/SKILL.md +++ b/.agents/skills/upgrade-dependencies/SKILL.md @@ -67,6 +67,14 @@ Create and switch: git switch -c $branchName ``` +## Version Range Preservation Rules +Preserve existing version-range declarations when upgrading dependencies. + +- npm: If the current declaration uses comparator-range syntax (for example `>=1.1.6 <2.0.0`), keep it unchanged and do not rewrite it to caret/tilde/exact forms. +- Skip upgrade commands for dependencies already declared as ranges under the rules above. +- You may still report recommended minimum-version bumps when vulnerabilities or critical fixes are identified. + + ## Discover npm Manifests Discover all `package.json` files, excluding `node_modules`. @@ -117,6 +125,11 @@ Notes: - Keep lockfile updates generated by npm commands. - Ignore root `package-lock.json` if no root `package.json` exists. +Before running `npm install "$pkg@latest"` for each package, inspect the current declaration in `dependencies` or `devDependencies`: +- If the current declaration uses comparator-range syntax (for example `>=1.1.6 <2.0.0`), skip that package and keep the declaration unchanged. +- Do not rewrite comparator ranges to caret, tilde, or exact-version declarations. +- Record skipped ranged npm packages and any recommended minimum-version bumps in both PR summary and final output. + ## Resolve Upgrade Fallout Fix compatibility issues directly caused by dependency upgrades: - API or signature changes @@ -168,6 +181,7 @@ __TRELLO_CARD_URL__ ## Summary - +- ## Validation - `npm run build` (in `packages/web-components`): @@ -203,5 +217,6 @@ Provide a final summary with: - upgraded npm packages grouped by manifest path - compatibility fixes applied - results for each validation command +- skipped ranged dependencies kept unchanged, with recommended minimum-version bumps when applicable. - pushed branch URL - PR URL, or exact manual fallback instructions when automated PR creation is unavailable