How do I install dependency-management?

Run `npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill dependency-management` in your terminal. You need to have run `npx skills init` once in your project first.

Which agent frameworks does dependency-management support?

dependency-management works with any agent framework supported by the Skills registry, including Claude Code, Cursor, GitHub Copilot, Cline, Codex, and Gemini CLI.

Is dependency-management free to use?

Yes. dependency-management is free to install and use. It is available from the open Skills registry published by aj-geddes.

Productivity

dependency-management▌

Name: dependency-management
Availability: InStock
Author: aj-geddes

aj-geddes/useful-ai-prompts · updated Apr 8, 2026

$npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill dependency-management

summary

Comprehensive dependency management across JavaScript/Node.js, Python, Ruby, Java, and other ecosystems. Covers version control, conflict resolution, security auditing, and best practices for maintaining healthy dependencies.

skill.md

Dependency Management

Overview
When to Use
Quick Start
Reference Guides
Best Practices

Overview

When to Use

Installing or updating project dependencies
Resolving version conflicts
Auditing security vulnerabilities
Managing lock files (package-lock.json, Gemfile.lock, etc.)
Implementing semantic versioning
Setting up monorepo dependencies
Optimizing dependency trees
Managing peer dependencies

Quick Start

Minimal working example:

# Initialize project
npm init -y

# Install dependencies
npm install express
npm install --save-dev jest
npm install --save-exact lodash  # Exact version

# Update dependencies
npm update
npm outdated  # Check for outdated packages

# Audit security
npm audit
npm audit fix

# Clean install from lock file
npm ci  # Use in CI/CD

# View dependency tree
npm list
npm list --depth=0  # Top-level only

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
Package Manager Basics	Package Manager Basics
Semantic Versioning (SemVer)	Semantic Versioning (SemVer)
Dependency Lock Files	Dependency Lock Files
Resolving Dependency Conflicts	Resolving Dependency Conflicts
Security Vulnerability Management	Security Vulnerability Management
Monorepo Dependency Management	Monorepo Dependency Management
Peer Dependencies	Peer Dependencies
Performance Optimization	Performance Optimization
CI/CD Best Practices	CI/CD Best Practices
Dependency Update Strategies	Dependency Update Strategies

Best Practices

✅ DO

Commit lock files to version control
Use npm ci or equivalent in CI/CD pipelines
Regular dependency audits (weekly/monthly)
Keep dependencies up-to-date (automate with Dependabot)
Use exact versions for critical dependencies
Document why specific versions are pinned
Test after updating dependencies
Use semantic versioning correctly
Minimize dependency count
Review dependency licenses

❌ DON'T

Manually edit lock files
Mix package managers (npm + yarn in same project)
Use npm install in CI/CD (use npm ci)
Ignore security vulnerabilities
Use wildcards (*) for versions
Install packages globally when local install is possible
Commit node_modules to git
Use latest tag in production
Blindly run npm audit fix
Install unnecessary dependencies