dependency-management
Über
Diese Claude-Skill erzwingt die Installation fester Versionsabhängigkeiten über alle Paketmanager hinweg, um reproduzierbare Builds, Lieferketten-Sicherheit und Stabilität zu gewährleisten. Sie bietet Anleitungen zur Installation von Paketen, zur Aktualisierung von Abhängigkeiten und zur Arbeit mit Konfigurationsdateien wie package.json und requirements.txt. Nutzen Sie sie bei der Überprüfung von Abhängigkeitskonfigurationen oder der Konfiguration von CI/CD-Pipelines, um konsistente Abhängigkeitsverwaltungspraktiken beizubehalten.
Schnellinstallation
Claude Code
Empfohlennpx skills add KubrickCode/ai-config-toolkit/plugin add https://github.com/KubrickCode/ai-config-toolkitgit clone https://github.com/KubrickCode/ai-config-toolkit.git ~/.claude/skills/dependency-managementKopieren Sie diesen Befehl und fügen Sie ihn in Claude Code ein, um diese Fähigkeit zu installieren
Dokumentation
Dependency Management
Basic Principles
Always Use Exact Versions
- Use exact versions only:
[email protected] - Forbid:
^1.2.3,~1.2.3,latest,*, version ranges - Exception: Library peerDependencies only
Lock Files Are Mandatory
- Always commit to version control
- Forbid manual editing
- CI/CD must use frozen/locked mode
Security Audit First
- Check vulnerabilities before installation
- Automate regular audits
Installation Commands
# Node.js
npm install --save-exact [email protected]
pnpm add --save-exact [email protected]
yarn add --exact [email protected]
# Python
pip install package==1.2.3
poetry add [email protected]
# Go
go get [email protected]
# Rust
cargo add package@=1.2.3
# PHP
composer require vendor/package:1.2.3
# Ruby (Gemfile)
gem 'package', '1.2.3'
# Java/Kotlin
implementation("group:artifact:1.2.3") # Gradle
<version>1.2.3</version> # Maven
# .NET
dotnet add package PackageName --version 1.2.3
CI/CD Commands
npm ci # npm
pnpm install --frozen-lockfile # pnpm
yarn install --frozen-lockfile # yarn
poetry install --no-update # poetry
go mod verify # go
cargo build --locked # rust
composer install --no-update # php
bundle install --frozen # ruby
dotnet restore --locked-mode # .NET
Common Mistakes
| ❌ Wrong | ✅ Correct |
|---|---|
npm install (CI) | npm ci |
package@latest | [email protected] |
package@^1.2.3 | [email protected] |
| Lock file in .gitignore | Commit lock file |
| Manual lock file editing | Regenerate via package manager |
GitHub Repository
Verwandte Skills
content-collections
MetaThis skill provides a production-tested setup for Content Collections, a TypeScript-first tool that transforms Markdown/MDX files into type-safe data collections with Zod validation. Use it when building blogs, documentation sites, or content-heavy Vite + React applications to ensure type safety and automatic content validation. It covers everything from Vite plugin configuration and MDX compilation to deployment optimization and schema validation.
polymarket
MetaThis skill enables developers to build applications with the Polymarket prediction markets platform, including API integration for trading and market data. It also provides real-time data streaming via WebSocket to monitor live trades and market activity. Use it for implementing trading strategies or creating tools that process live market updates.
creating-opencode-plugins
MetaThis skill helps developers create OpenCode plugins that hook into 25+ event types like commands, files, and LSP operations. It provides the plugin structure, event API specifications, and implementation patterns for JavaScript/TypeScript modules. Use it when you need to intercept, monitor, or extend the OpenCode AI assistant's lifecycle with custom event-driven logic.
himalaya-email-manager
KommunikationThis Claude Skill enables email management through the Himalaya CLI tool using IMAP. It allows developers to search, summarize, and delete emails from an IMAP account with natural language queries. Use it for automated email workflows like getting daily summaries or performing batch operations directly from Claude.