Workflow Maintenance

Audit Dependencies

Periodic workflow for reviewing dependency health and security

maintenancedependenciessecurity
CLAUDE.md

When auditing project dependencies:

  1. Run the security audit tool: npm audit, pip audit, cargo audit, or equivalent.
  2. Fix or update packages with critical or high vulnerabilities immediately.
  3. Check for deprecated packages. Find maintained alternatives.
  4. Check for unused dependencies. Remove any that aren’t imported anywhere.
  5. Check for outdated dependencies. Note which are more than 2 major versions behind.
  6. Create issues or PRs for each upgrade needed, prioritized by security risk.
  7. Run the full test suite after each update to verify compatibility.

Copy this workflow into your CLAUDE.md or agent config file so your agent follows this process automatically.

get crystl