npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

automated-dependency-updater

v1.0.5

Published

A CLI tool that automatically checks for outdated dependencies in Node.js projects and creates pull requests with updated versions, including changelog summaries.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

aagamshah11aagamshah11

Keywords

dependencyupdatercliautomationgithubgitlabbitbucket

Readme

Automated Dependency Updater CLI Tool

License npm

A CLI tool that automatically checks for outdated dependencies in Node.js projects and creates pull requests with updated versions, including changelog summaries.

Table of Contents

Features

  • Supports Multiple Package Managers: Works seamlessly with npm, Yarn, and pnpm.
  • Customizable Update Schedules: Schedule automated updates using cron expressions.
  • Integration with Major VCS Platforms: Supports GitHub, GitLab, and Bitbucket.
  • Automated Changelog Summaries: Includes changelog summaries in pull/merge requests.
  • Notifications: Sends email notifications on update statuses and failures.
  • Semantic Versioning Categorization: Automatically handles minor and patch updates while alerting for major updates requiring manual review.

Why It’s Needed

Keeping dependencies up-to-date is essential for:

  • Security: Reduces vulnerabilities by patching known issues.
  • Performance: Enhances application performance with optimized dependencies.
  • Maintenance: Saves time by automating the tedious process of dependency management.
  • Compliance: Ensures compatibility with the latest standards and practices.

Automating this process helps developers maintain their projects efficiently and minimizes the risk of outdated or vulnerable dependencies.

Installation

You can install the Automated Dependency Updater globally or use it via npx.

Using npm

npm install -g automated-dependency-updater

Using Yarn

yarn global add automated-dependency-updater

Using pnpm

pnpm add -g automated-dependency-updater

Using npx

You can run the updater without installing it globally:

npx automated-dependency-updater run

Configuration

Before using the updater, you need to configure environment variables for authentication and repository details.

1. Copy .env.example to .env

cp .env.example .env

2. Populate the .env File

Open the .env file and fill in the required details:

# GitHub Configuration
GITHUB_TOKEN=your_github_token
GITHUB_OWNER=your_github_username
GITHUB_REPO=your_repo_name
GITHUB_BASE_BRANCH=main

# GitLab Configuration
GITLAB_TOKEN=your_gitlab_token
GITLAB_PROJECT_ID=your_gitlab_project_id
GITLAB_BASE_BRANCH=main

# Bitbucket Configuration
BITBUCKET_TOKEN=your_bitbucket_token
BITBUCKET_WORKSPACE=your_bitbucket_workspace
BITBUCKET_REPO_SLUG=your_repo_slug
BITBUCKET_BASE_BRANCH=main

# Email Configuration
[email protected]
EMAIL_PASS=your_email_password
[email protected]

# Platform Configuration
PLATFORM=github  # Options: github, gitlab, bitbucket

🔑 Important:

  • Tokens and Permissions:
    • GitHub Token: Should have repo and workflow scopes.
    • GitLab Token: Should have api scope.
    • Bitbucket Token: Should have appropriate repository access scopes.
  • Email Credentials: Use application-specific passwords if using services like Gmail.
  • Security: Never commit your .env file to version control. Consider using secret management tools for enhanced security.

Usage

The CLI tool offers various commands and options to manage dependency updates effectively.

Run Updater Immediately

Execute the updater to check for outdated dependencies and create pull/merge requests.

dep-updater run

Or using npx:

npx automated-dependency-updater run

Schedule Updater

Schedule the updater to run automatically at specified intervals using cron expressions.

dep-updater schedule "0 0 * * SUN"

This example schedules the updater to run every Sunday at midnight.

Or using npx:

npx automated-dependency-updater schedule "0 0 * * SUN"

CLI Options

Enhance the functionality with additional options:

  • Specify Platform:

    Define the platform (github, gitlab, bitbucket) for pull/merge request creation.

    dep-updater run --platform gitlab

  • Enable Verbose Logging:

    Enable detailed logs for better insight during the update process.

    dep-updater run --verbose

  • Combine Options:

    Use multiple options simultaneously for tailored operations.

    dep-updater run --platform bitbucket --verbose

Default Command

You can also run the updater without specifying the run command explicitly:

dep-updater

Or using npx:

npx automated-dependency-updater

Supported Platforms

The updater supports integration with the following Version Control Systems (VCS) platforms:

  • GitHub: Create Pull Requests.
  • GitLab: Create Merge Requests.
  • Bitbucket: Create Pull Requests.

Ensure you have the necessary tokens and permissions configured in your .env file for the respective platforms.

Contributing

Contributions are welcome! Follow these steps to contribute to the project:

  1. Fork the Repository

  2. Clone Your Fork

    git clone https://github.com/AAGAM17/automated-dependency-updater.git
cd automated-dependency-updater

  3. Install Dependencies

    npm install

  4. Create a Feature Branch

    git checkout -b feature/YourFeatureName

  5. Commit Your Changes

    git commit -m "Add Your Feature"

  6. Push to Your Fork

    git push origin feature/YourFeatureName

  7. Open a Pull Request

    Visit the original repository and create a pull request from your fork.

Guidelines:

  • Code Quality: Ensure your code follows the project's coding standards and passes all tests.
  • Documentation: Update the README.md and other relevant documentation as needed.
  • Tests: Add or update tests to cover your changes.

License

This project is licensed under the MIT License.