Updating Dependencies

Update Modes#

SlyDuck offers different update strategies based on the type of version change:

• Direct Commit: For patch updates (1.0.0 → 1.0.1) — commits directly to main branch
• Pull Request: For minor (1.0.0 → 1.1.0) and major (1.0.0 → 2.0.0) updates — creates a PR for review

This approach balances speed for safe changes with review for potentially breaking changes.

Direct Commit (Patch)#

Patch updates are low-risk and typically contain bug fixes only. SlyDuck commits these directly to your main branch:

1. Click the Update button next to a patch update
2. SlyDuck commits the package.json change directly
3. Your CI/CD pipeline deploys the change (if configured)

Why Direct Commits for Patches?

Patch updates follow semantic versioning (semver) and should not contain breaking changes. Direct commits speed up your workflow for routine maintenance.

Pull Request (Minor/Major)#

Minor and major updates may contain new features or breaking changes. SlyDuck creates a pull request for review:

1. Click the Update button next to a minor or major update
2. SlyDuck creates a new branch and commits the change
3. A pull request is opened for your review
4. Review the changelog and test before merging

Reviewing Updates

Before merging a dependency update PR:

• Check the package changelog for breaking changes
• Let your CI/CD tests run against the PR
• Test locally if the package is critical to your app

Safe Update All#

The Safe Update All button updates all patch-level dependencies at once:

• Only includes patch updates (1.0.x changes)
• Creates a single commit with all changes
• Skips any minor or major updates

This is the fastest way to keep your dependencies current without risking breaking changes.