Audits JavaScript and TypeScript package manifests to find outdated, conflicting, missing, misclassified, and unused dependencies with root-cause analysis. Use when inspecting package.json, lockfiles, peer dependency issues, package drift, broken installs, or import-to-package mismatches.
Use this skill when the task involves dependency health in a JavaScript or TypeScript repository, especially when the user asks to:
package.jsonDo not stop at symptoms. Classify each issue under one primary cause:
graph-conflict: incompatible versions or unmet peer requirements in the
resolved dependency graphmanifest-drift: imported packages are missing from the manifest, or the
manifest declares packages not reflected in actual usageboundary-misclassification: runtime packages live in devDependencies, or
build/test-only packages live in dependenciesupdate-lag: packages are behind supported or desirable versionslockfile-divergence: package.json and the lockfile no longer represent
the same install stateLead with the cause, then explain the visible symptom.
packageManager, lockfiles, workspace config, and override rules as
part of the dependency contract.Capture the following before auditing:
dependenciesdevDependenciespeerDependenciesoptionalDependenciesworkspace:, file:, or link:Look for:
Always trace suspicious packages back to the reason they are installed.
devDependencies.devDependencies.knip, prefer it before adding
new tooling.Use this structure:
# Dependency Audit
## Conflicting
- Package:
- Evidence:
- Root cause:
- Risk:
- Next step:
## Outdated
- Package:
- Current:
- Wanted or latest:
- Upgrade risk:
- Recommendation:
## Missing
- Package:
- Imported from:
- Expected section:
- Root cause:
## Misclassified
- Package:
- Current section:
- Expected section:
- Evidence:
## Unused
- Package:
- Why it looks unused:
- Confidence:
## Lockfile Drift
- Evidence:
- Impact:
## Recommended Next Steps
1. ...
2. ...
Be especially careful with version coupling in these families:
react, react-dom, framework adaptersnext, React versions, and related type packagestypescript, typescript-eslint, ESLint core, and parser plugins@tiptap/*For command selection and comparison heuristics, see: