Skip to content

Releases: alvarose/android-update-deps

android-update-deps 1.1.3

Choose a tag to compare

@alvarose alvarose released this 11 Jul 09:56

Patch: navigate toolchain incompatibilities (both from real runs).

  • AGP 9 built-in Kotlin cap — on AGP 9+ (which ships a built-in Kotlin), KSP must be compatible with that built-in Kotlin, which can cap how far Kotlin/KSP can be bumped; verify the matrix before proposing a Kotlin bump.
  • Step-down on verify failure — when a bump won't compile, try the highest version that still compiles before reverting outright (a library's latest may pull a too-new kotlin-stdlib the project's compiler can't read, while the previous minor works — e.g. Coil 3.5.03.4.0).

Update: /plugin update android-update-deps@alvarose. Full CHANGELOG.

android-update-deps 1.1.2

Choose a tag to compare

@alvarose alvarose released this 11 Jul 09:50

Patch: resilient detection. If dependencyUpdates won't run (a ben-manes × Gradle incompatibility — e.g. ConcurrentModificationException on some Gradle 9.x), the skill now tries a newer ben-manes with --no-parallel, and if it still fails, falls back to manual metadata detection: the JitPack maven-metadata.xml technique generalizes to any repository (Maven Central, Google's Maven repo), so detection is never blocked by the plugin.

Update: /plugin update android-update-deps@alvarose. Full CHANGELOG.

android-update-deps 1.1.1

Choose a tag to compare

@alvarose alvarose released this 11 Jul 09:40

Patch: robust temporary ben-manes install.

When the skill adds the ben-manes plugin to a project that doesn't have it, it now uses the plugin's latest stable version (not a pinned old one — a dependency-update tool shouldn't introduce an outdated dependency) and configures it for the flow: outputFormatter = "json,plain" (so the aggregate script finds report.json), gradleReleaseChannel = "current" (wrapper detection), and a rejectVersionIf {} that skips pre-releases — then reverts it after the report.

Update: /plugin update android-update-deps@alvarose. Full CHANGELOG.

android-update-deps 1.1.0

Choose a tag to compare

@alvarose alvarose released this 11 Jul 08:09

Behavioral & scope refinements. Install/update:

/plugin marketplace add alvarose/android-update-deps
/plugin update android-update-deps@alvarose

What's new

  • Blocking toolchain bumps always need their own explicit yes — Kotlin (with coupled KSP/Compose Compiler), AGP, and the Gradle wrapper never sit in the "safe" batch, even for a minor/patch.
  • Explicit KSP handling — a coupled KSP bump rides Kotlin's confirmation; a standalone KSP bump (same Kotlin line) is "handle with care" (it drives Room/Hilt annotation processing), not "safe".
  • Gradle wrapper detectionaggregate-updates.py now surfaces the wrapper update from the report's gradle section.
  • SDK-level scopecompileSdk only when a dependency requires it (coupled, own confirmation); targetSdk out of scope (behavior migration, flagged); minSdk flagged when a dependency raises the effective minimum.

Full list in the CHANGELOG.

android-update-deps 1.0.0

Choose a tag to compare

@alvarose alvarose released this 10 Jul 17:03

First public release — now installable as a Claude Code plugin.

Install

/plugin marketplace add alvarose/android-update-deps
/plugin install android-update-deps@alvarose

Or clone into ~/.claude/skills/android-update-deps, or grab the .skill below.

What it does

A skill for the safe, gated review and update of dependencies in an Android (Kotlin/Gradle) project using a Gradle version catalog: detect → analyze risk → propose (waits for you) → apply → verify with :app:assembleDebug → commit on a branch.

  • JitPack (com.github.*) checked by hand (the ben-manes plugin's blind spot).
  • BOM-aware (Compose/Firebase) and coupled-block aware (Kotlin ↔ KSP ↔ Compose Compiler, AGP ↔ Gradle…).
  • Risk beyond semver: hidden compileSdk/AGP/Kotlin requirements, known vulnerabilities, licenses.
  • Commits on a branch (no push); mirrors your language (EN/ES).

See the README and CHANGELOG.