{"id":48546700,"url":"https://github.com/dev-five-git/dependency-check-updates","last_synced_at":"2026-04-08T07:01:18.141Z","repository":{"id":344636908,"uuid":"1182322670","full_name":"dev-five-git/dependency-check-updates","owner":"dev-five-git","description":"Find and update newer versions of dependencies across your package manifests","archived":false,"fork":false,"pushed_at":"2026-04-07T11:52:28.000Z","size":143,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-07T12:24:30.328Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dev-five-git.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-15T11:09:46.000Z","updated_at":"2026-04-07T11:52:37.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/dev-five-git/dependency-check-updates","commit_stats":null,"previous_names":["dev-five-git/dependency-check-updates"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dev-five-git/dependency-check-updates","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fdependency-check-updates","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fdependency-check-updates/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fdependency-check-updates/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fdependency-check-updates/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dev-five-git","download_url":"https://codeload.github.com/dev-five-git/dependency-check-updates/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dev-five-git%2Fdependency-check-updates/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31544087,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T16:28:08.000Z","status":"online","status_checked_at":"2026-04-08T02:00:06.127Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-04-08T07:00:56.867Z","updated_at":"2026-04-08T07:01:18.129Z","avatar_url":"https://github.com/dev-five-git.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# dcu\n\n**Dependency Check \u0026 Update** — a fast, multi-ecosystem dependency updater written in Rust.\n\nLike [npm-check-updates](https://www.npmjs.com/package/npm-check-updates), but for every language.\n\n```\n$ dcu\nChecking Cargo.toml\n toml_edit  0.22  -\u003e  0.25.4\n\nRun dcu -u to upgrade Cargo.toml\n```\n\n## Features\n\n- **Multi-ecosystem** — `package.json`, `Cargo.toml`, `pyproject.toml` in a single tool\n- **Format-preserving** — surgical byte-range patching for JSON; `toml_edit` for TOML. Your indentation, comments, and line endings stay intact\n- **Fast** — concurrent registry lookups across all manifests (`futures::join_all`)\n- **Smart range checking** — skips false positives where the resolved version already satisfies the current range\n- **Deep scan** — `dcu -d` recursively finds manifests in monorepos, respecting `.gitignore`\n- **ncu-compatible UX** — same flags you already know\n\n## Supported Ecosystems\n\n| Ecosystem | Manifest | Registry | Crate |\n|-----------|----------|----------|-------|\n| Node.js | `package.json` | npm | `dcu-node` |\n| Rust | `Cargo.toml` | crates.io | `dcu-rust` |\n| Python | `pyproject.toml` | PyPI | `dcu-python` |\n\n## Installation\n\n```bash\n# Rust (cargo)\ncargo install dcu-cli\n\n# Node.js (npm/bun)\nnpm install -g @dcu/cli\nbun add -g @dcu/cli\n\n# Python (pip/uv)\npip install dependency-check-updates\nuv pip install dependency-check-updates\n```\n\n## Usage\n\n```bash\n# Check for outdated dependencies\ndcu\n\n# Apply updates\ndcu -u\n\n# Recursively scan monorepo\ndcu -d\ndcu -d -u\n\n# Target specific update level\ndcu -t patch     # only patch bumps\ndcu -t minor     # patch + minor bumps\ndcu -t latest    # latest stable (default)\n\n# Filter packages\ndcu react eslint            # only check these\ndcu -x typescript           # exclude these\n\n# Specific manifest\ndcu --manifest path/to/Cargo.toml\n\n# JSON output\ndcu --format json\n\n# CI mode (exit 1 if updates exist)\ndcu -e 2\n\n# Verbose logging\ndcu -v    # info\ndcu -vv   # debug\ndcu -vvv  # trace\n```\n\n## Architecture\n\nFollows the [changepacks](https://github.com/changepacks/changepacks) pattern — one crate per language ecosystem, with bridge crates for cross-language distribution:\n\n```\n.\n├── crates/\n│   ├── dcu-cli/       # Binary + async CLI orchestration\n│   ├── dcu-core/      # Shared traits (ManifestHandler, RegistryClient, Scanner)\n│   ├── dcu-node/      # Node.js: package.json parser + npm registry\n│   ├── dcu-rust/      # Rust: Cargo.toml parser (toml_edit) + crates.io\n│   ├── dcu-python/    # Python: pyproject.toml parser (toml_edit) + PyPI\n│   └── dcu-testkit/   # Test fixtures and helpers\n├── bridge/\n│   ├── node/          # napi-rs N-API binding → npm distribution (@dcu/cli)\n│   └── python/        # maturin bin binding → PyPI distribution (dependency-check-updates)\n├── Cargo.toml         # Workspace root\n└── package.json       # Bun workspace (build/lint/test scripts)\n```\n\n### Format Preservation\n\n- **JSON** (`package.json`): Surgical byte-range replacement — finds exact byte offsets of version values, replaces only those bytes. Indent, line endings, trailing newline, key ordering all preserved byte-for-byte.\n- **TOML** (`Cargo.toml`, `pyproject.toml`): `toml_edit` document model preserves comments, table ordering, inline table formatting, and whitespace.\n\n### Shared Traits\n\nEach ecosystem crate implements two core traits from `dcu-core`:\n\n- **`ManifestHandler`** — parse manifest files, collect dependencies, apply format-preserving updates\n- **`RegistryClient`** — resolve versions from package registries with concurrency control\n\n### Range Satisfaction\n\nBefore reporting an update, the resolver checks if the selected version already satisfies the current range (e.g., `^3` already covers `3.5.1`). This eliminates false positives that plague naive string comparison.\n\n## Development\n\n```bash\n# Install dependencies\nbun install\n\n# Build everything (CLI + napi + maturin)\nbun run build\n\n# Dev build\nbun run build:dev\n\n# Lint (clippy + fmt)\nbun run lint\n\n# Test\nbun run test\n\n# Run CLI\nbun run run -- --help\nbun run run -- --manifest Cargo.toml -v\n```\n\n## Inspirations\n\n- [npm-check-updates](https://github.com/raineorshine/npm-check-updates) — the original `ncu` that inspired dcu's UX and flag design\n- [changepacks](https://github.com/changepacks/changepacks) — workspace architecture pattern (crates/\\* + bridge/\\*), multi-language bridge distribution via napi-rs and maturin, and the overall project structure that dcu follows\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdev-five-git%2Fdependency-check-updates","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdev-five-git%2Fdependency-check-updates","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdev-five-git%2Fdependency-check-updates/lists"}