dependency-conflict-resolver

What problem does it solve?

Manually evaluating new dependencies for version conflicts, security vulnerabilities (CVEs), license compatibility, and maintenance status is a time-consuming and error-prone process for architects. This skill automates 80% of this work, reducing evaluation time from 120 minutes to just 20 minutes.

Core Features & Use Cases

• Conflict Detection: Checks for version conflicts with existing project dependencies.
• Security Scanning: Scans for known CVEs using safety, OSV, and GitHub advisories.
• License Verification: Ensures compatibility with the project's license (e.g., MIT).
• Maintenance Evaluation: Scores package health based on release frequency, GitHub activity, and open issues.
• Alternative Suggestions: Recommends 2-3 alternative packages from PyPI with pros and cons.
• ADR Draft Generation: Automatically generates an 80% complete Architectural Decision Record (ADR) draft for the dependency.
• Use Case: A code_developer requests the redis package for caching. The architect uses this skill to instantly get a full evaluation report, including security, license, maintenance, and alternatives, allowing them to make a quick, informed decision and generate an ADR draft in minutes.

Quick Start

# Check version conflicts for 'redis'
python scripts/version_checker.py --package redis --constraint ">=5.0"

# Scan 'redis' for CVEs
python scripts/security_scanner.py --package redis --version 5.0.8

# Generate a full evaluation report and ADR draft
python scripts/report_generator.py \
  --package redis \
  --purpose "caching layer implementation" \
  --version-check results/version_check.json \
  --security-scan results/security_scan.json \
  --license-check results/license_check.json \
  --maintenance results/maintenance.json \
  --dependency-tree results/dependency_tree.json \
  --alternatives results/alternatives.json \
  --output docs/architecture/decisions/ADR-XXX-dependency-redis-draft.md