Skip to content

Instantly share code, notes, and snippets.

@skwashd

skwashd/README.md

Created February 9, 2026 03:03
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save skwashd/c14dccfd9a8e4df9ef1aae43cc9e2630 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save skwashd/c14dccfd9a8e4df9ef1aae43cc9e2630 to your computer and use it in GitHub Desktop.
Download ZIP
Update Python Dependencies
Raw
README.md

Update Python Dependencies with GitHub Copilot CLI

Dependabot is great, but it is tedious when you have a multiple pyproject.toml files to update. Multiple updates often mean dealing with merge conflicts.

This script solves that. It uses GitHub Copilot CLI to process all dependencies and update them.

Setup

  • Create a directory to store the files in (ie ~/prompts/ghcli)
  • Copy the 2 files below into the new directory
  • Make the shell script executable - chmod +x ~/prompts/ghcli/bump-deps.sh
  • Symlink the shell script your $PATH - ln -s ~/prompts/ghcli/bump-deps-uv.sh ~/.bin/bump-deps-uv

You're all set.

Usage

Run bump-deps-uv in any project directory. GitHub Copilot CLI will update your dependencies for you.

Model Selection

I tried using Claude Haiku 4.5 and GPT mini models. It was a case of getting what you paid for. They went off the rails more often than not. Sonnet performs well with the constrained prompt.

Disclaimer

Like with all things powered by an LLM, your mileage may vary.

Raw
bump-deps-uv.md

Update Python Dependencies

You need to update all the python dependencies in this project.

IMPORTANT: You are unable to redirect output or pipe commands. You must read the output of one command and invoke the next.

The shell commands you have available are:

  • git
  • sed
  • uv

All other shell commands are blocked.

The current version specifiers for each item must be maintained. If the current version is using strict versions (ie ==), this must retained. If it is at least (ie >=) then you must retain this constraint. If it is a range, then you must only increase the minimum version. If the new version increases the minimum equal to or higher than the top end of the constraint change it to an at least specification. If a compatible release clause is used, bump the version but maintain the specifier (ie ~=).

Ignore the contents of any .venv or venv directories.

To complete this task perform the following steps:

  1. Locate any directory that contains a pyproject.toml file.
  2. Change into the first directory you find
  3. Run uv pip list --outdated
  4. Identify all outdated direct dependencies. Ignore any transitive dependencies.
  5. Update the pyproject.toml file with the latest versions
  6. Run uv sync --upgrade to install the new versions
  7. Run git status to check if there are any changes. If there are no changes, jump to step 11 below.
  8. If this is first set of changes create a branch called bump-deps
  9. Commit the changes using the following message format "Update dependencies\n\n -> \n..." The packages must be listed in alphabetical order
  10. Make sure you committed the changes as per step 9 before moving on. If there are changes for this directory, there must be a git commit for it.
  11. If there are more directories with pyproject.toml files, change into the next directory and go to step 3 above
  12. If there are no more directories, output "Finished processing updates in: " and exit
Raw
bump-deps-uv.sh
#!/bin/sh
copilot -p ~/prompts/ghcli/bump-deps-uv.md --add-dir ~/prompts/ghcli --allow-tool 'shell(git:*)' --allow-tool 'shell(uv)' --allow-tool 'shell(sed)' --allow-tool 'write' --deny-tool 'shell(git push)'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment