Dependency Analyzer Skill

Purpose

The Dependency Analyzer skill provides comprehensive dependency analysis capabilities for Python projects. It parses dependency configuration files (requirements.txt, pyproject.toml), builds dependency trees, detects version conflicts, and checks compatibility constraints.

Key Functions:

• Parse and analyze current project dependencies

• Identify new dependencies required for features

• Build visual dependency trees

• Detect version conflicts and incompatibilities

• Check compatibility across Python versions

• Generate structured dependency reports

When to Use

Use this skill when you need to:

• Analyze current project dependencies before adding new features

• Identify all dependencies required for a new feature implementation

• Detect version conflicts between dependencies

• Build dependency trees to understand package relationships

• Verify compatibility of new dependencies with existing ones

• Generate dependency reports for documentation

Typical Scenarios:

• Phase 2 design (dependency analysis for PRP)

• Pre-implementation dependency planning

• Dependency upgrade planning

• Conflict resolution

• Security vulnerability assessment (dependency version analysis)

Workflow

1. Parse Current Dependencies

Action: Read and parse all dependency configuration files in the project

Check for requirements.txt

if [ -f requirements.txt ]; then echo "Found requirements.txt" cat requirements.txt fi

Check for pyproject.toml

if [ -f pyproject.toml ]; then echo "Found pyproject.toml" grep -A 30 "dependencies|requires" pyproject.toml fi

Check for setup.py

if [ -f setup.py ]; then echo "Found setup.py" grep -A 20 "install_requires|extras_require" setup.py fi

Output: Inventory of current dependencies with versions

2. Build Dependency Tree

Action: Use dependency-checker script to build complete dependency tree

python .claude/skills/dependency-analyzer/dependency-checker-script.py
--analyze
--project-root .
--output-format tree

Output: Visual dependency tree showing relationships

3. Identify New Dependencies

Action: Extract required libraries from feature analysis

Process:

• Read feature analysis document

• Extract library names from requirements section

• Determine package sources (PyPI, npm, etc.)

• Classify as core vs. development dependencies

• Research latest stable versions

Output: List of new dependencies with recommended versions

4. Check Compatibility

Action: Verify version compatibility and constraints

python .claude/skills/dependency-analyzer/dependency-checker-script.py
--check-compatibility
--new-deps "package1>=1.0,package2~=2.0"
--python-version "3.11"

Checks:

• Python version compatibility (3.11+)

• Dependency version constraints (>=, ~=, ^, ==)

• Breaking changes between versions

• Platform-specific requirements

Output: Compatibility report with warnings and recommendations

5. Detect Conflicts

Action: Identify version conflicts in dependency tree

python .claude/skills/dependency-analyzer/dependency-checker-script.py
--check-conflicts
--new-deps "package1,package2,package3"

Detects:

• Version conflicts (Package A requires B>=2.0, Package C requires B<2.0)

• Circular dependencies

• Incompatible package combinations

• Transitive dependency conflicts

Output: Conflict report with resolution strategies

Output Format

Dependency Analysis Report

Dependency Analysis

Current Dependencies (12 total)

Core Dependencies:

• requests==2.31.0 - HTTP library
• pydantic==2.5.0 - Data validation
• click==8.1.7 - CLI framework

Development Dependencies:

• pytest==7.4.3 - Testing framework
• black==23.12.0 - Code formatter
• mypy==1.7.1 - Type checker

New Dependencies Required (3 total)

Dependency Tree

project-root/ ├── requests==2.31.0 │ ├── urllib3>=1.21.1,<3 │ ├── certifi>=2017.4.17 │ └── charset-normalizer>=2,<4 ├── pydantic==2.5.0 │ ├── typing-extensions>=4.6.1 │ └── annotated-types>=0.4.0 └── [new] httpx>=0.27.0 ├── httpcore>=1.0.0 ├── certifi └── sniffio

Compatibility Check

✅ Python 3.11+ compatible ✅ No breaking changes detected ✅ All version constraints satisfied ⚠️ httpx and requests overlap (both HTTP clients)

Conflicts Detected

None - All dependencies compatible

Recommendations

1. Consider migrating from requests to httpx for async support
2. Pin versions in production: httpx==0.27.2
3. Update requirements.txt with new dependencies
4. Run pip install -r requirements.txt to verify installation

Best Practices

Version Specification

• Use version ranges for flexibility: package>=1.0,<2.0

• Pin exact versions in production: package==1.2.3

• Understand specifiers:

• =1.0

• Minimum version 1.0

• ~=1.2

• Compatible release (>=1.2, <2.0)

• ^1.2.3

• Caret (npm-style, rare in Python)

• ==1.2.3

• Exact version

Dependency Management

• Separate core and dev dependencies clearly

• Use pyproject.toml for modern Python projects

• Document dependency rationale in comments

• Regular updates to patch security vulnerabilities

• Test after updates to catch breaking changes

Conflict Resolution

• Identify conflict source (which packages require incompatible versions)

• Check if upgradeable (can Package A use newer B?)

• Find compatible versions (use compatibility matrix)

• Test resolution with dry-run installation

• Document resolution in dependency report

Supporting Resources

dependency-checker-script.py

Location: .claude/skills/dependency-analyzer/dependency-checker-script.py

Usage:

Analyze current dependencies

python dependency-checker-script.py --analyze --project-root .

Check compatibility

python dependency-checker-script.py --check-compatibility
--new-deps "httpx>=0.27.0,pydantic-settings>=2.0"

Detect conflicts

python dependency-checker-script.py --check-conflicts
--new-deps "package1,package2"

Generate full report

python dependency-checker-script.py --full-report
--output dependency-report.md

Features:

• Parse requirements.txt, pyproject.toml, setup.py

• Build dependency trees

• Check version compatibility

• Detect conflicts

• Query PyPI for latest versions

• Generate markdown reports

compatibility-matrix.md

Location: .claude/skills/dependency-analyzer/compatibility-matrix.md

Contents:

• Common Python library compatibility rules

• Known incompatible package combinations

• Platform-specific dependency notes

• Python version compatibility matrix

• Resolution strategies for common conflicts

Example Usage

Scenario 1: Pre-Feature Dependency Analysis

Input: Feature requires webhook notifications with async HTTP

Process:

• Parse current dependencies → Find requests==2.31.0

• Identify new dependencies → Need httpx for async support

• Check compatibility → httpx>=0.27.0 compatible with Python 3.11+

• Detect conflicts → No conflicts (httpx and requests can coexist)

• Generate report → Structured dependency analysis

Output:

New Dependencies Required

• httpx>=0.27.0 - Async HTTP client for webhook delivery

Compatibility: ✅ Compatible

• Python 3.11+ supported
• No conflicts with existing dependencies

Installation:

pip install httpx>=0.27.0

Scenario 2: Conflict Detection

Input: Feature requires package-a>=2.0
 but existing package-b
 requires package-a<2.0

Process:

- Analyze current dependencies → Find package-b==1.5
 requires package-a<2.0

- Check new requirements → Feature needs package-a>=2.0

- Detect conflict → Version conflict detected

- Research solutions → Check if package-b>=2.0
 supports package-a>=2.0

- Generate report → Conflict report with resolution strategy

Output:

### Conflicts Detected
**Conflict**: package-a version conflict
- Feature requires: package-a>=2.0
- package-b==1.5 requires: package-a<2.0

**Resolution Strategy**:
1. Upgrade package-b to 2.0.0 (supports package-a>=2.0)
2. Update requirements.txt:
   - package-a>=2.0
   - package-b>=2.0

**Validation**:
```bash
pip install --dry-run package-a>=2.0 package-b>=2.0

## Integration with Feature Implementation Flow

**Input**: Analysis document with dependencies section

**Process**:
1. Dependency Manager agent activates this skill
2. Skill parses current dependencies from project files
3. Skill extracts new dependencies from analysis document
4. Skill checks compatibility and detects conflicts
5. Skill generates structured dependency report

**Output**: Dependency analysis section for PRP

**Next Step**: Design Orchestrator synthesizes dependency analysis into complete PRP

## Error Handling

### Common Errors

**Missing dependency file**:

Error: No dependency configuration file found
Resolution: Create requirements.txt or pyproject.toml

**Invalid version specifier**:

Error: Invalid version specifier "package>=abc"
Resolution: Use valid version format (e.g., "package>=1.0.0")

**Conflict detected**:

Warning: Version conflict detected
Action: Review conflict report and apply resolution strategy

**PyPI query failure**:

Error: Failed to query PyPI for package "xyz"
Resolution: Check network connectivity or package name spelling

## Advanced Features

### Custom Compatibility Rules

Define project-specific compatibility rules in `compatibility-matrix.md`:

```yaml
# Example rule
package-a:
  python: ">=3.11"
  conflicts:
    - package-b<2.0
  recommends:
    - package-c>=1.0

Dependency Tree Visualization

Generate visual dependency trees for documentation:

python dependency-checker-script.py --analyze --format tree --output tree.txt

Output:

myproject==1.0.0
├── requests==2.31.0
│   ├── urllib3>=1.21.1,<3
│   ├── certifi>=2017.4.17
│   └── charset-normalizer>=2,<4
├── pydantic==2.5.0
│   ├── typing-extensions>=4.6.1
│   └── annotated-types>=0.4.0
└── httpx==0.27.2
    ├── httpcore==1.0.2
    ├── certifi
    └── sniffio

Version: 2.0.0
Agent: @dependency-manager
Phase: 2 (Design & Planning)
Created: 2025-10-29