📝 Summary
bumpgen bumps your TypeScript / TSX dependencies and makes code changes for you if anything breaks.
.gif)
Here's a common scenario:
you: "I should upgrade to the latest version of x, it has banging new features and impressive performance improvements"
you (5 minutes later): nevermind, that broke a bunch of stuff
Then use bumpgen!
How does it work?
bumpgenbuilds your project to understand what broke when a dependency was bumped- Then
bumpgenuses ts-morph to create an abstract syntax tree from your code, to understand the relationships between statements - It also uses the AST to get type definitions for external methods to understand how to use new package versions
bumpgenthen creates a plan graph DAG to execute things in the correct order to handle propagating changes (ref: arxiv 2309.12499)
[!NOTE]
bumpgenonly supports typescript and tsx at the moment, but we're working on adding support for other strongly typed languages. Hit the emoji button on our open issues for Java, golang, C# and Python to request support.
🚀 Get Started
To get started, you'll need an OpenAI API key. gpt-4-turbo-preview from OpenAI is the only supported model at this time, though we plan on supporting more soon.
Then, run bumpgen:
> export LLM_API_KEY="<openai-api-key>"
> cd ~/my-repository
> npm install -g bumpgen
> bumpgen @tanstack/react-query 5.28.14
where @tanstack/react-query is the package you want to bump and 5.28.14 is the version you want to bump to.
You can also run bumpgen without arguments and select which package to upgrade from the menu. Use bumpgen --help for a complete list of options.
Github Action
We've created a GitHub action that can be used to run bumpgen. The intended usage is to be triggered on dependabot or renovatebot PRs - if breaking changes are detected, bumpgen will commit to the PR branch.
[!NOTE] The action commits changes to the branch it was triggered from. If you would like those commits to trigger other CI workflows, you will need to use a GitHub Personal Access Token.
Example Workflow
name: "Bumpgen"
on:
pull_request:
types:
- opened
permissions:
pull-requests: read
contents: write
jobs:
main:
name: Run Bumpgen
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.user.login == 'dependabot[bot]'}} # Use renovate[bot] for renovate PRs
steps:
- uses: actions/checkout@v4
- name: Setup # Checkout and setup your project before running the bumpgen action
uses: ./tooling/github/setup
- name: Bumpgen
uses: xeol-io/bumpgen@v0.0.1
with:
path: "./packages/bumpgen-core/" # The location of your project's package.json file
llm_key: ${{ secrets.LLM_API_KEY }}
github_token: ${{ secrets.GITHUB_TOKEN }}
[!NOTE] If you'd like to be first in line to try the
bumpgenGitHub App to replace your usage of dependabot + renovatebot, sign up here.
Limitations
There are some limitations you should know about.
bumpgenrelies on build errors to determine what needs to be fixed. If an issue is caused by a behavioral change,bumpgenwon't detect it.bumpgencan't handle multiple packages at the same time. It will fail to upgrade packages that require peer dependencies to be updated the same time to work such as@octokit/coreand@octokit/plugin-retry.bumpgenis not good with very large frameworks likevue. These kind of upgrades (and vue 2 -> 3 specifically) can be arduous even for a human.
🏙️ Architecture
> bumpgen @tanstack/react-query 5.28.14
│
┌┬─────▼──────────────────────────────────────────────────────────────────────┐
││ CLI │
└┴─────┬──▲───────────────────────────────────────────────────────────────────┘
│ │
┌┬─────▼──┴───────────────────────────────────────────────────────────────────┐
││ Core (Codeplan) │
││ │
││ ┌───────────────────────────────────┐ ┌──────────────────────────────────┐ │
││ │ Plan Graph │ │ Abstract Syntax Tree │ │
││ │ │ │ │ │
││ │ │ │ │ │
││ │ ┌─┐ │ │ ┌─┐ │ │
││ │ ┌──┴─┘ │ │ ┌──┴─┴──┐ │ │
││ │ │ │ │ │ │ │ │
││ │ ┌▼┐ ┌──┼─┼──┐ ┌▼┐ ┌▼┐ │ │
││ │ └─┴──┐ │ │ │ │ ┌──┴─┴──┐ └─┘ │ │
││ │ │ │ │ ▼ │ │ │ │
││ │ ┌▼┐ ▲ │ │ ┌▼┐ ┌▼┐ │ │
││ │ └─┴──┐ │ │ │ │ └─┘ ┌──┴─┴──┐ │ │
││ │ │ └──┼─┼──┘ │ │ │ │
││ │ ┌▼┐ │ │ ┌▼┐ ┌▼┐ │ │
││ │ └─┘ │ │ └─┘ └─┘ │ │
││ │ │ │ │ │
││ │ │ │ │ │
││ │ │ │ │ │
││ │ │ │ │ │
││ └───────────────────────────────────┘ └──────────────────────────────────┘ │
││ │
└┴─────┬──▲───────────────────────────────────────────────────────────────────┘
│ │
┌┬─────▼──┴───────────────────────────┐ ┌┬───────────────────────────────────┐
││ Prompt Context │ ││ LLM │
││ │ ││ │
││ - plan graph │ ││ GPT4-Turbo, Claude 3, BYOM │
││ - errors ├──►│ │
││ - code │ ││ │
││ ◄──┼│ │
││ │ ││ │
││ │ ││ │
││ │ ││ │
└┴────────────────────────────────────┘ └┴───────────────────────────────────┘
Abstract Syntax Tree
The AST is generated from ts-morph. This AST allows bumpgen to understand the relationship between nodes in a codebase.
Plan Graph
The plan graph is a concept detailed in codeplan by Microsoft. The plan graph allows bumpgen to not only fix an issue at a point but also fix the 2nd order breaking changes from the fix itself. In short, it allows bumpgen to propagate a fix to the rest of the codebase.
Prompt Context
We pass the plan graph, the error, and the actual file with the breaking change as context to the LLM to maximize its ability to fix the issue.
LLM
We only support gpt-4-turbo-preview at this time.
⏱️ Benchmark
bumpgen + GPT-4 Turbo ██████████░░░░░░░░░░░ 45% (67 tasks)
We benchmarked bumpgen with GPT-4 Turbo against a suite of version bumps with breaking changes. You can check out the evals here.
🎁 Contributing
Contributions are welcome! To get set up for development, see Development.
Roadmap
- [x] codeplan
- [x] Typescript/TSX support
- [ ]
bumpgenGitHub app - [ ] Embeddings for different package versions
- [ ] Use test runners as an oracle
- [ ] C# support
- [ ] Java support
- [ ] Go support
Join our Discord community to contribute, learn more, and ask questions!