Skip to main content
Keeping dependencies up to date is critical for security, but major version upgrades often require code changes. Twill handles both—upgrading packages and fixing any breaking changes automatically.
Pull request showing Prisma dependency upgrade from 6.16.2 to 7.2.0

How It Works

  1. Forward the alert — Share a Dependabot alert, CVE report, or simply ask Twill to upgrade a package
  2. Twill investigates — Identifies affected packages, reads changelogs, and understands breaking changes
  3. Upgrades and adapts — Updates dependencies and modifies code to match new APIs
  4. Fixes CI failures — If tests or linting fail, Twill automatically investigates and pushes fixes

Example: Major Version Upgrade

Here’s a real example of Twill handling a Prisma upgrade from v6 to v7—a major version with breaking changes.

The Request

A user created a PR to bump @prisma/client from 6.16.2 to 7.2.0. When CI failed, they simply asked:
@twill can you fix?

Twill’s Response

Twill detected the CI failure and responded:
🔧 CI check lint-and-typecheck failed. I’m investigating the issue and will push a fix shortly. (Attempt 1/3)
GitHub conversation showing Twill automatically detecting and fixing CI failure

The Fix

Twill understood that Prisma v7 requires a new configuration approach and made the necessary changes:
Files changed showing new prisma.config.ts and CI workflow updates
Changes Twill made:
  • Created prisma.config.ts with the new v7 configuration format
  • Updated prisma/schema.prisma to remove deprecated settings
  • Modified .github/workflows/ci.yml to set required environment variables
  • Updated package.json dependencies
The final commit shows CI passing:
Final commit by Twill showing CI checks passing
All checks passed after Twill’s fixes, and the PR was ready to merge.

What Twill Can Handle

Dependabot Alerts

Forward alerts directly to Twill. It reads the vulnerability details and applies the recommended fix.

npm audit Findings

Share audit output and Twill upgrades affected packages while handling breaking changes.

Major Version Upgrades

Twill reads changelogs and migration guides to adapt your code to new APIs.

CI Failures

When upgrades break tests or linting, Twill automatically investigates and fixes the issues.

Example Prompts

Here are some ways to ask Twill for security updates:
  • “Upgrade all outdated dependencies in package.json”
  • “Fix this Dependabot alert: [paste alert]”
  • “Update React from v18 to v19 and fix any breaking changes”
  • “@twill can you fix?” (on a PR with failing CI)
  • “Run npm audit and fix any high severity vulnerabilities”