cyberneticlibrary
← library

Update multitool-managed dependencies

bump-multitoolcommandsetup L20
aran/rules_dart
What it does

Update multitool-managed tools to latest versions

Best for

Monorepo/Bazel projects managing cross-platform linters where manual version bumps introduce skew.

Inputs
  • · None (reads multitool.lock.json for current versions)
Outputs
  • · Updated multitool.lock.json with new versions and SHA-256 hashes
  • · Updated .pre-commit-config.yaml with new rev: tags
  • · Regenerated lock files (dart run tool/refresh_locks.dart)
  • · Verification: yamlfmt and typos run successfully
Requires
  • · GitHub API (releases endpoint)
  • · shasum (SHA-256 computation)
  • · dart
  • · Bazel
Preconditions
  • · multitool.lock.json exists
  • · .pre-commit-config.yaml configured
  • · dart run tool/refresh_locks.dart script exists
Failure modes
  • · GitHub API rate limit — fails silently (user must retry after 1 hour)
  • · Platform-specific archives missing — skips tool (reports which platforms)
  • · Tool verification fails (yamlfmt/typos exits non-zero) — stops before commit
Trust signals
  • · SHA-256 hash verification (prevents supply-chain substitution)
  • · Explicit platform-specific archive handling
  • · Verification step before commit (no silent breakage)