feat(config): add updateGroups to set registry update policies

Closes #244

Author: JamieMason

README.md

@@ -95,6 +95,12 @@ syncpack update --target latest
 syncpack update --target minor
 # Only update patch versions (1.2.x)
 syncpack update --target patch
+# Pick which updates to apply through an interactive prompt
+syncpack update --interactive
+# Interactively pick from patch updates only
+syncpack update --interactive --target patch
+# Interactively pick which @aws-sdk packages to update
+syncpack update --interactive --dependencies '@aws-sdk/**'
 # Check for outdated dependencies in one package
 syncpack update --check --source 'packages/pingu/package.json'
 # Update dependencies and devDependencies in the whole monorepo

crates/syncpack-specifier/src/update_target.rs

@@ -1,4 +1,8 @@
-#[derive(Debug)]
+#[cfg(test)]
+#[path = "update_target_test.rs"]
+mod update_target_test;
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
 pub enum UpdateTarget {
   /// "*.*.*"
   Latest,
@@ -7,3 +11,16 @@ pub enum UpdateTarget {
   /// "1.2.*"
   Patch,
 }
+
+impl UpdateTarget {
+  /// Return the stricter of two `UpdateTarget`s. `Patch` < `Minor` < `Latest`
+  /// in strictness, so `Patch` always wins, then `Minor`, then `Latest`.
+  pub fn stricter(self, other: Self) -> Self {
+    use UpdateTarget::*;
+    match (self, other) {
+      (Patch, _) | (_, Patch) => Patch,
+      (Minor, _) | (_, Minor) => Minor,
+      _ => Latest,
+    }
+  }
+}

crates/syncpack-specifier/src/update_target_test.rs

@@ -0,0 +1,15 @@
+use super::UpdateTarget;
+
+#[test]
+fn stricter_covers_all_nine_pairs() {
+  use UpdateTarget::*;
+  assert_eq!(Latest.stricter(Latest), Latest);
+  assert_eq!(Latest.stricter(Minor), Minor);
+  assert_eq!(Latest.stricter(Patch), Patch);
+  assert_eq!(Minor.stricter(Latest), Minor);
+  assert_eq!(Minor.stricter(Minor), Minor);
+  assert_eq!(Minor.stricter(Patch), Patch);
+  assert_eq!(Patch.stricter(Latest), Patch);
+  assert_eq!(Patch.stricter(Minor), Patch);
+  assert_eq!(Patch.stricter(Patch), Patch);
+}

npm/syncpack.ts

@@ -25,6 +25,8 @@ export interface RcFile {
   minimumReleaseAge?: number;
   /** @see https://syncpack.dev/semver-groups */
   semverGroups?: SemverGroup.Any[];
+  /** @see https://syncpack.dev/update-groups */
+  updateGroups?: UpdateGroup.Any[];
   /** @see https://syncpack.dev/config/sort-az */
   sortAz?: string[];
   /** @see https://syncpack.dev/config/sort-exports */
@@ -92,6 +94,18 @@ namespace SemverGroup {
   export type Any = Ignored | WithRange;
 }
 
+namespace UpdateGroup {
+  export interface Ignored extends GroupSelector {
+    /** @see https://syncpack.dev/update-groups/ignored/#isignored */
+    isIgnored: true;
+  }
+  export interface Targeted extends GroupSelector {
+    /** @see https://syncpack.dev/update-groups/targeted/#target */
+    target: 'patch' | 'minor' | 'latest';
+  }
+  export type Any = Ignored | Targeted;
+}
+
 namespace VersionGroup {
   export interface Banned extends GroupSelector {
     /** @see https://syncpack.dev/version-groups/banned/#isbanned */

pnpm-lock.yaml

@@ -100,6 +100,11 @@ export default defineConfig({
           label: 'Semver Groups',
           items: [{ autogenerate: { directory: 'semver-groups' } }],
         },
+        {
+          label: 'Update Groups',
+          badge: 'New',
+          items: [{ autogenerate: { directory: 'update-groups' } }],
+        },
         {
           label: 'Configuration File',
           items: [
@@ -118,6 +123,7 @@ export default defineConfig({
             'config/sort-packages',
             'config/source',
             'config/strict',
+            { label: 'updateGroups', link: '/update-groups/', badge: 'New' },
             { label: 'versionGroups', link: '/version-groups/' },
           ],
         },

site/astro.config.mjs

@@ -22,6 +22,7 @@ export function linkAliases() {
     CONFIG_SORT_PACKAGES: '/config/sort-packages/',
     CONFIG_SOURCE: '/config/source/',
     CONFIG_SYNCPACKRC: '/config/syncpackrc/',
+    CONFIG_UPDATE_GROUPS: '/update-groups/',
     CONFIG_VERSION_GROUPS: '/version-groups/',
 
     GUIDE_PEER_DEPENDENCIES: '/guide/peer-dependencies/',
@@ -44,6 +45,7 @@ export function linkAliases() {
     TERM_SPECIFIER: '/glossary/#specifier',
     TERM_SPECIFIER_TYPE: '/glossary/#specifier-type',
     TERM_STATUS_CODE: '/glossary/#status-code',
+    TERM_UPDATE_GROUP: '/glossary/#update-group',
     TERM_VERSION_GROUP: '/glossary/#version-group',
     TERM_WORKSPACE: '/glossary/#workspace',
 
@@ -80,6 +82,9 @@ export function linkAliases() {
 
     STATUS_SAME_MINOR_MISMATCH: '/status/same-minor-mismatch',
 
+    UPDATE_GROUP_IGNORED: '/update-groups/ignored/',
+    UPDATE_GROUP_TARGETED: '/update-groups/targeted/',
+
     VERSION_GROUP_BANNED: '/version-groups/banned/',
     VERSION_GROUP_CATALOG: '/version-groups/catalog/',
     VERSION_GROUP_HIGHEST_SEMVER: '/version-groups/highest-semver/',

site/remark-plugins/link-aliases.mjs

@@ -1,6 +1,6 @@
 import { Code } from "astro:components";
 
-Limit updates to only those within the given semver portion.
+Limit updates to only those within the given semver portion. For per-dependency control, see [updateGroups](CONFIG_UPDATE_GROUPS) — when both apply to the same instance, the stricter of the two wins.
 
 <Code
 code={`

site/src/_partials/option/target.mdx

@@ -5,5 +5,6 @@ import { Aside } from "@astrojs/starlight/components";
   [`customTypes`](CONFIG_CUSTOM_TYPES).
   - pnpm and bun catalog names are auto-registered as dependency types.
 
-  See the [Dependency Types](REF_DEPENDENCY_TYPES) guide for the list of possible values.
+See the [Dependency Types](REF_DEPENDENCY_TYPES) guide for the list of possible values.
+
 </Aside>

site/src/_partials/tips/custom-types.mdx

@@ -23,7 +23,7 @@ import SourceOption from "@partials/option/source.mdx";
 import SpecifierTypesOption from "@partials/option/specifier-types.mdx";
 import TargetOption from "@partials/option/target.mdx";
 
-Update dependencies in your monorepo to newer versions from the npm registry. Checks for available updates and modifies package.json files — and `pnpm-workspace.yaml` catalog entries when present — to use them. Unlike `fix` which synchronises versions across packages, `update` fetches the latest published versions. Use `--target` to control update strategy (latest, minor, patch). Versions newer than [minimumReleaseAge](CONFIG_MINIMUM_RELEASE_AGE) are excluded by default to reduce supply chain attack risk.
+Update dependencies in your monorepo to newer versions from the npm registry. Checks for available updates and modifies package.json files — and `pnpm-workspace.yaml` catalog entries when present — to use them. Unlike `fix` which synchronises versions across packages, `update` fetches the latest published versions. Use `--target` to control update strategy (latest, minor, patch), or define [updateGroups](CONFIG_UPDATE_GROUPS) for per-dependency control. Versions newer than [minimumReleaseAge](CONFIG_MINIMUM_RELEASE_AGE) are excluded by default to reduce supply chain attack risk.
 
 ## Examples
 
@@ -34,6 +34,12 @@ syncpack update --target latest
 syncpack update --target minor
 # Only update patch versions (1.2.x)
 syncpack update --target patch
+# Pick which updates to apply through an interactive prompt
+syncpack update --interactive
+# Interactively pick from patch updates only
+syncpack update --interactive --target patch
+# Interactively pick which @aws-sdk packages to update
+syncpack update --interactive --dependencies '@aws-sdk/**'
 # Check for outdated dependencies in one package
 syncpack update --check --source 'packages/pingu/package.json'
 # Update dependencies and devDependencies in the whole monorepo