Product
Introducing GitHub Actions Scanning Support
Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.
By Rakesh Chatrath, Greg Tystahl -  Oct 23, 2025
🚀 DAY 4 OF LAUNCH WEEK: Introducing GitHub Actions Scanning Support.Learn more →
@yolkai/rush-auto-update
Advanced tools
@yolkai/rush-auto-update
A tool to automatically update Rush's lockfile, compatible with Renovate
rush-auto-update
A tool to automatically update Rush's lockfile, compatible with Renovate.
Overview
rush-auto-update provides two commands: update and upload. update updates Rush's lockfile using rush update, and stages the new lockfile with Git. upload commits and pushes the updated lockfile.
When correctly configured with a CI service, rush-auto-update enables your Renovate branches to automatically update with the correct lockfile, similar to greenkeeper-lockfile.
Limitations
rush-auto-update is currently compatible only with Renovate and CircleCI.
Setup
- Create a GitHub access token with push access to your repository and make it available to your CI's environment as
GH_TOKEN. - Configure your CI to run
npx @yolkai/rush-auto-update updateright before it executes your tests andnpx @yolkai/rush-auto-update uploadright after it executed your tests.
Usage
$ npm install -g @yolkai/rush-auto-update
$ rush-auto-update COMMAND
running command...
$ rush-auto-update (-v|--version|version)
@yolkai/rush-auto-update/0.0.1-9 darwin-x64 node-v10.13.0
$ rush-auto-update --help [COMMAND]
USAGE
$ rush-auto-update COMMAND
...
Commands
rush-auto-update help [COMMAND]
display help for rush-auto-update
USAGE
$ rush-auto-update help [COMMAND]
ARGUMENTS
COMMAND command to show help for
OPTIONS
--all see all commands in CLI
See code: @oclif/plugin-help
rush-auto-update update
update Rush's lockfile
USAGE
$ rush-auto-update update
See code: src/commands/update.ts
rush-auto-update upload
commit and push the updated lockfile
USAGE
$ rush-auto-update upload
See code: src/commands/upload.ts
FAQs
A tool to automatically update Rush's lockfile, compatible with Renovate
We found that @yolkai/rush-auto-update demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 11 Feb 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Pull Request Scans
Add real-time Socket webhook events to your workflows to automatically receive pull request scan results and security alerts in real time.
By Jeppe Hasseriis -  Oct 22, 2025
Research
Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys
The Socket Threat Research Team uncovered malicious NuGet packages typosquatting the popular Nethereum project to steal wallet keys.
By Kirill Boychenko -  Oct 22, 2025