Update Dependencies #6

Workflow file for this run

.github/workflows/update-dependencies.yml at ba30ab3

	---
	name: Update Dependencies

	on:
	schedule:
	# Run every Monday at 9:00 AM UTC (1:00 AM PST / 2:00 AM PDT)
	- cron: "0 9 * * 1"
	workflow_dispatch:
	inputs:
	update_python:
	description: "Update Python version"
	required: false
	type: boolean
	default: false
	python_version:
	description: "Python version (if updating)"
	required: false
	type: string
	default: "3.13"
	major_upgrades:
	description: "Include major version upgrades"
	required: false
	type: boolean
	default: false

	permissions:
	contents: write
	pull-requests: write

	jobs:
	update-dependencies:
	runs-on: ubuntu-latest

	steps:
	- name: 🔀 Checkout repository
	uses: actions/checkout@v5
	with:
	fetch-depth: 0
	token: ${{ secrets.GITHUB_TOKEN }}

	- name: 🔧 Setup Python and UV
	uses: ./.github/actions/setup-python-uv
	with:
	python-version: "3.13"

	- name: 🔧 Configure git
	run: \|
	git config --local user.email "github-actions[bot]@users.noreply.github.com"
	git config --local user.name "github-actions[bot]"

	- name: 🚀 Run update script
	id: update
	run: \|
	# Build command based on workflow inputs
	UPDATE_CMD="./scripts/update-project.sh --no-backup"

	if [[ "${{ github.event.inputs.update_python }}" == "true" ]]; then
	UPDATE_CMD="$UPDATE_CMD --python \"${{ github.event.inputs.python_version }}\""
	fi

	if [[ "${{ github.event.inputs.major_upgrades }}" == "true" ]]; then
	UPDATE_CMD="$UPDATE_CMD --major"
	fi

	# Run the update script and capture output
	set +e
	OUTPUT=$("$UPDATE_CMD" 2>&1)
	EXIT_CODE=$?
	set -e

	# Save output for PR body
	echo "$OUTPUT" > update-output.txt

	# Check if changes were made
	if git diff --quiet; then
	echo "no_changes=true" >> "$GITHUB_OUTPUT"
	else
	echo "no_changes=false" >> "$GITHUB_OUTPUT"
	fi

	# Exit with same code as update script
	exit $EXIT_CODE

	- name: 📊 Extract update summary
	if: steps.update.outputs.no_changes != 'true'
	id: summary
	run: \|
	# Extract relevant sections from output
	SUMMARY=$(awk '/Update Summary/,/Next Steps/' update-output.txt \| head -n -1)

	# Count changes
	PACKAGE_COUNT=$(echo "$SUMMARY" \| grep -c "•" \|\| echo "0")

	# Create PR title
	PR_TITLE="chore: update dependencies"

	if echo "$SUMMARY" \| grep -q "Python Version:"; then
	PYTHON_VER=$(echo "$SUMMARY" \| grep "Python Version:" -A1 \| tail -1 \| awk '{print $NF}')
	PR_TITLE="$PR_TITLE (Python $PYTHON_VER)"
	fi

	if echo "$SUMMARY" \| grep -q "UV Package Manager:"; then
	UV_VER=$(echo "$SUMMARY" \| grep "UV Package Manager:" -A1 \| tail -1 \| awk '{print $NF}')
	PR_TITLE="$PR_TITLE (UV $UV_VER)"
	fi

	if [[ "$PACKAGE_COUNT" -gt 0 ]]; then
	PR_TITLE="$PR_TITLE ($PACKAGE_COUNT packages)"
	fi

	echo "pr_title=$PR_TITLE" >> "$GITHUB_OUTPUT"

	# Save summary for PR body
	echo "$SUMMARY" > summary.txt

	- name: 📝 Create Pull Request
	if: steps.update.outputs.no_changes != 'true'
	id: create-pr
	uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v.7.0.8
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	branch: automation/updates
	delete-branch: true
	title: ${{ steps.summary.outputs.pr_title }}
	body: \|
	## 🤖 Automated Dependency Update

	This PR was automatically generated by the weekly dependency update workflow.

	### 📊 Update Summary

	```
	${{ steps.summary.outputs.summary }}
	```

	### 📋 Changes Made

	- ✅ Updated dependencies to latest compatible versions
	- 🔒 All security patches applied
	- 🧪 Tests have been run automatically

	### 🔍 Manual Verification Required

	Before merging, please:

	1. Review dependency changes: Check the Files tab for `uv.lock` changes
	2. Check CI status: Ensure all checks pass
	3. Test locally (optional):
	```bash
	git checkout automation/updates
	docker-compose build --no-cache
	docker-compose up -d
	docker-compose ps # All services should be "healthy"
	```
	4. Review security advisories:
	```bash
	uv pip audit
	```

	### 📝 Notes

	- This update was triggered by: ${{ github.event_name }}
	- Major upgrades: ${{ github.event.inputs.major_upgrades \|\| 'false' }}
	- Python update: ${{ github.event.inputs.update_python \|\| 'false' }}

	---

	<details>
	<summary>Full update output</summary>

	```
	${{ steps.update.outputs.output }}
	```

	</details>
	commit-message: \|
	chore: update dependencies

	- Update Python packages to latest compatible versions
	- Update UV package manager in Dockerfiles
	- Apply security patches and bug fixes

	Generated by automated dependency update workflow
	assignees: SimplicityGuy
	reviewers: SimplicityGuy
	draft: false

	- name: 📊 Summary
	if: always()
	run: \|
	if [[ "${{ steps.update.outputs.no_changes }}" == "true" ]]; then
	echo "✅ All dependencies are already up to date!"
	elif [[ "${{ steps.update.conclusion }}" == "success" ]]; then
	echo "✅ Successfully created PR with dependency updates"
	echo "🔗 Review the PR: ${{ steps.create-pr.outputs.pull-request-url }}"
	else
	echo "❌ Failed to update dependencies"
	cat update-output.txt
	fi

	- name: 📢 Send notification to Discord
	uses: sarisia/actions-status-discord@11a0bfe3b50977e38aa2bd4a4ebd296415e83c19 # v1.15.4
	if: always()
	with:
	title: Weekly Dependency Update
	description: \|
	${{ steps.update.outputs.no_changes == 'true' && '✅ All dependencies are already up to date!' \|\|
	(steps.create-pr.conclusion == 'success' &&
	format('✅ Successfully created PR with dependency updates\n🔗 [Review PR]({0})',
	steps.create-pr.outputs.pull-request-url) \|\|
	'❌ Failed to update dependencies') }}
	webhook: ${{ secrets.DISCORD_WEBHOOK }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update Dependencies #6

Workflow file

Update Dependencies #6

Uh oh!

Workflow file for this run