69 lines
2.0 KiB
YAML
69 lines
2.0 KiB
YAML
name: Dependency Updates
|
|
|
|
on:
|
|
schedule:
|
|
# Run weekly on Mondays at 3 AM UTC
|
|
- cron: '0 3 * * 1'
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
update-dependencies:
|
|
name: Update Dependencies
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
|
|
- name: Update Backend Dependencies
|
|
working-directory: ./backend
|
|
run: |
|
|
npm update
|
|
npm audit fix || true
|
|
|
|
- name: Update Frontend Dependencies
|
|
working-directory: ./frontend
|
|
run: |
|
|
npm update
|
|
npm audit fix || true
|
|
|
|
- name: Check for changes
|
|
id: check_changes
|
|
run: |
|
|
if [[ -n $(git status -s) ]]; then
|
|
echo "changes=true" >> $GITHUB_OUTPUT
|
|
else
|
|
echo "changes=false" >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
- name: Create Pull Request
|
|
if: steps.check_changes.outputs.changes == 'true'
|
|
uses: peter-evans/create-pull-request@v5
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
commit-message: 'chore: update dependencies'
|
|
title: 'Automated Dependency Updates'
|
|
body: |
|
|
## Automated Dependency Updates
|
|
|
|
This PR contains automated dependency updates for both frontend and backend packages.
|
|
|
|
### What's included:
|
|
- Updated npm dependencies to latest compatible versions
|
|
- Applied security fixes from `npm audit`
|
|
|
|
### Checklist:
|
|
- [ ] Review dependency changes
|
|
- [ ] Run tests locally
|
|
- [ ] Check for breaking changes in updated packages
|
|
- [ ] Update any affected code if needed
|
|
|
|
*This PR was automatically generated by the dependency update workflow.*
|
|
branch: deps/automated-update-${{ github.run_number }}
|
|
delete-branch: true |