Skip to content
.github/workflows/dependency-update.yml

fix: update dependencies to correct versions #19

Sign in to view logs

fix: update dependencies to correct versions

fix: update dependencies to correct versions #19

Workflow file for this run

.github/workflows/dependency-update.yml at 9a2b439
name: Dependency Update Check
on:
schedule:
# Run every Monday at 9 AM UTC
- cron: '0 9 * * 1'
workflow_dispatch:
inputs:
create_pr:
description: 'Create PR with updates'
required: false
type: boolean
default: false
permissions:
contents: write
pull-requests: write
jobs:
check-updates:
name: Check for Dependency Updates
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
cache: gradle
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Check for dependency updates
run: |
# Create gradle task if it doesn't exist
if ! ./gradlew tasks --all | grep -q "dependencyUpdates"; then
echo "Adding dependency updates plugin"
cat >> build.gradle << 'EOF'
// Dependency updates plugin
buildscript {
repositories {
gradlePluginPortal()
}
dependencies {
classpath 'com.github.ben-manes:gradle-versions-plugin:0.51.0'
}
}
apply plugin: 'com.github.ben-manes.versions'
dependencyUpdates {
rejectVersionIf {
isNonStable(it.candidate.version)
}
outputFormatter = 'json'
outputDir = 'build/reports/dependencyUpdates'
reportfileName = 'report'
}
def isNonStable = { String version ->
def stableKeyword = ['RELEASE', 'FINAL', 'GA'].any { it -> version.toUpperCase().contains(it) }
def regex = /^[0-9,.v-]+(-r)?$/
return !stableKeyword && !(version ==~ regex)
}
EOF
fi
# Run dependency updates check
./gradlew dependencyUpdates -Drevision=release --stacktrace || true
- name: Parse dependency report
id: parse-report
run: |
REPORT_FILE="build/reports/dependencyUpdates/report.json"
if [ -f "$REPORT_FILE" ]; then
echo "## Dependency Update Report :package:" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Check if jq is available, if not use python
if command -v jq &> /dev/null; then
OUTDATED_COUNT=$(jq '.outdated.count' "$REPORT_FILE")
if [ "$OUTDATED_COUNT" -gt 0 ]; then
echo "### Outdated Dependencies ($OUTDATED_COUNT)" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "| Dependency | Current | Available | Type |" >> $GITHUB_STEP_SUMMARY
echo "|------------|---------|-----------|------|" >> $GITHUB_STEP_SUMMARY
jq -r '.outdated.dependencies[] | "| \(.group):\(.name) | \(.version) | \(.available.release // .available.milestone // .available.integration) | \(.projectUrl // "N/A") |"' "$REPORT_FILE" >> $GITHUB_STEP_SUMMARY
echo "has_updates=true" >> $GITHUB_OUTPUT
else
echo "All dependencies are up to date! :white_check_mark:" >> $GITHUB_STEP_SUMMARY
echo "has_updates=false" >> $GITHUB_OUTPUT
fi
else
# Fallback to Python
python3 << 'PYTHON_EOF' >> $GITHUB_STEP_SUMMARY
import json

Check failure on line 106 in .github/workflows/dependency-update.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/dependency-update.yml

Invalid workflow file 

You have an error in your yaml syntax on line 106
import os
with open('build/reports/dependencyUpdates/report.json', 'r') as f:
data = json.load(f)
outdated = data.get('outdated', {})
count = outdated.get('count', 0)
if count > 0:
print(f"### Outdated Dependencies ({count})")
print("")
print("| Dependency | Current | Available |")
print("|------------|---------|-----------|")
for dep in outdated.get('dependencies', []):
group = dep.get('group', '')
name = dep.get('name', '')
current = dep.get('version', '')
available = dep.get('available', {})
latest = available.get('release') or available.get('milestone') or available.get('integration', '')
print(f"| {group}:{name} | {current} | {latest} |")
with open(os.environ['GITHUB_OUTPUT'], 'a') as f:
f.write("has_updates=true\n")
else:
print("All dependencies are up to date! :white_check_mark:")
with open(os.environ['GITHUB_OUTPUT'], 'a') as f:
f.write("has_updates=false\n")
PYTHON_EOF
fi
else
echo "No dependency report found" >> $GITHUB_STEP_SUMMARY
echo "has_updates=false" >> $GITHUB_OUTPUT
fi
- name: Update dependencies in build files
if: ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.create_pr == 'true') || github.event_name == 'schedule' }}
id: update-deps
run: |
# This is a placeholder for actual dependency updates
# In practice, you might want to use a tool like Renovate or manually update versions
echo "## Dependency Updates Applied" >> updates.md
echo "" >> updates.md
echo "The following dependencies were updated:" >> updates.md
echo "" >> updates.md
# For now, just document what would be updated
if [ -f "build/reports/dependencyUpdates/report.json" ]; then
python3 << 'PYTHON_EOF' >> updates.md
import json
with open('build/reports/dependencyUpdates/report.json', 'r') as f:
data = json.load(f)
for dep in data.get('outdated', {}).get('dependencies', []):
group = dep.get('group', '')
name = dep.get('name', '')
current = dep.get('version', '')
available = dep.get('available', {})
latest = available.get('release') or available.get('milestone') or available.get('integration', '')
print(f"- {group}:{name}: {current} → {latest}")
PYTHON_EOF
fi
- name: Create Pull Request
if: ${{ steps.parse-report.outputs.has_updates == 'true' && ((github.event_name == 'workflow_dispatch' && github.event.inputs.create_pr == 'true') || github.event_name == 'schedule') }}
uses: peter-evans/create-pull-request@v6
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: 'chore: update dependencies'
title: 'chore: Automated dependency updates'
body: |
## Automated Dependency Updates
This PR contains automated dependency updates based on the latest available versions.
### Updates included:
${{ steps.update-deps.outputs.updates }}
Please review the changes and ensure all tests pass before merging.
---
*This PR was automatically created by the dependency update workflow.*
branch: chore/dependency-updates
delete-branch: true
labels: |
dependencies
automated