dependabot[bot]
github-actions(deps): bump peter-evans/create-pull-request from 4 to 7
6d871fd
unverified
| name: Dependency Updates | |
| on: | |
| schedule: | |
| - cron: '0 2 * * 1' # Every Monday at 2 AM | |
| workflow_dispatch: | |
| jobs: | |
| update-dependencies: | |
| name: Update Dependencies | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install pip-tools | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pip-tools | |
| - name: Update requirements | |
| run: | | |
| pip-compile --upgrade requirements.in | |
| pip-compile --upgrade requirements-dev.in | |
| - name: Check for security vulnerabilities | |
| run: | | |
| pip install safety | |
| safety check --json --output safety-report.json | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v7 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| commit-message: 'chore: update dependencies' | |
| title: '🔧 Automated dependency updates' | |
| body: | | |
| ## Automated Dependency Updates | |
| This PR updates dependencies to their latest versions. | |
| ### 📋 Changes | |
| - Updated Python packages to latest versions | |
| - Security vulnerability fixes | |
| - Performance improvements | |
| ### 🔍 Security Report | |
| - [ ] No critical vulnerabilities | |
| - [ ] No high severity issues | |
| - [ ] Dependencies up to date | |
| ### 🧪 Testing | |
| - [ ] All tests pass | |
| - [ ] No breaking changes | |
| - [ ] Performance maintained | |
| **Auto-generated by GitHub Actions** | |
| branch: dependency-updates | |
| delete-branch: true |