.github/workflows/dependencies.yml YAML 147 lines View on github.com → Search inside 
1# Automatically run `cargo update` periodically23---4name: Bump dependencies in Cargo.lock5on:6  schedule:7    # Run weekly8    - cron: '0 0 * * Sun'9  workflow_dispatch:10    # Needed so we can run it manually11permissions:12  contents: read13defaults:14  run:15    shell: bash16env:17  # So cargo doesn't complain about unstable features18  RUSTC_BOOTSTRAP: 119  PR_TITLE: Weekly `cargo update`20  PR_MESSAGE: |21    Automation to keep dependencies in `Cargo.lock` current.22    r? dep-bumps2324    The following is the output from `cargo update`:25  COMMIT_MESSAGE: "cargo update \n\n"2627jobs:28  not-waiting-on-bors:29    if: github.repository_owner == 'rust-lang'30    name: skip if S-waiting-on-bors31    runs-on: ubuntu-24.0432    steps:33      - env:34          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}35        run: |36          # Fetch state and labels of PR37          # Or exit successfully if PR does not exist38          JSON=$(gh pr view cargo_update --repo $GITHUB_REPOSITORY --json labels,state || exit 0)39          STATE=$(echo "$JSON" | jq -r '.state')40          WAITING_ON_BORS=$(echo "$JSON" | jq '.labels[] | any(.name == "S-waiting-on-bors"; .)')4142          # Exit with error if open and S-waiting-on-bors43          if [[ "$STATE" == "OPEN" && "$WAITING_ON_BORS" == "true" ]]; then44            exit 145          fi4647  update:48    if: github.repository_owner == 'rust-lang'49    name: update dependencies50    needs: not-waiting-on-bors51    runs-on: ubuntu-24.0452    steps:53      - name: checkout the source code54        uses: actions/checkout@v555        with:56          submodules: recursive57      - name: install the bootstrap toolchain58        run: |59          # Extract the stage0 version60          TOOLCHAIN=$(awk -F= '{a[$1]=$2} END {print(a["compiler_version"] "-" a["compiler_date"])}' src/stage0)61          # Install and set as default62          rustup toolchain install --no-self-update --profile minimal $TOOLCHAIN63          rustup default $TOOLCHAIN6465      - name: cargo update66        run: ./src/tools/update-lockfile.sh6768      - name: upload Cargo.lock artifact for use in PR69        uses: actions/upload-artifact@v770        with:71          name: Cargo-lock72          path: |73            Cargo.lock74            library/Cargo.lock75            src/tools/rustbook/Cargo.lock76          retention-days: 177      - name: upload cargo-update log artifact for use in PR78        uses: actions/upload-artifact@v779        with:80          name: cargo-updates81          path: cargo_update.log82          retention-days: 18384  pr:85    if: github.repository_owner == 'rust-lang'86    name: amend PR87    needs: update88    runs-on: ubuntu-24.0489    permissions:90      contents: write91      pull-requests: write92    steps:93      - name: checkout the source code94        uses: actions/checkout@v59596      - name: download Cargo.lock from update job97        uses: actions/download-artifact@v498        with:99          name: Cargo-lock100      - name: download cargo-update log from update job101        uses: actions/download-artifact@v4102        with:103          name: cargo-updates104105      - name: craft PR body and commit message106        run: |107          echo "${COMMIT_MESSAGE}" > commit.txt108          cat cargo_update.log >> commit.txt109110          echo "${PR_MESSAGE}" > body.md111          echo '```txt' >> body.md112          cat cargo_update.log >> body.md113          echo '```' >> body.md114115      - name: commit116        run: |117          git config user.name github-actions118          git config user.email github-actions@github.com119          git switch --force-create cargo_update120          git add ./Cargo.lock ./library/Cargo.lock ./src/tools/rustbook/Cargo.lock121          git commit --no-verify --file=commit.txt122123      - name: push124        run: git push --no-verify --force --set-upstream origin cargo_update125126      - name: edit existing open pull request127        id: edit128        # Don't fail job if we need to open new PR129        continue-on-error: true130        env:131          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}132        run: |133          # Exit with error if PR is closed134          STATE=$(gh pr view cargo_update --repo $GITHUB_REPOSITORY --json state --jq '.state')135          if [[ "$STATE" != "OPEN" ]]; then136            exit 1137          fi138139          gh pr edit cargo_update --title "${PR_TITLE}" --body-file body.md --repo $GITHUB_REPOSITORY140141      - name: open new pull request142        # Only run if there wasn't an existing PR143        if: steps.edit.outcome != 'success'144        env:145          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}146        run: gh pr create --title "${PR_TITLE}" --body-file body.md --repo $GITHUB_REPOSITORY

Findings

✓ No findings reported for this file.

Get this view in your editor

Same data, no extra tab — call code_get_file + code_get_findings over MCP from Claude/Cursor/Copilot.

Add to MCP client REST API spec ← Back to dossier