From 31cddd1e35fa2fa2d8468ea7c2901f44e934daf4 Mon Sep 17 00:00:00 2001
From: fa-sharp <farshadkt@gmail.com>
Date: Thu, 19 Feb 2026 23:04:47 -0500
Subject: [PATCH] ci: add weekly dependency check

---
 .github/workflows/dependency-check.yml | 132 +++++++++++++++++++++++++
 1 file changed, 132 insertions(+)
 create mode 100644 .github/workflows/dependency-check.yml

diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml
new file mode 100644
index 0000000..e28359b
--- /dev/null
+++ b/.github/workflows/dependency-check.yml
@@ -0,0 +1,132 @@
+name: Dependency Check
+
+on:
+  schedule:
+    # Run every Monday at 9:00 AM UTC
+    - cron: "0 9 * * 1"
+  workflow_dispatch: # Allow manual triggering
+
+env:
+  RUST_VERSION: "1.90"
+
+jobs:
+  check-dependencies:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Install Rust toolchain
+        uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          toolchain: ${{ env.RUST_VERSION }}
+          cache-workspaces: |
+            dep-check-test
+            dep-check-no-aide
+
+      - name: Install cargo-generate and cargo-edit
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-generate,cargo-edit
+
+      - name: Generate test project from template
+        run: |
+          cargo generate --path . --name dep-check-test \
+            --define project_description="Dependency check test project" \
+            --define env_prefix="APP" \
+            --define default_port="3000" \
+            --define default_log_level="info" \
+            --define include_aide=true
+        working-directory: ${{ github.workspace }}
+
+      - name: Check current dependencies
+        run: cargo check --verbose
+        working-directory: dep-check-test
+
+      # - name: Run tests with current dependencies
+      #   run: cargo test --verbose
+      #   working-directory: dep-check-test
+
+      - name: Upgrade dependencies
+        run: |
+          cargo upgrade --incompatible
+          cat Cargo.toml
+        working-directory: dep-check-test
+
+      - name: Check with upgraded dependencies
+        run: cargo check --verbose
+        working-directory: dep-check-test
+
+      - name: Build with upgraded dependencies
+        run: cargo build --verbose
+        working-directory: dep-check-test
+
+      # - name: Run tests with upgraded dependencies
+      #   run: cargo test --verbose
+      #   working-directory: dep-check-test
+
+      - name: Create issue on failure
+        if: failure()
+        run: |
+          ISSUE_TITLE="⚠️ Weekly Dependency Check Failed"
+          ISSUE_BODY="The weekly dependency check has failed. Please review the workflow run for details.
+
+          **Action Required:**
+          - Review the failing dependencies
+          - Update the template if needed
+          - Test locally with \`cargo generate\` and \`cargo upgrade\`
+
+          **Workflow Run:** ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+
+          # Create issue via Gitea API
+          curl -X POST \
+            -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+            -H "Content-Type: application/json" \
+            "${{ github.api_url }}/repos/${{ github.repository }}/issues" \
+            -d "{
+              \"title\": \"$ISSUE_TITLE\",
+              \"body\": \"$ISSUE_BODY\",
+              \"labels\": [\"dependency-bot\"]
+            }"
+
+      - name: Generate test project without aide
+        run: |
+          cargo generate --path . --name dep-check-no-aide \
+            --define project_description="Dependency check test project without aide" \
+            --define env_prefix="APP" \
+            --define default_port="3000" \
+            --define default_log_level="info" \
+            --define include_aide=false
+        working-directory: ${{ github.workspace }}
+
+      - name: Check without aide (current dependencies)
+        run: cargo check --verbose
+        working-directory: dep-check-no-aide
+
+      - name: Upgrade dependencies (no aide)
+        run: cargo upgrade --incompatible
+        working-directory: dep-check-no-aide
+
+      - name: Check without aide (upgraded dependencies)
+        run: cargo check --verbose
+        working-directory: dep-check-no-aide
+
+      - name: Build without aide (upgraded dependencies)
+        run: cargo build --verbose
+        working-directory: dep-check-no-aide
+
+      # - name: Run tests without aide (upgraded dependencies)
+      #   run: cargo test --verbose
+      #   working-directory: dep-check-no-aide
+
+      - name: Summary
+        if: success()
+        run: |
+          echo "✅ All dependency checks passed!"
+          echo ""
+          echo "Tested configurations:"
+          echo "  - With aide: dep-check-test"
+          echo "  - Without aide: dep-check-no-aide"
+          echo ""
+          echo "All upgraded dependencies are compatible."