From 4159d0d7ffde9b9ff657562f7888b0515c891f4b Mon Sep 17 00:00:00 2001
From: fa-sharp <farshadkt@gmail.com>
Date: Thu, 19 Feb 2026 23:42:15 -0500
Subject: [PATCH] Update dependency-check.yml

---
 .github/workflows/dependency-check.yml | 95 +++++++++++++++++++++++++-
 1 file changed, 92 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml
index 34e2c55..eda5682 100644
--- a/.github/workflows/dependency-check.yml
+++ b/.github/workflows/dependency-check.yml
@@ -16,6 +16,8 @@ jobs:
     steps:
       - name: Checkout repository
         uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
 
       - name: Install Rust toolchain
         uses: actions-rust-lang/setup-rust-toolchain@v1
@@ -48,9 +50,29 @@ jobs:
       #   run: cargo test --verbose
       #   working-directory: dep-check-test
 
-      - name: Upgrade dependencies
+      - name: Upgrade dependencies and capture changes
+        id: upgrade
         run: |
-          cargo upgrade --incompatible
+          # Run cargo upgrade and capture output
+          UPGRADE_OUTPUT=$(cargo upgrade --incompatible 2>&1)
+          echo "$UPGRADE_OUTPUT"
+          echo "$UPGRADE_OUTPUT" > ../upgrade-output.txt
+
+          # Check if any dependencies were actually upgraded
+          if echo "$UPGRADE_OUTPUT" | grep -E "name\s+old req\s+compatible\s+latest\s+new req" > /dev/null; then
+            # Check if any version actually changed (old req != new req)
+            if echo "$UPGRADE_OUTPUT" | tail -n +3 | awk '{if ($2 != $5 && $2 != "" && $5 != "") exit 0} END {exit 1}'; then
+              echo "has_updates=true" >> $GITHUB_OUTPUT
+              echo "✅ Updates detected"
+            else
+              echo "has_updates=false" >> $GITHUB_OUTPUT
+              echo "ℹ️ No updates available"
+            fi
+          else
+            echo "has_updates=false" >> $GITHUB_OUTPUT
+            echo "ℹ️ No updates available"
+          fi
+
           cat Cargo.toml
         working-directory: dep-check-test
 
@@ -66,6 +88,19 @@ jobs:
       #   run: cargo test --verbose
       #   working-directory: dep-check-test
 
+      - name: Update template Cargo.toml if upgrades succeeded
+        if: steps.upgrade.outputs.has_updates == 'true'
+        run: |
+          echo "📝 Updating template with new dependency versions..."
+
+          # Copy the upgraded Cargo.toml back to template
+          cp ../dep-check-test/Cargo.toml Cargo.toml.liquid
+
+          # Show what changed
+          echo "Changes to template:"
+          git diff Cargo.toml.liquid
+        working-directory: ${{ github.workspace }}/axum-template
+
       - name: Create issue on failure
         if: failure()
         run: |
@@ -120,6 +155,56 @@ jobs:
       #   run: cargo test --verbose
       #   working-directory: dep-check-no-aide
 
+      - name: Prepare PR body with upgrade summary
+        if: steps.upgrade.outputs.has_updates == 'true'
+        run: |
+          UPGRADE_SUMMARY=$(cat upgrade-output.txt | grep -A 100 "name.*old req.*compatible.*latest.*new req" | head -n 20)
+
+          cat > pr-body.txt << 'EOF'
+          This PR contains automated dependency upgrades that have been tested and verified.
+
+          ## Changes
+
+          ```
+          EOF
+          echo "$UPGRADE_SUMMARY" >> pr-body.txt
+          cat >> pr-body.txt << 'EOF'
+          ```
+
+          ## Testing
+
+          ✅ Generated test project with aide
+          ✅ Generated test project without aide
+          ✅ All builds passed
+          ✅ All checks passed
+
+          ## Workflow Run
+
+          ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+          ---
+          *This PR was automatically created by the dependency check workflow.*
+          EOF
+
+          cat pr-body.txt
+        working-directory: ${{ github.workspace }}
+
+      - name: Create Pull Request with dependency updates
+        if: steps.upgrade.outputs.has_updates == 'true'
+        uses: infinilabs/gitea-pr@v0
+        with:
+          url: ${{ secrets.GITEA_URL }}
+          token: ${{ secrets.GITEA_TOKEN }}
+          path: ${{ github.workspace }}/axum-template
+          commit-message: "chore: upgrade dependencies"
+          committer: "Dependency Bot <bot@github.actions>"
+          author: "Dependency Bot <bot@github.actions>"
+          base: ${{ github.ref_name }}
+          branch: deps/auto-upgrade-${{ github.run_number }}
+          title: "⬆️ Automated Dependency Upgrade"
+          body-path: ${{ github.workspace }}/pr-body.txt
+          pr-label: "dependencies"
+
       - name: Summary
         if: success()
         run: |
@@ -129,4 +214,8 @@ jobs:
           echo "  - With aide: dep-check-test"
           echo "  - Without aide: dep-check-no-aide"
           echo ""
-          echo "All upgraded dependencies are compatible."
+          if [ "${{ steps.upgrade.outputs.has_updates }}" = "true" ]; then
+            echo "📦 Updates found - PR created automatically"
+          else
+            echo "ℹ️ No dependency updates available"
+          fi