🤖 denopendabot

CI codecov denoland/deno deno deploy

Denopendabot is a GitHub App, GitHub Action, and Deno module to keep the dependencies of your Deno projects up-to-date. Obviously inspired by Dependabot, and making up for their missing support for Deno.

Warning
Still under development. Many bugs might remain. Any breaking changes may be introduced on each Feature release.

🪄 Features

Update Deno modules

import { assert } from "https://deno.land/std@0.158.0/testing/asserts.ts";
💡 deno.land/std 0.158.0 => 0.159.0

Denopendabot takes advantage of the core engine of udd, one of the most widely used module update libraries for Deno, which supports many registry domains.

Update GitHub repositories

- uses: denoland/setup-deno@v1
  with:
    deno-version: v1.26.0 # @denopendabot denoland/deno
💡 denoland/deno v1.26.0 => v1.26.1

Denopendabot update any SemVer related to a GitHub repository, specified by a comment of @denopendabot {owner}/{repo}.

Commits and pull requests

  • Commits are created for each updated module/repository individually
  • Each run of Denopendabot creates only one pull request

See an example pull request.

💡 Usage

GitHub App (experimental)

Install the App and create a workflow file to dispatch denopendabot-run events:

name: Denopendabot
on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * *" # modify to your convenient time
jobs:
  update:
    steps:
      - name: Run
        uses: peter-evans/repository-dispatch@v2
        with:
          event-type: denopendabot-run
          client-payload: '{ "base": "main", "branch": "denopendabot" }' # optional

GitHub Action

Denopendabot needs a GitHub access token authorized to run workflows. secrets.GITHUB_TOKEN is used by default and it works fine in most cases.

If you want to update workflow files (.github/workflows/*.yml), it also needs a private access token with the workflow scope. In the examples below, we assume the token is added in repository secrets as GH_TOKEN.

name: Denopendabot
on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * *" # modify to your convenient time
jobs:
  update:
    name: Update
    runs-on: ubuntu-latest
    steps:
      - uses: hasundue/denopendabot@0.7.1 # @denopendabot hasundue/denopendabot
        with:
          user-token: ${{ secrets.GH_TOKEN }}

See action.yml for other options.