{"id":13727327,"url":"https://github.com/taichi/actions-package-update","last_synced_at":"2025-07-19T13:10:08.340Z","repository":{"id":34959762,"uuid":"192632273","full_name":"taichi/actions-package-update","owner":"taichi","description":" keeps npm dependencies up-to-date by making pull requests from GitHub Actions or CI.","archived":false,"fork":false,"pushed_at":"2023-05-12T08:18:58.000Z","size":1056,"stargazers_count":68,"open_issues_count":12,"forks_count":12,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-27T14:46:47.779Z","etag":null,"topics":["github-actions","npm","npm-package","pull-request","yarn","yarnpkg"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/taichi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-06-19T00:52:05.000Z","updated_at":"2025-02-23T15:56:28.000Z","dependencies_parsed_at":"2024-01-07T21:16:48.292Z","dependency_job_id":null,"html_url":"https://github.com/taichi/actions-package-update","commit_stats":{"total_commits":95,"total_committers":9,"mean_commits":"10.555555555555555","dds":"0.28421052631578947","last_synced_commit":"6475afd14c4c59ec143d83493947d186ba7ccdce"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":"taichi/ts-template","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/taichi%2Factions-package-update","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/taichi%2Factions-package-update/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/taichi%2Factions-package-update/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/taichi%2Factions-package-update/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/taichi","download_url":"https://codeload.github.com/taichi/actions-package-update/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243830949,"owners_count":20354854,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-actions","npm","npm-package","pull-request","yarn","yarnpkg"],"created_at":"2024-08-03T01:03:49.904Z","updated_at":"2025-03-16T21:31:08.444Z","avatar_url":"https://github.com/taichi.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"# actions-package-update\n\nThis tool keeps npm dependencies up-to-date by making pull requests from GitHub Actions or CI.\n\n![actions-package-update](docs/actions-package-update.png)\n\nThis tool is the successor of [taichi/ci-yarn-upgrade](https://github.com/taichi/ci-yarn-upgrade).\n\n# Basic Usage\nGitHub Action for package.json update.\n\n## GitHub Actions\n\nBelow is the complete workflow example:\n\n```yaml\nname: Update\n\non:\n  schedule:\n  - cron: 0 0 * * 3\n  \njobs:\n  package-update:\n    runs-on: ubuntu-latest\n    steps:\n    - uses: actions/checkout@master\n    \n    - name: set remote url\n      run: git remote set-url --push origin https://$GITHUB_ACTOR:${{ secrets.GITHUB_TOKEN }}@github.com/$GITHUB_REPOSITORY\n      \n    - name: package-update\n      uses: taichi/actions-package-update@master\n      env:\n        AUTHOR_EMAIL: john@example.com\n        AUTHOR_NAME: john\n        EXECUTE: \"true\"\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n        LOG_LEVEL: debug\n      with:\n        args: -u --packageFile package.json --loglevel verbose\n```\n\nNotes:\n\n* this workflow runs every Wednesday at midnight.\n* all `args` are passed to [npm-check-updates](https://github.com/tjunnone/npm-check-updates).\n* `AUTHOR_NAME` and `AUTHOR_EMAIL` are use for the commit.\n* if you set `EXECUTE` as `true,` then actions-package-update makes a Pull Request.\n* you must grant access using the built-in `GITHUB_TOKEN` value as above, because actions-package-update access to your repository and make Pull Request.\n  * see [Storing Secrets](https://developer.github.com/actions/managing-workflows/storing-secrets/) in the docs.\n\n### Examples\n\n* Update `devDependencies` only\n\n  ```yaml\n  - name: package-update\n    uses: taichi/actions-package-update@master\n    env:\n      AUTHOR_EMAIL: john@example.com\n      AUTHOR_NAME: John\n      EXECUTE: \"true\"\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n    with:\n      args: -u --packageFile package.json  --dep dev\n  ```\n\n* Use yarn upgrade\n\n  ```yaml\n  - name: package-update\n    uses: taichi/actions-package-update@master\n    env:\n      AUTHOR_EMAIL: john@example.com\n      AUTHOR_NAME: John\n      EXECUTE: \"true\"\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n      UPDATE_COMMAND: yarn\n    with:\n      args: upgrade --latest\n  ```\n\n* Use npm update\n\n  ```yaml\n  - name: package-update\n    uses: taichi/actions-package-update@master\n    env:\n      AUTHOR_EMAIL: john@example.com\n      AUTHOR_NAME: John\n      EXECUTE: \"true\"\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n      UPDATE_COMMAND: npm\n    with:\n      args: update\n  ```\n\n* Use pnpm update\n\n  ```yaml\n  - name: package-update\n    uses: taichi/actions-package-update@master\n    env:\n      AUTHOR_EMAIL: john@example.com\n      AUTHOR_NAME: John\n      EXECUTE: \"true\"\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n      UPDATE_COMMAND: pnpm\n    with:\n      args: update\n  ```\n\n* Use ncu with yarn workspaces\n\n  In your workspace root, run:\n\n  ```sh\n  yarn add -DW wsrun npm-check-updates\n  ```\n\n  Add this script to your root package.json:\n\n  ```json\n  {\n    \"ncu-all\": \"ncu -u --packageFile package.json \u0026\u0026 wsrun --serial ncu -u --packageFile package.json\"\n  }\n  ```\n\n  Add this config:\n\n  ```yaml\n  - name: package-update\n    uses: taichi/actions-package-update@master\n    env:\n      AUTHOR_EMAIL: john@example.com\n      AUTHOR_NAME: John\n      EXECUTE: \"true\"\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n      UPDATE_COMMAND: yarn\n    with:\n      args: ncu-all\n  ```\n\n## Local or CI Server|Service\n\n### Install\n\n    yarn global add actions-package-update\n\nor\n\n    npm install actions-package-update -g\n\nor\n\n    pnpm add --global actions-package-update\n### Setting Environment Variables\n\n* Required Variables\n  * `GITHUB_TOKEN`\n    * GitHub personal access token is required for sending pull requests to your repository\n    * [Creating an access token for command-line use](https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line)\n  * `AUTHOR_NAME` and `AUTHOR_EMAIL`\n    * this command use there variables for commit\n  * `EXECUTE`\n    * By default, actions-package-update runs in dry-run mode.\n    * if you set to `EXECUTE=true`, then this command push branch to remote, and make a pull request.\n\n### Command Behavior\n\nThis command works locally and output result to standard output.\n\n![CLI Output](docs/clioutput.png)\n\n# Optional Configurations\n\n* `BRANCH_PREFIX`\n  * specify working branch prefix. default prefix is `package-update/`.\n* `COMMIT_MESSAGE`\n  * specify the commit message. default message is `update dependencies`.\n* `COMMIT_FILES`\n  * a space separated list of files that will be added to the commit. Leave empty to use `git add --all`.\n    * for example, you can use `\"package.json package-lock.json\"` to ensure only these two files gets added to the commit\n* `UPDATE_COMMAND`\n  * specify the command for update. default command is `ncu`.\n    * for example, you may set to `yarn` or `npm`.\n* `WITH_SHADOWS`\n  * if you specify this option, shows shadow dependencies changes.\n  * default value is `false`.\n* `KEEP`\n  * if you specify this option, keep working branch after all.\n  * default value is `false`.\n  * this is useful for debugging.\n* `LOG_LEVEL`\n  * One of `fatal`, `error`, `warn`, `info`, `debug`, `trace` or `silent`.\n  * default value is `info`.\n  * if you want to know this tool's internal states, set to `debug`.\n* `WORKING_DIR`\n  * specify the working dir.\n  * default value is `./`.\n* `SET_NODE_VERSION`\n  * specify the node version you want to run on.\n  * default value is `latest`.\n\n# Development\n\n## Setup\n\nRun these commands in the project root dir.\n\n    yarn install\n    code .\n\n## Release\n\n* release package to npmjs\n\n    yarn publish\n\n* edit Dockerfile\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftaichi%2Factions-package-update","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftaichi%2Factions-package-update","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftaichi%2Factions-package-update/lists"}