Skip to content

Add workflow to automatically upgrade extension npm dependencies #10856

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Add workflow to automatically upgrade extension npm dependencies #10856

wants to merge 3 commits into from
+1,473 −1,417

Conversation

Copilot
Copy link
Contributor

@Copilot Copilot AI commented Aug 6, 2025
edited
Loading

This PR adds a new GitHub Actions workflow that automatically upgrades npm dependencies for the VS Code extension located in the extension/ folder.

Workflow Features

The workflow runs weekly on Mondays at 8am PST (same schedule as other dependency workflows) and:

  • Installs current dependencies using yarn install --frozen-lockfile to ensure a clean starting point
  • Runs yarn upgrade to update all packages to their latest compatible versions
  • Handles failures gracefully using continue-on-error: true to continue when some packages are unavailable in the npm registry
  • Detects changes by comparing package.json and yarn.lock files before and after the upgrade
  • Creates a pull request only when actual changes are detected, using the same PR creation action as other automation workflows
  • Includes comprehensive logging to help troubleshoot any packages that fail to upgrade

Error Handling for NPM Feed Issues

The workflow addresses the requirement to handle cases where some packages may not be available in the npm feed by:

  1. Using continue-on-error: true on the yarn upgrade step so the workflow continues even if some packages fail
  2. Capturing upgrade output to a log file for analysis
  3. Checking for and reporting any errors encountered during the upgrade process
  4. Only creating PRs when successful upgrades actually change the dependency files

Implementation Details

The workflow follows existing repository patterns:

  • Uses the same scheduling as update-dependencies.yml (weekly on Mondays)
  • Includes proper repository owner checks (github.repository_owner == 'dotnet')
  • Uses appropriate permissions (contents: write, pull-requests: write)
  • Uses the same PR creation action (dotnet/actions-create-pull-request)
  • Follows consistent commit message and PR title formatting with [Automated] prefix

The generated PRs will include clear documentation explaining the automation and noting that some packages may have failed to upgrade due to npm registry availability.

Fixes #10855.

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

@Copilot Copilot AI changed the title [WIP] Create a workflow to automatically upgrade aspire extension npm packages Add workflow to automatically upgrade extension npm dependencies Aug 6, 2025
@Copilot Copilot AI requested a review from adamint August 6, 2025 20:06
Copilot finished work on behalf of adamint August 6, 2025 20:06
@davidfowl
Copy link
Member

@joperezr isn't this what dependabot is for 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adamint adamint Awaiting requested review from adamint

At least 1 approving review is required to merge this pull request.

Assignees

@adamint adamint

Copilot code review Copilot

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Create a workflow to automatically upgrade aspire extension npm packages
3 participants
@Copilot @davidfowl @adamint