dotnet · Copilot · Aug 6, 2025 · Aug 6, 2025 · Aug 6, 2025
diff --git a/.github/workflows/update-extension-dependencies.yml b/.github/workflows/update-extension-dependencies.yml
@@ -0,0 +1,82 @@
+---
+name: "Update Extension Dependencies"
+
+on:
+  workflow_dispatch:
+  schedule:
+    # Mondays at 8am PST (16:00 UTC) - same as other dependency workflows
+    - cron: "0 16 * * 1"
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  update-extension-dependencies:
+    runs-on: ubuntu-latest
+    if: ${{ github.repository_owner == 'dotnet' }}
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install current dependencies
+        working-directory: ./extension
+        run: yarn install --frozen-lockfile
+
+      - name: Upgrade dependencies
+        working-directory: ./extension
+        continue-on-error: true
+        run: |
+          echo "Running yarn upgrade..."
+          yarn upgrade 2>&1 | tee upgrade-output.log || \
+            echo "Some dependencies could not be updated, but continuing workflow."
+
+          # Check if any packages failed due to npm feed issues
+          if grep -q "error" upgrade-output.log; then
+            echo "Some packages encountered errors during upgrade:"
+            grep "error" upgrade-output.log || true
+          fi
+
+      - name: Check for changes
+        id: changes
+        run: |
+          if git diff --quiet HEAD -- extension/package.json extension/yarn.lock; then
+            echo "No changes detected"
+            echo "has_changes=false" >> $GITHUB_OUTPUT
+          else
+            echo "Changes detected in package.json or yarn.lock"
+            echo "has_changes=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Clean up temporary files
+        working-directory: ./extension
+        run: rm -f upgrade-output.log
+
+      - name: Create Pull Request
+        if: steps.changes.outputs.has_changes == 'true'
+        uses: dotnet/actions-create-pull-request@e8d799aa1f8b17f324f9513832811b0a62f1e0b1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          branch: update-extension-dependencies
+          commit-message: "[Automated] Update extension npm dependencies"
+          title: "[Automated] Update extension npm dependencies"
+          body: |
+            Auto-generated update to the extension npm dependencies.
+
+            This PR updates the `extension/package.json` and `extension/yarn.lock`
+            files by running `yarn upgrade`.
+
+            **Note:** Some packages may fail to upgrade if they are not available
+            in the npm registry. The workflow is designed to continue despite these
+            failures and only includes packages that were successfully upgraded.
+
+            Please review the changes and test the extension functionality before
+            merging.
+          labels: |
+            area-extension
+            area-tooling