name: Lock File Check
on:
schedule:
- cron: \"0 6 * * 1\"
workflow_dispatch: push:
branches:
- main
- develop
pull_request:
branches:
- main
- develop
permissions:
contents: read
jobs:
cargo-lock-fresh:
name: Cargo.lock Freshness
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: dtolnay/rust-toolchain@stable
- name: Check if Cargo.lock is up-to-date
run: |
# Fetch dependencies with locked flag - fails if lock is stale
if ! cargo fetch --locked 2>&1; then
echo \"\"
echo \"::error::Cargo.lock is stale or out of sync with Cargo.toml\"
echo \"\"
echo \"Run 'cargo update' to refresh the lock file and commit the changes.\"
echo \"\"
exit 1
fi
echo \"Cargo.lock is up-to-date ✓\"
- name: Check for dependency updates
run: |
# Check for available updates (without updating)
cargo outdated --root --locked --format json > /tmp/cargo-outdated.json 2>/dev/null || true
if [ -s /tmp/cargo-outdated.json ]; then
# Count updates
UPDATE_COUNT=$(cat /tmp/cargo-outdated.json | grep -o '\"update\"' | wc -l)
if [ \"$UPDATE_COUNT\" -gt 0 ]; then
echo \"\"
echo \"Found $UPDATE_COUNT dependency updates available.\"
echo \"Consider running 'cargo update' to refresh Cargo.lock.\"
echo \"Dependabot will create PRs for these automatically.\"
fi
fi