---
# .github/workflows/dependency-update.md  ·  GitHub Agentic Workflow (gh-aw)
# QRefAI AI Coding Field Guide, Part 3 (Q3.6)
#
# Proposes dependency updates with a written risk summary. READ-ONLY token; opens
# a draft PR via the create-pull-request safe output. The network firewall (Squid
# allowlist, enforced by --strict) is what keeps this from reaching arbitrary hosts.
# Compile with:  gh aw compile --strict
on:
  schedule:
    - cron: "0 7 * * 1"     # weekly, Monday 07:00 UTC
  workflow_dispatch: {}

permissions:
  contents: read

safe-outputs:
  create-pull-request:
    max: 1
    draft: true
---

# Dependency update

Review the project's dependency manifests and lockfiles:

1. Identify dependencies with available updates, prioritizing security patches.
2. For each proposed bump, note: current → target version, whether it's a
   security fix, and any breaking-change risk from the changelog.
3. Open ONE draft PR grouping low-risk updates, with a summary table and the
   security-relevant ones called out at the top.

Do not bump major versions with breaking changes in the same PR — list those
separately in the PR body for a human to schedule. Run the test command if
available and report the result. Never merge.

<!--
  SUPPLY-CHAIN NOTE: the --strict network firewall restricts outbound traffic to an
  allowlist. Keep registry/changelog hosts on that allowlist; this is your defense
  against an update step being steered to a malicious host.
-->