feat: implemented better-dependabot

.github/workflows/test-better-dependabot.yml

@@ -0,0 +1,16 @@
+name: Automated Dependency Updates
+
+on:
+  schedule:
+    - cron: '0 0 * * 0' # Weekly on Sunday at 00:00
+  workflow_dispatch: # Allows manual triggering
+
+jobs:
+  update-dependencies:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Better Dependabot
+        uses: Drassil/gh-actions-collection/better-dependabot@master
+        with:
+          version_target: 'patch' # Example: target minor version updates
+          token: ${{ secrets.GITHUB_TOKEN }} # Use a GitHub PAT or `${{ secrets.GITHUB_TOKEN }}`

README.md

@@ -6,3 +6,4 @@ Collection of reusable github actions
 - [changed-files](./changed-files/README.md)
 - [node-setup](./node-setup/README.md)
 - [extra-info](./extra-info/README.md)
+- [better-dependabot](./better-dependabot/README.md)

better-dependabot/README.md

@@ -0,0 +1,59 @@
+# Better Dependabot GitHub Action
+
+## Introduction
+
+The Better Dependabot GitHub Action automates the process of updating NPM packages and creating pull requests for those updates. Unlike traditional dependabot updates, this action allows for more granular control over the update process, including specifying the version target for updates and adding custom arguments for the `npm-check-updates` package.
+
+## Features
+
+- Checks for existing pull requests to avoid duplicate updates.
+- Updates NPM packages based on a specified version target (`latest`, `newest`, `greatest`, `minor`, `patch`, `semver`).
+- Creates a new branch and pull request with the updated `package.json` and `package-lock.json` files.
+- Allows for custom npm arguments to fine-tune the update process.
+
+## Inputs
+
+| Input          | Description                                                                                           | Required | Default |
+|----------------|-------------------------------------------------------------------------------------------------------|----------|---------|
+| `node_version` | Node version used for the Node.js commands.                                                           | No       | `lts/*` |
+| `npm_version`  | NPM version used for the npm commands.                                                                | No       | `''`    |
+| `version_target` | Determines the version to upgrade to. Options: `latest`, `newest`, `greatest`, `minor`, `patch`, `semver`. | No       | `patch` |
+| `ncu_args`     | Extra arguments for the `npm-check-updates` command.                                                  | No       | `''`    |
+| `token`        | A GitHub PAT (Personal Access Token) for authenticating GitHub CLI operations.                        | Yes      | N/A     |
+
+## Usage
+
+To use the Better Dependabot GitHub Action in your workflow, follow these steps:
+
+1. Create a `.github/workflows` directory in your repository (if it doesn't already exist).
+2. Create a new YAML file within the `.github/workflows` directory. For example, `better-dependabot.yml`.
+3. Add the following configuration to your YAML file, adjusting the inputs as necessary:
+
+```yaml
+name: Automated Dependency Updates
+
+on:
+  schedule:
+    - cron: '0 0 * * 0' # Weekly on Sunday at 00:00
+  workflow_dispatch: # Allows manual triggering
+
+jobs:
+  update-dependencies:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Better Dependabot
+        uses: Drassil/gh-actions-collection/better-dependabot@master
+        with:
+          node_version: '20' # Example: specify the Node.js version
+          version_target: 'minor' # Example: target minor version updates
+          ncu_args: '--filter /react/' # Example: update react packages only
+          token: ${{ secrets.GITHUB_TOKEN }} # Use a GitHub PAT or `${{ secrets.GITHUB_TOKEN }}`
+```
+
+## Example Workflow
+The provided example in the Usage section sets up a weekly job that checks and updates your NPM dependencies, targeting minor versions, and focuses on packages related to React.
+
+For more detailed control or different scheduling, adjust the cron syntax in the on.schedule field or modify the input parameters as needed.
+
+## Support
+For support or questions about using this GitHub Action, please open an issue in the repository.

better-dependabot/action.yml

@@ -0,0 +1,94 @@
+name: "better-dependabot"
+description: "Update NPM Packages and Create PR"
+inputs:
+  node_version:
+    description: 'node version used for the node commands'
+    required: false
+    default: 'lts/*'
+  npm_version:
+    description: 'npm version used for the npm commands'
+    required: false
+    default: ''
+  version_target:
+    description: 'Determines the version to upgrade to: latest, newest, greatest, minor, patch, semver. (default: patch)'
+    required: false
+    default: 'patch'
+  ncu_args:
+    descriptions: 'Extra args for the npm-check-updates'
+    required: false
+    type: string
+  token:
+    description: 'A Github PAT'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+
+    - name: Check for Existing Pull Requests
+      id: check_pr
+      run: |
+        BRANCH_PREFIX="better-dependabot-updates-${{ inputs.version_target }}"
+        BRANCH_NAME=$BRANCH_PREFIX-$(date +%Y%m%d%H%M%S)
+        PR_EXISTS=$(gh pr list --search "head:${BRANCH_PREFIX} type:pr state:open" | wc -l)
+        echo "PR_EXISTS=${PR_EXISTS}" >> $GITHUB_ENV
+        echo "BRANCH_NAME=${BRANCH_NAME}" >> $GITHUB_ENV
+        echo "::set-output name=pr_exists::${PR_EXISTS}"
+      shell: bash
+      env:
+        GITHUB_TOKEN: ${{ inputs.token }}
+
+    - name: Install node
+      if: steps.check_pr.outputs.pr_exists == '0'
+      uses: Drassil/gh-actions-collection/extra-info@master
+      id: prepare
+      with:
+        npm_version: ${{ inputs.npm_version }}
+        node_version: ${{ inputs.node_version }}
+
+    - name: Install npm-check-updates
+      if: steps.check_pr.outputs.pr_exists == '0'
+      shell: bash
+      run: npm install -g npm-check-updates
+
+    - name: Check npm updates
+      if: steps.check_pr.outputs.pr_exists == '0'
+      shell: bash
+      run: ncu --target ${{ inputs.version_target }} ${{ inputs.ncu_args }}
+
+    - name: Update package.json
+      if: steps.check_pr.outputs.pr_exists == '0'
+      shell: bash
+      run: ncu -u --target ${{ inputs.version_target }} ${{ inputs.ncu_args }}
+
+    - name: Install updated packages
+      if: steps.check_pr.outputs.pr_exists == '0'
+      shell: bash
+      run: npm install --package-lock-only
+
+    - name: Create a new branch
+      if: steps.check_pr.outputs.pr_exists == '0'
+      run: |
+        git checkout -b $BRANCH_NAME
+      shell: bash
+
+    # Placeholder for committing changes - customize as necessary
+    - name: Commit changes
+      if: steps.check_pr.outputs.pr_exists == '0'
+      run: |
+        git config --global user.name 'github-actions[bot]'
+        git config --global user.email 'github-actions[bot]@users.noreply.github.com'
+        git add --all
+        git commit -m "Update dependencies"
+        git push --set-upstream origin $BRANCH_NAME
+      shell: bash
+      env:
+        GITHUB_TOKEN: ${{ inputs.token }}
+
+    - name: Create Pull Request
+      if: steps.check_pr.outputs.pr_exists == '0'
+      run: |
+        gh pr create --title "Better Dependabot: Update ${{ inputs.version_target }} dependencies" --body "This PR updates dependencies to the most recent ${{ inputs.version_target }} versions." --head $BRANCH_NAME --base main
+      shell: bash
+      env:
+        GITHUB_TOKEN: ${{ inputs.token }}
+