README.md (1696B)
1 # Auto-Update Dependencies 2 3 Keep your project's Python dependencies fresh with a nightly CI job that 4 upgrades packages, runs the test suite, and commits the result. 5 6 ## How it works 7 8 `.jci/crontab` schedules a run at midnight every day: 9 10 ``` 11 0 0 * * * run 12 ``` 13 14 When Jaypore CI fires the job, `.jci/run.sh`: 15 16 1. **Snapshots** the current `pip3 freeze` output so you have a baseline. 17 2. **Upgrades** every package listed in `requirements.txt` to its latest 18 compatible version. 19 3. **Snapshots again** and produces a diff showing exactly what changed. 20 4. **Runs the Django test suite** (`manage.py test`) against the updated 21 environment. 22 5. **On success** — freezes the new versions into `requirements.txt` and 23 commits them automatically. 24 6. **On failure** — writes a report listing the updated packages and the 25 test output so you can see what broke. 26 27 All intermediate artifacts (`before-update.txt`, `after-update.txt`, 28 `dep-diff.txt`, `test-results.txt`, and the failure report when applicable) 29 are saved to `$JCI_OUTPUT_DIR` for inspection. 30 31 ## Why nightly updates? 32 33 * **Security** — patches land within hours, not weeks. 34 * **Small diffs** — a daily upgrade rarely touches more than a handful of 35 packages, making breakage easy to diagnose. 36 * **No surprises** — if a new release breaks your tests you find out 37 immediately instead of during a deadline-day deploy. 38 39 ## Adapting this example 40 41 * Swap `pip3` commands for `npm`, `cargo`, `go get -u`, etc. 42 * Replace `manage.py test` with your project's test runner. 43 * Adjust the cron schedule (`0 0 * * 1` for weekly, for example). 44 * Add notifications (email, Slack) by extending `run.sh` after the 45 success/failure branches.