DevOps Enhanced MCP

Overview Schema Related Servers Score Discussions

dependency-update.yml•6.54 KiB

name: Dependency Updates permissions: contents: write pull-requests: write issues: write on: schedule: # Run every Monday at 9 AM UTC - cron: '0 9 * * 1' workflow_dispatch: # Allow manual trigger jobs: update-dependencies: name: Update Dependencies runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Check for outdated packages run: | npm outdated --json > outdated.json || true if [ -s outdated.json ]; then echo "Outdated packages found:" cat outdated.json echo "HAS_UPDATES=true" >> $GITHUB_ENV else echo "All packages are up to date" echo "HAS_UPDATES=false" >> $GITHUB_ENV fi - name: Update dependencies if: env.HAS_UPDATES == 'true' run: | # Update patch and minor versions only npm update # Check if package-lock.json changed if git diff --quiet package-lock.json; then echo "No dependency updates needed" echo "CHANGES_MADE=false" >> $GITHUB_ENV else echo "Dependencies updated" echo "CHANGES_MADE=true" >> $GITHUB_ENV fi - name: Run tests after update if: env.CHANGES_MADE == 'true' run: | npm ci npm run build npm test - name: Create Pull Request if: env.CHANGES_MADE == 'true' uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: | chore: update dependencies - Update npm dependencies to latest patch/minor versions - All tests passing after update - Automated dependency maintenance 🤖 Generated by GitHub Actions title: 'chore: automated dependency updates' body: | ## 📦 Dependency Updates This PR contains automated dependency updates for the devops-enhanced-mcp project. ### Changes Made - ✅ Updated npm dependencies to latest patch/minor versions - ✅ Verified all tests pass with updated dependencies - ✅ Build process validated with new versions ### Validation - [x] All existing tests pass - [x] Build process completes successfully - [x] No breaking changes detected ### Review Checklist - [ ] Review dependency changes in package-lock.json - [ ] Verify CI/CD pipeline passes - [ ] Test MCP server functionality if needed 🤖 This PR was created automatically by GitHub Actions branch: chore/dependency-updates delete-branch: true labels: | dependencies automated maintenance - name: Configure git run: | git config --global user.email "github-actions[bot]@users.noreply.github.com" git config --global user.name "github-actions[bot]" - name: Set up authentication run: git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git - name: Push changes run: git push --force-with-lease origin chore/dependency-updates security-audit: name: Security Audit runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '18' cache: 'npm' - name: Install dependencies run: npm ci - name: Run security audit run: | # Run audit and capture output npm audit --audit-level moderate --json > audit-results.json || true # Check if vulnerabilities found if [ -s audit-results.json ]; then VULN_COUNT=$(cat audit-results.json | jq '.metadata.vulnerabilities.total // 0') if [ "$VULN_COUNT" -gt 0 ]; then echo "🚨 Security vulnerabilities found: $VULN_COUNT" echo "VULNERABILITIES_FOUND=true" >> $GITHUB_ENV cat audit-results.json | jq '.vulnerabilities' else echo "✅ No security vulnerabilities found" echo "VULNERABILITIES_FOUND=false" >> $GITHUB_ENV fi else echo "✅ Security audit completed successfully" echo "VULNERABILITIES_FOUND=false" >> $GITHUB_ENV fi - name: Create security issue if: env.VULNERABILITIES_FOUND == 'true' uses: actions/github-script@v7 with: script: | const fs = require('fs'); const auditResults = JSON.parse(fs.readFileSync('audit-results.json', 'utf8')); const title = '🚨 Security vulnerabilities detected in dependencies'; const body = ` ## Security Audit Report **Total vulnerabilities found:** ${auditResults.metadata?.vulnerabilities?.total || 0} ### Severity Breakdown - **Critical:** ${auditResults.metadata?.vulnerabilities?.critical || 0} - **High:** ${auditResults.metadata?.vulnerabilities?.high || 0} - **Moderate:** ${auditResults.metadata?.vulnerabilities?.moderate || 0} - **Low:** ${auditResults.metadata?.vulnerabilities?.low || 0} ### Recommended Actions 1. Review the vulnerabilities listed below 2. Update affected packages to secure versions 3. Run \`npm audit fix\` to automatically fix issues 4. Consider using \`npm audit fix --force\` for breaking changes if necessary ### Audit Details \`\`\`json ${JSON.stringify(auditResults.vulnerabilities, null, 2)} \`\`\` **Note:** This issue was automatically created by the security audit workflow. `; github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: title, body: body, labels: ['security', 'automated', 'vulnerability'] });

Loading blob content...

Latest Blog Posts

MCP isn't dead–it's maturing
By punkpeye on January 20, 2026.
mcp
Google's AI Overview Has Been Sending Me the Wrong Customers for 6 Months
By punkpeye on January 20, 2026.
google
ai
startups
Expose Your Local MCP Server to the Internet
By punkpeye on January 19, 2026.
MCP Inspector
mcp
tutorial

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/wangkanai/devops-enhanced-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

dependency-update.yml•6.54 KiB