# How to catch up with outdated dependencies in your Swift Package with GitHub actions If you develop a Swift package then most likely you have declared one or more dependencies in your Package.swift manifest. > The Swift Package Manager performs a process called dependency resolution to figure out the exact version of the package dependencies that can be used in your package. The results of the dependency resolution are recorded in the `Package.resolved` file which will be placed in the top-level drectory of your package ## Challenge If you have version-based requirements and your `Package.resolved` is under source control management then you might face the challenge to **catch up with new versions and update the file.** ## Goal Automate the process to * periodically check for outdated versions and * create a pull request to update `Package.resolved` file with new versions based on my package dependency requirements ## Which GitHub actions to use? There is already a great GitHub action to [create a pull request](https://github.com/marketplace/actions/create-pull-request) from modified content within your workflow. I looked into reusing existing GitHub actions to check for outdated dependencies but all of them required to run on macOS which might cause minor problems as GitHub imposes [usage limitations](https://docs.github.com/en/free-pro-team@latest/actions/reference/usage-limits-billing-and-administration#usage-limits) on macOS runner. Therefore I created a new, Docker-based GitHub Action [swift-package-dependencies-check](https://github.com/marketplace/actions/swift-package-dependencies-check) ![The new kid in town](https://cdn.hashnode.com/res/hashnode/image/upload/v1612557387119/ERdgDYlS0.png) Internally the action utilizes *Swift Package Manager* by using * swift package show-dependencies * swift package update (either with or without the — dry-run option) ## Solution These two actions easily allow creating a workflow to periodically check for outdated dependencies and then create a pull request to update those ```yaml name: Swift Package Dependencies on: schedule: - cron: '0 8 * * 1' # every monday AM 8:00 jobs: spm-dep-check: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Check Swift package dependencies uses: MarcoEidinger/swift-package-dependencies-check@1.0.0 with: isMutating: true - name: Create Pull Request if: failure() uses: peter-evans/create-pull-request@v3 with: commit-message: 'chore: update package dependencies' branch: updatePackageDepedencies delete-branch: true title: 'chore: update package dependencies' body: '' ``` ## Conclusion 💚 Feel free to use the new GitHub action and if you see any problems then go ahead and [open a issue](https://github.com/MarcoEidinger/swift-package-dependencies-check/issues) on GitHub. ℹī¸ I deliberately chose that the action fails in case there are outdated dependencies. From my perspective this makes it pretty easy to use the action as a single step in a workflow. If you rather would get the status information and pass them along then you might be happier with one of the other existing GitHub actions like [swiftpm-update-checker](https://github.com/marketplace/actions/swiftpm-update-checker) or [spm-dependencies-checker](https://github.com/marketplace/actions/spm-dependencies-checker) 🎉 Happy version checking! 😃