Open in app

Sign in

Write

Sign in

How to catch up with outdated dependencies in your Swift Package with GitHub actions

Marco Eidinger
2 min readOct 12, 2020

--

If you develop a Swift package then most likely you have declared one or more dependencies in your Package.swift manifest.

The Swift Package Manager performs a process called dependency resolution to figure out the exact version of the package dependencies that can be used in your package. The results of the dependency resolution are recorded in the Package.resolved file which will be placed in the top-level drectory of your package

Challenge

If you have version-based requirements and your Package.resolved is under source control management then you might face the challenge to catch up with new versions and update the file.

Goal

Automate the process to

  • periodically check for outdated versions and
  • create a pull request to update Package.resolved file with new versions based on my package dependency requirements

Which GitHub actions to use?

There is already a great GitHub action to create a pull request from modified content within your workflow.

I looked into reusing existing GitHub actions to check for outdated dependencies but all of them required to run on macOS which might cause minor problems as GitHub imposes usage limitations on macOS runner.

Therefore I created a new, Docker-based GitHub Action swift-package-dependencies-check

The new kid in tow

Internally the action utilizes Swift Package Manager by using

  • swift package show-dependencies
  • swift package update (either with or without the — dry-run option)

Solution

These two actions easily allow creating a workflow to periodically check for outdated dependencies and then create a pull request to update those

Workflow to periodically check for outdated Swift Package dependencies and then create a pull request to update them

Conclusion

💚 Feel free to use the new GitHub action and if you see any problems then go ahead and open a issue on GitHub.

ℹ️ I deliberately chose that the action fails in case there are outdated dependencies. From my perspective this makes it pretty easy to use the action as a single step in a workflow. If you rather would get the status information and pass them along then you might be happier with one of the other existing GitHub actions like swiftpm-update-checker or spm-dependencies-checker

🎉 Happy version checking! 😃

Swift
Swift Package
Swift Package Manager
Dependency Management
Github Actions

--

--

Marco Eidinger
Marco Eidinger

Written by Marco Eidinger

137 Followers
28 Following

Software Engineer open-source and enterprise mobile SDKs for iOS and macOS developers | @MarcoEidinger on Twitter | visit blog.eidinger.info

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams