From 07782398dd083fc35047c2a1bf4b9ea68a4b2af3 Mon Sep 17 00:00:00 2001
From: jdalton <john.david.dalton@gmail.com>
Date: Wed, 25 Mar 2026 19:18:27 -0400
Subject: [PATCH] fix(ci): rebuild weekly-update.yml with proper YAML and
 features

Add notify job, job summary, set +e/PIPESTATUS exit code capture,
persist-credentials: false with git remote set-url for push auth,
PR body via variable construction.
---
 .github/workflows/weekly-update.yml | 110 +++++++++++++++++-----------
 .node-version                       |   2 +-
 2 files changed, 70 insertions(+), 42 deletions(-)

diff --git a/.github/workflows/weekly-update.yml b/.github/workflows/weekly-update.yml
index faf341dc..991c250c 100644
--- a/.github/workflows/weekly-update.yml
+++ b/.github/workflows/weekly-update.yml
@@ -29,14 +29,14 @@ jobs:
         with:
           persist-credentials: false
 
+      - name: Setup pnpm
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5
+
       - name: Setup Node.js
         uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           node-version-file: .node-version
-          cache: ''
-
-      - name: Setup pnpm
-        uses: pnpm/action-setup@58e6119fe4f3092a76a7771efb55e04d25b6b26f # v5
+          cache: 'pnpm'
 
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
@@ -56,7 +56,7 @@ jobs:
   apply-updates:
     name: Apply updates with Claude Code
     needs: check-updates
-    if: needs.check-updates.outputs.has-updates == 'true' && github.event.inputs.dry-run != 'true'
+    if: needs.check-updates.outputs.has-updates == 'true' && inputs.dry-run != true
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -68,14 +68,14 @@ jobs:
           fetch-depth: 0
           persist-credentials: false
 
+      - name: Setup pnpm
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5
+
       - name: Setup Node.js
         uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           node-version-file: .node-version
-          cache: ''
-
-      - name: Setup pnpm
-        uses: pnpm/action-setup@58e6119fe4f3092a76a7771efb55e04d25b6b26f # v5
+          cache: 'pnpm'
 
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
@@ -85,10 +85,13 @@ jobs:
 
       - name: Create update branch
         id: branch
+        env:
+          GH_TOKEN: ${{ github.token }}
         run: |
           BRANCH_NAME="weekly-update-$(date +%Y%m%d)"
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
+          git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git"
           git checkout -b "$BRANCH_NAME"
           echo "branch=$BRANCH_NAME" >> $GITHUB_OUTPUT
 
@@ -100,17 +103,21 @@ jobs:
           CI: 'true'
           GITHUB_ACTIONS: 'true'
         run: |
-          set -o pipefail
           if [ -z "$ANTHROPIC_API_KEY" ]; then
-            echo "⚠️  ANTHROPIC_API_KEY not set - skipping automated update"
+            echo "ANTHROPIC_API_KEY not set - skipping automated update"
             echo "success=false" >> $GITHUB_OUTPUT
             exit 0
           fi
 
-          if claude --print --dangerously-skip-permissions \
+          set +e
+          claude --print --dangerously-skip-permissions \
             --model sonnet \
             "/updating - Run the updating skill to update all dependencies. Create atomic commits for each update. You are running in CI mode - skip builds and tests. Do not push or create a PR." \
-            2>&1 | tee claude-output.log; then
+            2>&1 | tee claude-output.log
+          CLAUDE_EXIT=${PIPESTATUS[0]}
+          set -e
+
+          if [ "$CLAUDE_EXIT" -eq 0 ]; then
             echo "success=true" >> $GITHUB_OUTPUT
           else
             echo "success=false" >> $GITHUB_OUTPUT
@@ -128,11 +135,8 @@ jobs:
       - name: Push branch
         if: steps.claude.outputs.success == 'true' && steps.changes.outputs.has-changes == 'true'
         env:
-          GITHUB_TOKEN: ${{ github.token }}
           BRANCH_NAME: ${{ steps.branch.outputs.branch }}
-        run: |
-          git remote set-url origin "https://x-access-token:${GITHUB_TOKEN}@github.com/${{ github.repository }}.git"
-          git push origin "$BRANCH_NAME"
+        run: git push origin "$BRANCH_NAME"
 
       - name: Create Pull Request
         if: steps.claude.outputs.success == 'true' && steps.changes.outputs.has-changes == 'true'
@@ -143,37 +147,37 @@ jobs:
           COMMITS=$(git log --oneline origin/main..HEAD)
           COMMIT_COUNT=$(git rev-list --count origin/main..HEAD)
 
-          BODY=$(cat <<EOF
-          ## Weekly Dependency Update
-
-          Automated weekly update of npm packages.
-
-          ### Commits (${COMMIT_COUNT})
-
-          <details>
-          <summary>View commit history</summary>
-
-          \`\`\`
-          ${COMMITS}
-          \`\`\`
-
-          </details>
-
-          ---
-
-          <sub>Generated by [weekly-update.yml](.github/workflows/weekly-update.yml)</sub>
-          EOF
-          )
-          # Strip leading whitespace from heredoc lines
-          BODY=$(echo "$BODY" | sed 's/^          //')
+          PR_BODY="## Weekly Dependency Update"$'\n\n'
+          PR_BODY+="Automated weekly update of npm packages."$'\n\n'
+          PR_BODY+="---"$'\n\n'
+          PR_BODY+="### Commits (${COMMIT_COUNT})"$'\n\n'
+          PR_BODY+="<details>"$'\n'
+          PR_BODY+="<summary>View commit history</summary>"$'\n\n'
+          PR_BODY+="\`\`\`"$'\n'
+          PR_BODY+="${COMMITS}"$'\n'
+          PR_BODY+="\`\`\`"$'\n\n'
+          PR_BODY+="</details>"$'\n\n'
+          PR_BODY+="---"$'\n\n'
+          PR_BODY+="<sub>Generated by [weekly-update.yml](.github/workflows/weekly-update.yml)</sub>"
 
           gh pr create \
             --title "chore(deps): weekly dependency update ($(date +%Y-%m-%d))" \
-            --body "$BODY" \
+            --body "$PR_BODY" \
             --draft \
             --head "$BRANCH_NAME" \
             --base main
 
+      - name: Add job summary
+        if: steps.claude.outputs.success == 'true' && steps.changes.outputs.has-changes == 'true'
+        env:
+          BRANCH_NAME: ${{ steps.branch.outputs.branch }}
+        run: |
+          COMMIT_COUNT=$(git rev-list --count origin/main..HEAD)
+          echo "## Weekly Update Complete" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Branch:** \`${BRANCH_NAME}\`" >> $GITHUB_STEP_SUMMARY
+          echo "**Commits:** ${COMMIT_COUNT}" >> $GITHUB_STEP_SUMMARY
+
       - name: Upload Claude output
         if: always()
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
@@ -181,3 +185,27 @@ jobs:
           name: claude-output-${{ github.run_id }}
           path: claude-output.log
           retention-days: 7
+
+  notify:
+    name: Notify results
+    needs: [check-updates, apply-updates]
+    if: always()
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Report status
+        env:
+          HAS_UPDATES: ${{ needs.check-updates.outputs.has-updates }}
+          DRY_RUN: ${{ inputs.dry-run }}
+        run: |
+          if [ "$HAS_UPDATES" = "true" ]; then
+            if [ "$DRY_RUN" = "true" ]; then
+              echo "Updates available (dry-run mode - no PR created)"
+            else
+              echo "Weekly update workflow completed"
+              echo "Check the PRs tab for the automated update PR"
+            fi
+          else
+            echo "All dependencies are up to date - no action needed!"
+          fi
diff --git a/.node-version b/.node-version
index 7b7376aa..609800fb 100644
--- a/.node-version
+++ b/.node-version
@@ -1 +1 @@
-25.8.1
+25.8.2
\ No newline at end of file