This GitHub Action checks for outdated dependencies in your Typst project.
Support this project: If you find this action valuable, please consider
leaving a star to help others discover it,
or buy me a coffee to support its development!
- Scans imported packages in Typst files and reports if newer versions are available on Typst Universe
- Adds a comment to pull requests with a summary table of dependencies
🔍
Currently, this action only works with a Typst TOML file located in the root
directory of your repository. It will NOT work in any other case.
🔍
Also, due to the fact that Typst Universe does not have an official API, the
action relies on web scraping to get the latest version information. It is
therefore not recommended for use in production environments.
v1.0.0 [Milestone]
- Update comment on PR to avoid multiple comments #6
- Use GitHub as source of truth for latest versions instead of Typst Universe #7
- Improve comment formatting #8
- Increase test coverage to 80%+ #9
- Support for other project types
- Allow user to specify path(s) to project file(s)
- Automatically detect of no TOML is found in root, and scan for project files
Add the following to your GitHub Actions workflow file (e.g.
.github/workflows/deps-check.yml):
name: Check Typst deps
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
check-deps:
permissions:
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Typst Dependency Checker
uses: TomVer99/typst-check-deps@v0.1.0
id: deps
with:
fail-on-newer-version: false
- name: Post results as PR comment
uses: peter-evans/create-or-update-comment@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.repository }}
issue-number: ${{ github.event.pull_request.number }}
body: ${{ steps.deps.outputs.table }}Inputs
fail-on-newer-version(optional, boolean) — Iftrue, the action fails the job when a newer version is detected. Default:false. (can be used to fail CI when outdated dependencies are found)
