1name: update-flake-lock
 2on:
 3  workflow_dispatch: # allows manual triggering
 4  schedule:
 5    - cron: '0 0 * * 3' # runs weekly on Tuesday at 00:00
 6
 7jobs:
 8  lockfile:
 9    runs-on: ubuntu-latest
10    steps:
11      - name: Checkout repository
12        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
13      - name: Install Nix
14        uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31.9.0
15        with:
16          extra_nix_config: |
17            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
18      - name: Update flake.lock
19        uses: DeterminateSystems/update-flake-lock@834c491b2ece4de0bbd00d85214bb5e83b4da5c6 # v28
20        with:
21          token: ${{ secrets.SBR_BOT_TOKEN }}
22          git-author-name: 'Vincent Demeester (sbr-bot)'
23          git-author-email: 'bot@sbr.pm'
24          git-committer-name: 'Vincent Demeester (sbr-bot)'
25          git-committer-email: 'bot@sbr.pm'
26          pr-title: "Update flake.lock" # Title of PR to be created
27          pr-labels: |                  # Labels to be set on the PR
28            dependencies
29            automated