Dependency Management #3

	name: Dependency Management

	on:
	schedule:
	- cron: "0 0 * * 0" # Weekly
	workflow_dispatch:

	permissions:
	contents: write
	pull-requests: write

	jobs:
	update-dependencies:
	name: Update Dependencies
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v4
	with:
	go-version: "1.23"

	- name: Update dependencies
	run: \|
	go get -u ./...
	go mod tidy

	- name: Run tests
	run: go test -v ./...
	continue-on-error: true

	- name: Create Pull Request
	uses: peter-evans/create-pull-request@v5
	with:
	commit-message: "chore: update dependencies"
	title: "chore: update Go dependencies"
	body: "Automated dependency update"
	branch: chore/update-dependencies
	delete-branch: true

	security-scan:
	name: Security Vulnerability Scan
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v4
	with:
	go-version: "1.23"

	- name: Run govulncheck
	run: \|
	go install golang.org/x/vuln/cmd/govulncheck@latest
	govulncheck ./...
	continue-on-error: true

	- name: Create issue if vulnerabilities found
	if: failure()
	uses: actions/github-script@v6
	with:
	script: \|
	github.rest.issues.create({
	owner: context.repo.owner,
	repo: context.repo.repo,
	title: 'Security: Vulnerabilities detected in dependencies',
	body: 'Run `govulncheck ./...` to see details'
	})

Provide feedback