Add dependency-review workflow for Dependabot/Renovate PR analysis

[Copilot]

Adds a new Dependency Review GitHub Agent Workflow that automatically analyzes Dependabot and Renovate dependency update PRs across all major ecosystems.

Workflow capabilities

• Ecosystem classification: identifies dependency type from changed manifest files — GitHub Actions, Buildkite plugins, Go modules, npm/Node packages, Python (pip/Poetry/uv), and Java/Kotlin (Maven/Gradle).
• Commit verification (GitHub Actions): checks SHA-pinned actions for commit verification and highlights supply-chain risk for unverified commits.
• Changelog analysis: summarizes release/changelog highlights between old and new versions, including breaking changes, deprecations, and required configuration changes. Supports both GitHub-hosted and registry-based dependencies.
• Usage analysis: finds where updated dependencies are used across the repository with ecosystem-aware search (workflow references, Go imports, npm requires, Python imports, Java references) and evaluates compatibility with current usage.
• Testability assessment: flags higher-risk when affected workflows cannot be validated in PR context (push/release/schedule/workflow_dispatch-only triggers).
• Ecosystem-specific guidance: Go major version import path breaks, npm peer dependency conflicts and devDependency classification, Python version requirements and native extension concerns, Java groupId relocation and JDK version changes.
• Buildkite pin format checks: flags SHA→mutable tag and mutable tag→mutable tag updates.
• Safe outputs: posts a structured PR comment and can apply needs-human-review / higher-risk labels (including for major version bumps in any ecosystem).

Included changes

• Added workflow source: .github/workflows/gh-aw-dependency-review.md
• Added compiled workflow: .github/workflows/gh-aw-dependency-review.lock.yml
• Added trigger for this repo: .github/workflows/trigger-dependency-review.yml
• Added reusable example trigger: gh-agent-workflows/dependency-review/example.yml
• Added workflow docs: gh-agent-workflows/dependency-review/README.md
• Updated workflow listings:
  • gh-agent-workflows/README.md
  • docs/workflows/gh-agent-workflows.md

Quick install

mkdir -p .github/workflows && curl -sL \
  https://raw.githubusercontent.com/elastic/ai-github-actions/v0/gh-agent-workflows/dependency-review/example.yml \
  -o .github/workflows/dependency-review.yml

Manual usage via mention-in-pr

Comment on any dependency-update PR with:

/ai Analyze this dependency update PR: classify each dependency by ecosystem, check for breaking changes, summarize changelog highlights, assess usage compatibility, and note testability in PR context.

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Summary by CodeRabbit

• New Features

  • Added automated dependency review that analyzes Dependabot and Renovate pull requests across multiple ecosystems (GitHub Actions, Go, npm, Python, Java, Buildkite).
  • Provides structured analysis with changelog highlights, compatibility checks, and risk assessment in PR comments.

• Documentation

  • Added comprehensive guides for the new dependency review workflow.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 48ad6e5 and 3aed306.

📒 Files selected for processing (6)

• .github/workflows/gh-aw-dependency-review.lock.yml
• .github/workflows/gh-aw-dependency-review.md
• docs/workflows/gh-agent-workflows.md
• gh-agent-workflows/README.md
• gh-agent-workflows/dependency-review/README.md
• gh-agent-workflows/dependency-review/example.yml

---

📝 Walkthrough

Walkthrough

Adds a new AI-driven Dependency Review workflow and supporting docs that analyze Dependabot/Renovate PRs across ecosystems, run Copilot-based analysis with safe-output and threat-detection paths, redact secrets, upload artifacts, and post structured comments/labels on PRs.

Changes

Cohort / File(s)	Summary
Core Workflow .github/workflows/gh-aw-dependency-review.lock.yml	New multi-job locked GitHub Actions workflow implementing pre-activation gating, Copilot agent analysis, safe-outputs MCP server, optional threat-detection, artifact uploads, secret redaction, and conclusion/labeling logic.
Trigger / Example .github/workflows/trigger-dependency-review.yml, gh-agent-workflows/dependency-review/example.yml	Trigger workflows that invoke the locked workflow on Dependabot/Renovate PRs and demonstrate reuse with COPILOT_GITHUB_TOKEN.
Spec / Inline Doc .github/workflows/gh-aw-dependency-review.md	Markdown-encoded agent specification and workflow metadata describing inputs, per-dependency checks, labeling rules, prompts, and comment templates.
Documentation / Catalog docs/workflows/gh-agent-workflows.md, gh-agent-workflows/README.md, gh-agent-workflows/dependency-review/README.md	Docs added/updated to list the Dependency Review workflow, provide README, quick install, triggers, inputs, safe outputs, and manual usage instructions.

Sequence Diagram

sequenceDiagram
    participant PR as PR Event
    participant Activation as Activation Job
    participant Agent as Copilot Agent Job
    participant SafeOutputs as SafeOutputs MCP
    participant Threat as Threat Detection Job
    participant Conclusion as Conclusion Job
    participant GitHub as GitHub Platform

    PR->>Activation: pull_request (dependabot/renovate)
    Activation->>Activation: eligibility & pre-activation checks
    Activation-->>Agent: start agent run

    Agent->>Agent: checkout, gather repo/PR context
    Agent->>SafeOutputs: emit analysis outputs (redacted)
    Agent->>Threat: optionally invoke threat-detection with agent outputs
    Threat-->>Agent: detection results / parsed conclusions

    SafeOutputs->>Conclusion: provide secured outputs & artifacts
    Agent->>Conclusion: provide agent logs & prompts
    Conclusion->>GitHub: post comment, apply labels, upload artifacts

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• Add PR Buildkite detective workflow #246: Another large auto-generated Copilot-driven workflow with similar multi-job scaffolding (activation, agent, safe-outputs, threat-detection).
• Update actions permissions #400: Changes around COPILOT_GITHUB_TOKEN handling and secret validation that this workflow reuses.
• Clarify lock files and trigger files are auto-generated; add do-not-modify headers #335: Trigger-generation/tooling changes affecting locked/generated workflow headers and annotations used by this PR.

Suggested reviewers

• github-actions

Poem

🐇 I hopped through diffs at break of day,

Changelogs read and labels tucked away,
Secrets masked, the artifacts in line,
Dependabot's updates checked and fine,
A little rabbit cheers: this review's divine!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically identifies the primary change: adding a dependency-review workflow for analyzing Dependabot/Renovate PRs, which is the main objective of the PR.
Linked Issues check	✅ Passed	The PR implements all core requirements from issue #426: commit verification for GitHub Actions, changelog analysis, usage compatibility assessment, testability checks, Buildkite pin format detection, and labeling (needs-human-review/higher-risk) with structured PR comments.
Out of Scope Changes check	✅ Passed	All changes align with the linked issue scope. While commit messages reference generalization for future dependency types, the workflow code and documentation remain focused on GitHub Actions and Buildkite plugins as specified in issue #426.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch copilot/create-github-agent-workflow

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[strawgate]

/ai dependabot PRS can be for more than just GitHub action uses in workflows? Right? So don't we need to not be so specific about the criteria we use as it could be for other kinds of dependencies?

[github-actions]

Good catch — yes, Dependabot/Renovate PRs can update many dependency types beyond GitHub Actions/Buildkite. In this PR the workflow is intentionally scoped to Actions/Buildkite (matching issue #426), but I agree the criteria should be generalized so type-specific checks are conditional rather than globally narrowing analysis; I recommend a follow-up change to classify all updated dependencies first, then run applicable checks per type and report unsupported types explicitly.

---

What is this? | From workflow: Mention in PR

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.

[strawgate]

/ai let's make this more general about reviewing the different kind of dependabot and renovate PRs

[cla-checker-service]

❌ Author of the following commits did not sign a Contributor Agreement:
, , 48ad6e5,

Please, read and sign the above mentioned agreement if you want to contribute to this project

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@gh-agent-workflows/dependency-review/README.md`:
- Line 23: The documented workflow triggers list includes dependabot[bot] and
renovate[bot] but the example input default for allowed-bot-users only lists
github-actions[bot]; update the README so the defaults match: change the
allowed-bot-users default to include dependabot[bot],renovate[bot] (e.g.
"github-actions[bot],dependabot[bot],renovate[bot]") or alternatively add a
clear note next to the allowed-bot-users input requiring users to explicitly set
it when using dependency bots; reference the allowed-bot-users input name and
the pull_request trigger entries when making the change.

---

ℹ️ Review info

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f722ed1 and 48ad6e5.

📒 Files selected for processing (4)

• docs/workflows/gh-agent-workflows.md
• gh-agent-workflows/README.md
• gh-agent-workflows/dependency-review/README.md
• gh-agent-workflows/dependency-review/example.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• gh-agent-workflows/dependency-review/example.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# First, verify the files exist
echo "=== Checking file existence ==="
for file in \
  gh-agent-workflows/dependency-review/README.md \
  gh-agent-workflows/dependency-review/example.yml \
  .github/workflows/trigger-dependency-review.yml \
  .github/workflows/gh-aw-dependency-review.md \
  .github/workflows/gh-aw-dependency-review.lock.yml; do
  if [ -f "$file" ]; then
    echo "✓ $file exists"
  else
    echo "✗ $file NOT FOUND"
  fi
done

echo ""
echo "=== Searching for bot references and allowed-bot-users ==="
rg -n -C2 'allowed-bot-users|dependabot\[bot\]|renovate\[bot\]|github-actions\[bot\]' \
  --max-count=50 2>/dev/null || echo "Pattern search returned no results or error"

Repository: elastic/ai-github-actions

Length of output: 33207

---

🏁 Script executed:

# Also check lines 23 and 31 of the README specifically
echo "=== Content around lines 23 and 31 of README ==="
if [ -f "gh-agent-workflows/dependency-review/README.md" ]; then
  echo "Lines 20-26:"
  sed -n '20,26p' gh-agent-workflows/dependency-review/README.md
  echo ""
  echo "Lines 28-34:"
  sed -n '28,34p' gh-agent-workflows/dependency-review/README.md
fi

Repository: elastic/ai-github-actions

Length of output: 643

---

🏁 Script executed:

# Check the actual defaults in example.yml or lock file
echo "=== Checking for defaults in workflow files ==="
if [ -f "gh-agent-workflows/dependency-review/example.yml" ]; then
  echo "=== Content of example.yml ==="
  cat gh-agent-workflows/dependency-review/example.yml
fi

Repository: elastic/ai-github-actions

Length of output: 861

---

Update allowed-bot-users default or clarify trigger mismatch.

The workflow triggers on dependabot[bot] and renovate[bot] PRs (line 23), but the allowed-bot-users input defaults to github-actions[bot] (line 31). If users copy the example without overriding this parameter, the workflow will run on dependency PRs but exclude the bots that trigger it. Either add dependabot[bot],renovate[bot] to the default allowlist, or update the documentation to require users explicitly set this parameter.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@gh-agent-workflows/dependency-review/README.md` at line 23, The documented
workflow triggers list includes dependabot[bot] and renovate[bot] but the
example input default for allowed-bot-users only lists github-actions[bot];
update the README so the defaults match: change the allowed-bot-users default to
include dependabot[bot],renovate[bot] (e.g.
"github-actions[bot],dependabot[bot],renovate[bot]") or alternatively add a
clear note next to the allowed-bot-users input requiring users to explicitly set
it when using dependency bots; reference the allowed-bot-users input name and
the pull_request trigger entries when making the change.

[strawgate]

@coderabbitai fix this for me

[coderabbitai]

🧩 Analysis chain

@strawgate, I'll fix this for you. Let me first examine the workflow source files to understand where the default is defined.

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== Checking workflow source file for allowed-bot-users default ==="
if [ -f ".github/workflows/gh-aw-dependency-review.md" ]; then
  echo "Content of gh-aw-dependency-review.md:"
  cat .github/workflows/gh-aw-dependency-review.md
fi

echo ""
echo "=== Checking example.yml for allowed-bot-users usage ==="
if [ -f "gh-agent-workflows/dependency-review/example.yml" ]; then
  echo "Content of example.yml:"
  cat gh-agent-workflows/dependency-review/example.yml
fi

Length of output: 9759

---

@strawgate, I've examined the workflow source. The actual behavior is correct – dependabot[bot] and renovate[bot] are always allowed by default (hardcoded in the workflow's bots configuration), in addition to whatever is specified in allowed-bot-users. The issue is just that the README doesn't clarify this. Let me fix the documentation:

Task: Fix README documentation for allowed-bot-users default

The allowed-bot-users input defaults to github-actions[bot], but the workflow also hardcodes dependabot[bot] and renovate[bot] as allowed bots. Update the README to clarify this.

---

🧠 Learnings used

Learnt from: CR
Repo: elastic/ai-github-actions PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-02-21T07:31:50.826Z
Learning: Review and reference GitHub Agent Workflows from ./gh-agent-workflows directory

---

Learnt from: CR
Repo: elastic/ai-github-actions PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-02-21T07:31:50.826Z
Learning: Applies to {README.md,DEVELOPING.md,docs/upgrading.md} : Document AI GitHub Actions implementation and configuration in README.md, DEVELOPING.md, and docs/upgrading.md

---

Learnt from: CR
Repo: elastic/ai-github-actions PR: 0
File: gh-agent-workflows/AGENTS.md:0-0
Timestamp: 2026-02-20T21:53:19.599Z
Learning: Applies to gh-agent-workflows/**/DEVELOPING.md : GitHub Agent Workflows documentation should be maintained in DEVELOPING.md

---

Learnt from: CR
Repo: elastic/ai-github-actions PR: 0
File: gh-agent-workflows/AGENTS.md:0-0
Timestamp: 2026-02-20T21:53:19.599Z
Learning: Applies to gh-agent-workflows/**/README.md : GitHub Agent Workflows documentation should be maintained in README.md

---

Learnt from: strawgate
Repo: elastic/ai-github-actions PR: 312
File: .github/workflows/gh-aw-small-problem-fixer.lock.yml:677-680
Timestamp: 2026-02-21T06:36:36.262Z
Learning: In the elastic/ai-github-actions repository, files with the `.lock.yml` extension under `.github/workflows/` are auto-generated by running `gh aw compile` from corresponding `.md` source files. Do not suggest edits to `.lock.yml` files directly, as they will be overwritten. Any changes must be made to the source `.md` files instead.

---

Learnt from: CR
Repo: elastic/ai-github-actions PR: 0
File: claude-workflows/AGENTS.md:0-0
Timestamp: 2026-02-20T21:53:17.007Z
Learning: Applies to claude-workflows/**/README.md : Follow guidelines documented in README.md for Claude Workflows composite actions

---

💡 Use @coderabbitai plan to create a plan for code changes

[strawgate]

We're still only really covering github actions, how should other kinds of dependency updates be triaged? we dont have to be super specific but general guidance for Golang, Python, Java and Node probably makes sense

[strawgate]

remove chainguard reference

[Copilot]

Removed in 84dc2fd.

[Copilot]

We're still only really covering github actions, how should other kinds of dependency updates be triaged? we dont have to be super specific but general guidance for Golang, Python, Java and Node proba...

Added ecosystem-specific guidance for Go, npm/Node, Python (pip/Poetry/uv), and Java/Kotlin (Maven/Gradle) in 84dc2fd. The workflow now classifies dependencies by manifest file type, runs shared checks (changelog, usage analysis, compatibility), and applies ecosystem-specific checks — e.g. Go major version import path changes, npm peer dependency conflicts, Python minimum version requirements, Java groupId relocations.