update-flake-lock/.github/workflows/update.yml

name: "Flake.lock: update Nix dependencies"

on:
  workflow_dispatch: # allows manual triggering
  schedule:
    - cron: "0 0 * * 0" # runs weekly on Sunday at 00:00

jobs:
  nix-flake-update:
    permissions:
      contents: write
      id-token: write
      issues: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v5
      - uses: DeterminateSystems/determinate-nix-action@v3
      - uses: DeterminateSystems/update-flake-lock@main
        with:
          pr-title: "Update Nix flake inputs" # Title of PR to be created
          pr-labels: | # Labels to be set on the PR
            dependencies
            automated