Dependency update risk analysis with GPT-4o, Slack, Jira & Google Sheets
📘 Description This workflow automates dependency update risk analysis and reporting using Jira, GPT-4o, Slack, and Google Sheets. It continuously monitors Jira for new package or dependency update tickets, uses AI to...
Template notes
📘 Description This workflow automates dependency update risk analysis and reporting using Jira, GPT-4o, Slack, and Google Sheets. It continuously monitors Jira for new package or dependency update tickets, uses AI to assess their risk levels (Low, Medium, High), posts structured comments back into Jira, and alerts the DevOps team in Slack — all while logging historical data into Google Sheets for visibility and trend analysis. This ensures fast, data-driven decisions for dependency upgrades, improved code stability, and reduced security risks — with zero manual triage.
⚙️ What This Workflow Does (Step-by-Step)
🟢 When Clicking “Execute Workflow” Manually triggers the dependency risk analysis sequence for immediate review or scheduled monitoring.
📋 Fetch All Active Jira Issues Retrieves all active Jira issues to identify tickets related to dependency or package updates. Provides the complete dataset — including summary, status, and assignee information — for AI-based risk evaluation.
✅ Validate Jira Query Response Verifies that Jira returned valid issue data before proceeding. If data exists → continues filtering dependency updates. If no data or API error → logs the failure to Google Sheets. Prevents workflow from continuing with empty or broken datasets.
🔍 Identify Dependency Update Issues Filters Jira issues to find only dependency-related tickets (keywords like “update,” “bump,” “package,” or “library”). This ensures only relevant version update tasks are analyzed — filtering out unrelated feature or bug tickets.
🏷️ Extract Relevant Issue Metadata Extracts essential fields such as key, summary, priority, assignee, status, and created date for downstream AI processing. Simplifies the data payload and ensures accurate, structured analysis.
📢 Alert DevOps Team in Slack Immediately notifies the assigned DevOps engineer via Slack DM about any new dependency update issue. Includes formatted details like summary, key, status, priority, and direct Jira link for quick access. Ensures rapid visibility and faster response to potential risk tickets.