ENGINEERING

Weekly digest of open dependency MRs ranked by blast radius

On a schedule, this collects every open dependency-bump MR in GitLab, ranks them by how much of the codebase each touches, and posts a prioritized review digest to Slack.

CategoryEngineering

Enginesim

Difficultyintermediate

Triggerschedule

Steps5

Setup~15 min

How it runs

The automated pipeline, trigger to output.

TriggerWeekly schedule fires
ActionList open dependency-bump MRs in GitLabGitLab
ActionResolve affected modules and tests per MRPostgres
LogicRank by blast-radius score and SLA age
OutputPost prioritized review digest to SlackSlack

What it does

It sweeps all open dependency MRs once a week, scores each by blast radius (modules touched, tests affected, semver jump), and posts a single ranked digest so reviewers tackle the riskiest, longest-waiting bumps first instead of triaging notification noise.

When to use it

Use it when automated dependency MRs accumulate faster than they get reviewed and you want one Monday-morning view of what actually needs human attention versus what can be batch-merged.

How it works

1A weekly schedule triggers the run.
2The workflow lists all open MRs in GitLab carrying the dependency-bump label.
3For each, it pulls the bumped packages and resolves affected modules and tests from the Postgres dependency graph.
4A logic step ranks MRs by a composite blast-radius score and flags any open longer than your SLA.
5It posts a formatted Slack digest with the ranked list, each MR's affected-module count, and direct review links.

Set it up

What you configure once, before turning it on.

1
Connect GitLabRepos, MRs, pipelines, registry.
2
Connect PostgresAny Postgres URL — query, write, migrate.
3
Connect SlackChannels, DMs, threads, mentions.
4
Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
5
Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
6
Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More Engineering workflows

Gate breaking API PRs behind downstream consumer acknowledgement

When a PR introduces a breaking contract change, comments the impact summary back on the PR, applies a blocking label.

Publish a versioned API changelog to Confluence on each release tag

On a new semver release tag, gathers the contract changes since the last release and writes a clean.

Agent reviews model-license fit and suggests compliant swaps on the PR

When a PR adds a Hugging Face model, an agent reads the model card and license, judges fit against your commercial-use policy.

Upgrade Impact Router to Module Code Owners

Maps a dependency-bump PR's affected modules to their CODEOWNERS, then DMs each owner on Slack with only the changelog slice that touches code they own.

Re-Voice IVR Prompts on Phone-Tree Config Merge

When a phone-tree config change merges in GitHub, regenerates the ElevenLabs audio for any prompt whose script changed in the diff and opens a follow-up PR adding the new audio…

Upstream Release to Notion Upgrade Brief

When a watched package publishes a new release, fetches the release notes, maps them to the internal modules that depend on it.

Browse all Engineering →

Run it inside a business

This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.

E-commerce

E-commerce Operator

Listings, support, inventory, and ads — running 24/7.

Finance

Research & Trading Desk

Governance-first research, execution, and risk — every trade on the audit trail.

Operations

Internal Operations

Runbooks, on-call, vendor management — disciplined and audited.

Browse all business templates →Solutions by industry →

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the Waitlist Browse all workflows →