Compare commits

..

4 Commits

Author SHA1 Message Date
Parker Brown ef741caab5 Merge branch 'main' into parkerbxyz/dependabot-multi-ecosystem-groups 2026-04-10 17:51:15 -07:00
Parker Brown 20749b7294 Move update-types config for GitHub Actions
Removed the 'groups' section and moved 'update-types' directly under the GitHub Actions configuration.
2025-08-13 09:29:03 -07:00
Parker Brown 3f1903e205 Move commit-message config to multi-ecosystem group
Commit-message settings for minor-and-patch updates were relocated from the npm update section to the multi-ecosystem-groups.minor-and-patch section in dependabot.yml.
2025-08-13 09:03:24 -07:00
Parker Brown cfb49a3e58 Add multi-ecosystem group to Dependabot config 2025-07-11 12:31:03 -07:00
8 changed files with 68 additions and 47 deletions
+19 -15
View File
@@ -1,30 +1,34 @@
version: 2
multi-ecosystem-groups:
minor-and-patch:
schedule:
interval: 'quarterly'
commit-message:
prefix: 'fix'
prefix-development: 'build'
include: 'scope'
updates:
- package-ecosystem: 'npm'
directory: '/'
schedule:
interval: 'monthly'
patterns: ['*']
multi-ecosystem-group: 'minor-and-patch'
groups:
production-dependencies:
production:
dependency-type: 'production'
update-types:
- minor
- patch
development-dependencies:
development:
dependency-type: 'development'
update-types:
- minor
- patch
commit-message:
prefix: 'fix'
prefix-development: 'build'
include: 'scope'
- package-ecosystem: 'github-actions'
directory: '/'
schedule:
interval: 'monthly'
groups:
github-actions:
update-types:
- minor
- patch
patterns: ['*']
multi-ecosystem-groups: 'minor-and-patch'
update-types:
- minor
- patch
@@ -0,0 +1,17 @@
name: 'Publish Immutable Action'
on:
release:
types: [published]
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
packages: write
steps:
- uses: actions/checkout@v6
- name: Publish Immutable Action
uses: actions/publish-immutable-action@v0.0.4
+25 -25
View File
@@ -9,10 +9,10 @@ GitHub Action for creating a GitHub App installation access token.
In order to use this action, you need to:
1. [Register new GitHub App](https://docs.github.com/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app).
2. [Store the App's Client ID in your repository variables](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-configuration-variables-for-multiple-workflows) (example: `APP_CLIENT_ID`).
3. [Store the App's private key in your repository secrets](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets?tool=webui#creating-secrets-for-a-repository) (example: `APP_PRIVATE_KEY`).
2. [Store the App's Client ID in your repository environment variables](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-configuration-variables-for-multiple-workflows) (example: `GITHUB_APP_CLIENT_ID`).
3. [Store the App's private key in your repository secrets](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets?tool=webui#creating-secrets-for-a-repository) (example: `GITHUB_APP_PRIVATE_KEY`).
> [!IMPORTANT]
> [!IMPORTANT]
> An installation access token expires after 1 hour. Please [see this comment](https://github.com/actions/create-github-app-token/issues/121#issuecomment-2043214796) for alternative approaches if you have long-running processes.
### Create a token for the current repository
@@ -31,8 +31,8 @@ jobs:
- uses: actions/create-github-app-token@v3
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
- uses: ./actions/staging-tests
with:
token: ${{ steps.app-token.outputs.token }}
@@ -51,8 +51,8 @@ jobs:
id: app-token
with:
# required
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
- uses: actions/checkout@v6
with:
token: ${{ steps.app-token.outputs.token }}
@@ -77,8 +77,8 @@ jobs:
id: app-token
with:
# required
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
- name: Get GitHub App User ID
id: get-user-id
run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
@@ -102,8 +102,8 @@ jobs:
id: app-token
with:
# required
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
- name: Get GitHub App User ID
id: get-user-id
run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
@@ -138,8 +138,8 @@ jobs:
- uses: actions/create-github-app-token@v3
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- uses: peter-evans/create-or-update-comment@v4
with:
@@ -160,8 +160,8 @@ jobs:
- uses: actions/create-github-app-token@v3
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: |
repo1
@@ -185,8 +185,8 @@ jobs:
- uses: actions/create-github-app-token@v3
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
owner: another-owner
- uses: peter-evans/create-or-update-comment@v4
with:
@@ -210,8 +210,8 @@ jobs:
- uses: actions/create-github-app-token@v3
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
permission-issues: write
- uses: peter-evans/create-or-update-comment@v4
@@ -252,8 +252,8 @@ jobs:
- uses: actions/create-github-app-token@v3
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
owner: ${{ matrix.owners-and-repos.owner }}
repositories: ${{ join(matrix.owners-and-repos.repos) }}
- uses: octokit/request-action@v2.x
@@ -310,8 +310,8 @@ If you set `HTTP_PROXY` or `HTTPS_PROXY`, also set `NODE_USE_ENV_PROXY: "1"` on
NO_PROXY: github.example.com
NODE_USE_ENV_PROXY: "1"
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
```
## Inputs
@@ -334,14 +334,14 @@ steps:
- name: Decode the GitHub App Private Key
id: decode
run: |
private_key=$(echo "${{ secrets.APP_PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null
private_key=$(echo "${{ secrets.GITHUB_APP_PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null
echo "::add-mask::$private_key"
echo "private-key=$private_key" >> "$GITHUB_OUTPUT"
- name: Generate GitHub App Token
id: app-token
uses: actions/create-github-app-token@v3
with:
client-id: ${{ vars.APP_CLIENT_ID }}
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ steps.decode.outputs.private-key }}
```
+1 -1
View File
@@ -23352,7 +23352,7 @@ async function run() {
ensureNativeProxySupport();
const clientId = getInput("client-id") || getInput("app-id");
if (!clientId) {
throw new Error("The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.");
throw new Error("Either 'client-id' or 'app-id' input must be set");
}
const privateKey = getInput("private-key");
const owner = getInput("owner");
+1 -1
View File
@@ -20,7 +20,7 @@ async function run() {
const clientId = core.getInput("client-id") || core.getInput("app-id");
if (!clientId) {
throw new Error("The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.");
throw new Error("Either 'client-id' or 'app-id' input must be set");
}
const privateKey = core.getInput("private-key");
const owner = core.getInput("owner");
+2 -2
View File
@@ -1,12 +1,12 @@
{
"name": "create-github-app-token",
"version": "3.1.1",
"version": "3.1.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "create-github-app-token",
"version": "3.1.1",
"version": "3.1.0",
"license": "MIT",
"dependencies": {
"@actions/core": "^3.0.0",
+1 -1
View File
@@ -2,7 +2,7 @@
"name": "create-github-app-token",
"private": true,
"type": "module",
"version": "3.1.1",
"version": "3.1.0",
"description": "GitHub Action for creating a GitHub App Installation Access Token",
"engines": {
"node": ">=24.4.0"
+2 -2
View File
@@ -56,11 +56,11 @@ POST /api/v3/app/installations/123456/access_tokens
`;
exports[`main-missing-client-and-app-id.test.js > stderr 1`] = `
The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.
Either 'client-id' or 'app-id' input must be set
`;
exports[`main-missing-client-and-app-id.test.js > stdout 1`] = `
::error::The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.
::error::Either 'client-id' or 'app-id' input must be set
`;
exports[`main-missing-owner.test.js > stderr 1`] = `