Compare commits

..

19 Commits

Author SHA1 Message Date
Parker Brown 2156e19368 Remove dist changes
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-13 16:03:39 -07:00
Parker Brown b24274086f Merge origin/main into enterprise-app-enterprise-slug
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-13 16:01:58 -07:00
semantic-release-bot fee1f7d63c build(release): 2.2.2 [skip ci]
## [2.2.2](https://github.com/actions/create-github-app-token/compare/v2.2.1...v2.2.2) (2026-03-13)

### Bug Fixes

* **deps:** bump @actions/core from 1.11.1 to 3.0.0 ([#337](https://github.com/actions/create-github-app-token/issues/337)) ([b044133](https://github.com/actions/create-github-app-token/commit/b04413352d4644ac2131b9a90c074f5e93ca18a1))
* **deps:** bump minimatch from 9.0.5 to 9.0.9 ([#335](https://github.com/actions/create-github-app-token/issues/335)) ([5cbc656](https://github.com/actions/create-github-app-token/commit/5cbc65624c9ddc4589492bda7c8b146223e8c3e4))
* **deps:** bump the production-dependencies group with 4 updates ([#336](https://github.com/actions/create-github-app-token/issues/336)) ([6bda5bc](https://github.com/actions/create-github-app-token/commit/6bda5bc1410576b9a0879ce6076d53345485bba9))
* **deps:** bump undici from 7.16.0 to 7.18.2 ([#323](https://github.com/actions/create-github-app-token/issues/323)) ([b4f638f](https://github.com/actions/create-github-app-token/commit/b4f638f48ee0dcdbb0bc646c48e4cb2a2de847fe))
2026-03-13 22:51:54 +00:00
dependabot[bot] 6bda5bc141 fix(deps): bump the production-dependencies group with 4 updates (#336)
Bumps the production-dependencies group with 4 updates:
[@octokit/auth-app](https://github.com/octokit/auth-app.js),
[@octokit/request](https://github.com/octokit/request.js),
[p-retry](https://github.com/sindresorhus/p-retry) and
[undici](https://github.com/nodejs/undici).

Updates `@octokit/auth-app` from 8.1.2 to 8.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/auth-app.js/releases"><code>@​octokit/auth-app</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v8.2.0</h2>
<h1><a
href="https://github.com/octokit/auth-app.js/compare/v8.1.2...v8.2.0">8.2.0</a>
(2026-02-03)</h1>
<h3>Features</h3>
<ul>
<li>handling exp is too far in the future (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/699">#699</a>)
(<a
href="https://github.com/octokit/auth-app.js/commit/6201580be6cc3f0967c7454d5de92db35e353041">6201580</a>)</li>
<li>Add enterprise installation route to JWT-authenticated routes (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/736">#736</a>)
(<a
href="https://github.com/octokit/auth-app.js/commit/5b218af8ee91347b25ef944aac76932e45b997d0">5b218af</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/octokit/auth-app.js/commit/6201580be6cc3f0967c7454d5de92db35e353041"><code>6201580</code></a>
feat: handling exp is too far in the future (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/699">#699</a>)</li>
<li><a
href="https://github.com/octokit/auth-app.js/commit/5b218af8ee91347b25ef944aac76932e45b997d0"><code>5b218af</code></a>
Add enterprise installation route to JWT-authenticated routes (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/736">#736</a>)</li>
<li><a
href="https://github.com/octokit/auth-app.js/commit/4486c10028249f4f2ffaabeafde986edca92e7b5"><code>4486c10</code></a>
build(deps-dev): bump vite from 7.1.7 to 7.1.11 (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/728">#728</a>)</li>
<li><a
href="https://github.com/octokit/auth-app.js/commit/e1fecc4ea8c5475da1a1d9c6c119c9322087dbd4"><code>e1fecc4</code></a>
build(deps): bump glob from 10.4.5 to 10.5.0 (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/733">#733</a>)</li>
<li>See full diff in <a
href="https://github.com/octokit/auth-app.js/compare/v8.1.2...v8.2.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​octokit/auth-app</code> since your
current version.</p>
</details>
<br />

Updates `@octokit/request` from 10.0.7 to 10.0.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/request.js/releases"><code>@​octokit/request</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v10.0.8</h2>
<h2><a
href="https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8">10.0.8</a>
(2026-02-20)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>use <code>json-with-bigint</code> instead of built-in JSON methods
in order to properly support int64's (<a
href="https://redirect.github.com/octokit/request.js/issues/798">#798</a>)
(<a
href="https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731">f13f5d9</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731"><code>f13f5d9</code></a>
fix: use <code>json-with-bigint</code> instead of built-in JSON methods
in order to prop...</li>
<li><a
href="https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976"><code>9ba6ae0</code></a>
Document that unsuccessful HTTP status code result in an exception (<a
href="https://redirect.github.com/octokit/request.js/issues/795">#795</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468"><code>7160b82</code></a>
chore(deps): replace glob with tinyglobby (<a
href="https://redirect.github.com/octokit/request.js/issues/791">#791</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481"><code>ab8018b</code></a>
ci(action): update peter-evans/create-or-update-comment action to v5 (<a
href="https://redirect.github.com/octokit/request.js/issues/776">#776</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d"><code>fb916e4</code></a>
build(deps): bump vite from 6.3.4 to 6.4.1 (<a
href="https://redirect.github.com/octokit/request.js/issues/780">#780</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207"><code>e1eb769</code></a>
chore(deps): update dependency esbuild to ^0.27.0 (<a
href="https://redirect.github.com/octokit/request.js/issues/784">#784</a>)</li>
<li>See full diff in <a
href="https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​octokit/request</code> since your
current version.</p>
</details>
<br />

Updates `p-retry` from 7.1.0 to 7.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sindresorhus/p-retry/releases">p-retry's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.1</h2>
<ul>
<li>Fix delayed abort when signal is already aborted before delay phase
2aba573</li>
</ul>
<hr />
<p><a
href="https://github.com/sindresorhus/p-retry/compare/v7.1.0...v7.1.1">https://github.com/sindresorhus/p-retry/compare/v7.1.0...v7.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sindresorhus/p-retry/commit/0b1e29877422c40b59cad4a4c938dcf44fe512ce"><code>0b1e298</code></a>
7.1.1</li>
<li><a
href="https://github.com/sindresorhus/p-retry/commit/2aba573c0fdca165c4d95262f51ae56902f2f892"><code>2aba573</code></a>
Fix delayed abort when signal is already aborted before delay phase</li>
<li><a
href="https://github.com/sindresorhus/p-retry/commit/6ac326b188834f4af5a54cedc114f67f0f510613"><code>6ac326b</code></a>
Minor tweak</li>
<li>See full diff in <a
href="https://github.com/sindresorhus/p-retry/compare/v7.1.0...v7.1.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `undici` from 7.16.0 to 7.22.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases">undici's
releases</a>.</em></p>
<blockquote>
<h2>v7.22.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: fix syntax highlighting in WebSocket.md by <a
href="https://github.com/styfle"><code>@​styfle</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4814">nodejs/undici#4814</a></li>
<li>fix: use OR operator in includesCredentials per WHATWG URL Standard
by <a href="https://github.com/jackhax"><code>@​jackhax</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4816">nodejs/undici#4816</a></li>
<li>feat(dispatcher/env-http-proxy-agent): strip leading dot and
asterisk by <a
href="https://github.com/SuperOleg39"><code>@​SuperOleg39</code></a> in
<a
href="https://redirect.github.com/nodejs/undici/pull/4676">nodejs/undici#4676</a></li>
<li>fix: route WebSocket upgrades through onRequestUpgrade by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4787">nodejs/undici#4787</a></li>
<li>build(deps-dev): bump esbuild from 0.25.12 to 0.27.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/nodejs/undici/pull/4821">nodejs/undici#4821</a></li>
<li>fix(deduplicate): do not deduplicate non-safe methods by default by
<a href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4818">nodejs/undici#4818</a></li>
<li>feat: Support async cache stores in revalidation by <a
href="https://github.com/marcopiraccini"><code>@​marcopiraccini</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/4826">nodejs/undici#4826</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jackhax"><code>@​jackhax</code></a> made
their first contribution in <a
href="https://redirect.github.com/nodejs/undici/pull/4816">nodejs/undici#4816</a></li>
<li><a
href="https://github.com/marcopiraccini"><code>@​marcopiraccini</code></a>
made their first contribution in <a
href="https://redirect.github.com/nodejs/undici/pull/4826">nodejs/undici#4826</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v7.21.0...v7.22.0">https://github.com/nodejs/undici/compare/v7.21.0...v7.22.0</a></p>
<h2>v7.21.0</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump actions/setup-node from 6.0.0 to 6.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/nodejs/undici/pull/4796">nodejs/undici#4796</a></li>
<li>test: restore global dispatcher after fetch tests by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4790">nodejs/undici#4790</a></li>
<li>Add missing <code>close</code> method to WebSocketStream interface
by <a href="https://github.com/piotr-cz"><code>@​piotr-cz</code></a> in
<a
href="https://redirect.github.com/nodejs/undici/pull/4802">nodejs/undici#4802</a></li>
<li>fix: error stream instead of canceling by <a
href="https://github.com/KhafraDev"><code>@​KhafraDev</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4804">nodejs/undici#4804</a></li>
<li>Fix clientTtl cleanup race in Agent by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4807">nodejs/undici#4807</a></li>
<li>feat(<a
href="https://redirect.github.com/nodejs/undici/issues/4230">#4230</a>):
Implement pingInterval for dispatching PING frames by <a
href="https://github.com/metcoder95"><code>@​metcoder95</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4296">nodejs/undici#4296</a></li>
<li>fix: handle undefined __filename in bundled environments by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4812">nodejs/undici#4812</a></li>
<li>fix: set finalizer only for fetch responses by <a
href="https://github.com/tsctx"><code>@​tsctx</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4803">nodejs/undici#4803</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/piotr-cz"><code>@​piotr-cz</code></a>
made their first contribution in <a
href="https://redirect.github.com/nodejs/undici/pull/4802">nodejs/undici#4802</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v7.20.0...v7.21.0">https://github.com/nodejs/undici/compare/v7.20.0...v7.21.0</a></p>
<h2>v7.20.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: preserve fetch stack traces by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4778">nodejs/undici#4778</a></li>
<li>Fix error handling in MockPool example by <a
href="https://github.com/dave-kennedy"><code>@​dave-kennedy</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/4781">nodejs/undici#4781</a></li>
<li>feat: expose statusText in request() ResponseData by <a
href="https://github.com/domenic"><code>@​domenic</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4784">nodejs/undici#4784</a></li>
<li>test: reduce retry-after invalid date flake by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4788">nodejs/undici#4788</a></li>
<li>extractBody fixes by <a
href="https://github.com/KhafraDev"><code>@​KhafraDev</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4791">nodejs/undici#4791</a></li>
<li>fix: MockAgent delayed response with AbortSignal (<a
href="https://redirect.github.com/nodejs/undici/issues/4693">#4693</a>)
by <a href="https://github.com/mcollina"><code>@​mcollina</code></a> in
<a
href="https://redirect.github.com/nodejs/undici/pull/4772">nodejs/undici#4772</a></li>
<li>fix: onParserTimeout potentially accessing undefined by <a
href="https://github.com/vbfox"><code>@​vbfox</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4758">nodejs/undici#4758</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/dave-kennedy"><code>@​dave-kennedy</code></a>
made their first contribution in <a
href="https://redirect.github.com/nodejs/undici/pull/4781">nodejs/undici#4781</a></li>
<li><a href="https://github.com/vbfox"><code>@​vbfox</code></a> made
their first contribution in <a
href="https://redirect.github.com/nodejs/undici/pull/4758">nodejs/undici#4758</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v7.19.2...v7.20.0">https://github.com/nodejs/undici/compare/v7.19.2...v7.20.0</a></p>
<h2>v7.19.2</h2>
<h2>What's Changed</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nodejs/undici/commit/0a236106a3a3e1b0aab424f71de2a68ca2c1d37b"><code>0a23610</code></a>
Bumped v7.22.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/4829">#4829</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/f3c5c614901e4ba29f2f60730c3d4f28e60a5186"><code>f3c5c61</code></a>
feat: Support async cache stores in revalidation (<a
href="https://redirect.github.com/nodejs/undici/issues/4826">#4826</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/9b78a44eb21cabe0451263ef8e3cfc7ad8e40876"><code>9b78a44</code></a>
fix(deduplicate): avoid deduping methods not in methods option (<a
href="https://redirect.github.com/nodejs/undici/issues/4818">#4818</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/0ce57bad2c171a16c043c8234317ef5383f86e0b"><code>0ce57ba</code></a>
build(deps-dev): bump esbuild from 0.25.12 to 0.27.3 (<a
href="https://redirect.github.com/nodejs/undici/issues/4821">#4821</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/2453caf93824997c24383e5a84fddbfa783113b0"><code>2453caf</code></a>
fix: route websocket upgrades through new handler API (<a
href="https://redirect.github.com/nodejs/undici/issues/4787">#4787</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/4658cdf5eacf3f6692ec96811a0e49e6b9bc060a"><code>4658cdf</code></a>
feat(dispatcher/env-http-proxy-agent): strip leading dot and asterisk
(<a
href="https://redirect.github.com/nodejs/undici/issues/4676">#4676</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/a821c5669fa653364649d8fb7b36957702c548f5"><code>a821c56</code></a>
fix: use OR operator in includesCredentials per WHATWG URL Standard (<a
href="https://redirect.github.com/nodejs/undici/issues/4816">#4816</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/b3326b58969e2370a7da77d80dbad4df2f36ca1e"><code>b3326b5</code></a>
docs: fix syntax highlighting in WebSocket.md (<a
href="https://redirect.github.com/nodejs/undici/issues/4814">#4814</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/393c0da68691a6da8ea0a774e38bcce2889be89e"><code>393c0da</code></a>
Bumped v7.21.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/4813">#4813</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/47f9b9664759d18d30c3c8f321425bee102e1df3"><code>47f9b96</code></a>
fix: set finalizer only for fetch responses (<a
href="https://redirect.github.com/nodejs/undici/issues/4803">#4803</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/nodejs/undici/compare/v7.16.0...v7.22.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-13 15:51:23 -07:00
dependabot[bot] b04413352d fix(deps): bump @actions/core from 1.11.1 to 3.0.0 (#337)
Bumps
[@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core)
from 1.11.1 to 3.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md"><code>@​actions/core</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>3.0.0</h2>
<ul>
<li><strong>Breaking change</strong>: Package is now ESM-only
<ul>
<li>CommonJS consumers must use dynamic <code>import()</code> instead of
<code>require()</code></li>
</ul>
</li>
</ul>
<h2>2.0.3</h2>
<ul>
<li>Bump <code>@actions/http-client</code> to <code>3.0.2</code></li>
</ul>
<h2>2.0.1</h2>
<ul>
<li>Bump <code>@​actions/exec</code> from 1.1.1 to 2.0.0 <a
href="https://redirect.github.com/actions/toolkit/pull/2199">#2199</a></li>
</ul>
<h2>2.0.0</h2>
<ul>
<li>Add support for Node 24 <a
href="https://redirect.github.com/actions/toolkit/pull/2110">#2110</a></li>
<li>Bump <code>@​actions/http-client</code> from 2.0.1 to 3.0.0</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/actions/toolkit/commits/HEAD/packages/core">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​actions/core</code> since your
current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@actions/core&package-manager=npm_and_yarn&previous-version=1.11.1&new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-13 15:51:23 -07:00
dependabot[bot] 5cbc65624c fix(deps): bump minimatch from 9.0.5 to 9.0.9 (#335)
Bumps [minimatch](https://github.com/isaacs/minimatch) from 9.0.5 to
9.0.9.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/isaacs/minimatch/commit/8a10e473e2e0ff03c2d4de308f257093af2bce21"><code>8a10e47</code></a>
9.0.9</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/c6f180636cebd4de2f9af7ef29ca4c9bf2eeef02"><code>c6f1806</code></a>
brace-expansion@2</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/446cfa3e2aa3ef45bd4a27fa4418221e158489f6"><code>446cfa3</code></a>
9.0.8</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/8fa151ab95fd4e2acd6e1a81f10d02dc7c1098d3"><code>8fa151a</code></a>
docs: add warning about ReDoS</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/71b78a2a4cad3a40af08a39c065e71bbf69ea7f7"><code>71b78a2</code></a>
fix partial matching of globstar patterns</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/2de496f6d9362dd92460f35ffa6ff8de2907244b"><code>2de496f</code></a>
9.0.7</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/0d4616de9193bf1d359271662e92657bb51b2f75"><code>0d4616d</code></a>
limit nested extglob recursion, flatten extglobs</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/7117ef381e74deace1c62a74d2298c8fe61d10ca"><code>7117ef3</code></a>
9.0.6</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/2418458b7fe82e0a1fd1a1b6f618c41c90b9848a"><code>2418458</code></a>
update deps, do not checkin dist</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/1d1f531009d5e4a86083de37e5ef3f301e073986"><code>1d1f531</code></a>
update deps</li>
<li>Additional commits viewable in <a
href="https://github.com/isaacs/minimatch/compare/v9.0.5...v9.0.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=minimatch&package-manager=npm_and_yarn&previous-version=9.0.5&new-version=9.0.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/actions/create-github-app-token/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 15:51:23 -07:00
dependabot[bot] b4f638f48e fix(deps): bump undici from 7.16.0 to 7.18.2 (#323)
Bumps [undici](https://github.com/nodejs/undici) from 7.16.0 to 7.18.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases">undici's
releases</a>.</em></p>
<blockquote>
<h2>v7.18.2</h2>
<h2>⚠️ Security Release</h2>
<p>This fixes <a
href="https://github.com/nodejs/undici/security/advisories/GHSA-g9mf-h72j-4rw9">https://github.com/nodejs/undici/security/advisories/GHSA-g9mf-h72j-4rw9</a>
and CVE-2026-22036.</p>
<h2>What's Changed</h2>
<ul>
<li>fix(decompress): limit Content-Encoding chain to 5 to prevent
resourc… by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4729">nodejs/undici#4729</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v7.18.1...v7.18.2">https://github.com/nodejs/undici/compare/v7.18.1...v7.18.2</a></p>
<h2>v7.18.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Test and Fix running without SSL by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4727">nodejs/undici#4727</a></li>
<li>docs: add security warning for strictContentLength option by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4726">nodejs/undici#4726</a></li>
<li>build(deps): bump step-security/harden-runner from 2.13.1 to 2.14.0
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/nodejs/undici/pull/4718">nodejs/undici#4718</a></li>
<li>build(deps): bump actions/checkout from 6.0.0 to 6.0.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/nodejs/undici/pull/4719">nodejs/undici#4719</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v7.18.0...v7.18.1">https://github.com/nodejs/undici/compare/v7.18.0...v7.18.1</a></p>
<h2>v7.18.0</h2>
<h2>What's Changed</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v7.17.0...v7.18.0">https://github.com/nodejs/undici/compare/v7.17.0...v7.18.0</a></p>
<h2>v7.17.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: extract infra and encoding methods by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4523">nodejs/undici#4523</a></li>
<li>ci: remove h2 by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4534">nodejs/undici#4534</a></li>
<li>ci: make nodejs-shared wf reusable, install binaryen for wasm-opt,
test on node-nightly by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4535">nodejs/undici#4535</a></li>
<li>ci: fix nightly shared library case by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4543">nodejs/undici#4543</a></li>
<li>test: consume bodies of fetch responses to fix failing macos 20 ci
by <a href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4528">nodejs/undici#4528</a></li>
<li>docs: add Cache Interceptor example to README by <a
href="https://github.com/tawseefnabi"><code>@​tawseefnabi</code></a> in
<a
href="https://redirect.github.com/nodejs/undici/pull/4393">nodejs/undici#4393</a></li>
<li>test: remove node20 version check by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4544">nodejs/undici#4544</a></li>
<li>types: use MessagePort instance type in MessageEvent by <a
href="https://github.com/Renegade334"><code>@​Renegade334</code></a> in
<a
href="https://redirect.github.com/nodejs/undici/pull/4546">nodejs/undici#4546</a></li>
<li>ci: set write permissions on job level by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4537">nodejs/undici#4537</a></li>
<li>lint: activate n/no-process-exit by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4548">nodejs/undici#4548</a></li>
<li>ci: run benchmarks on pull_requests and by pushing on specific
branches only by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4536">nodejs/undici#4536</a></li>
<li>chore: activate n/prefer-node-protocol to enforce
<code>'node:'</code> prefix for requiring node built-ins by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4547">nodejs/undici#4547</a></li>
<li>feat(H2): correct CONNECT behaviour by <a
href="https://github.com/metcoder95"><code>@​metcoder95</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4541">nodejs/undici#4541</a></li>
<li>test: fix plans by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4550">nodejs/undici#4550</a></li>
<li>feat: add runtime feature &quot;detection&quot; by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4545">nodejs/undici#4545</a></li>
<li>perf: use less promises in extractBody by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4458">nodejs/undici#4458</a></li>
<li>fix(proxy-agent): add missing return after callback-call by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4553">nodejs/undici#4553</a></li>
<li>fix: remove redundant line in retry-handler by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4554">nodejs/undici#4554</a></li>
<li>ci: add no-wasm-simd option by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4533">nodejs/undici#4533</a></li>
<li>fix: use lazyloaders for runtime feature detection by <a
href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4557">nodejs/undici#4557</a></li>
<li>fix: minor changes in dispatcher-base.js and types for Dispatcher by
<a href="https://github.com/Uzlopak"><code>@​Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4556">nodejs/undici#4556</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nodejs/undici/commit/7e5cb2d7468633b48679627061d696a0bb45f651"><code>7e5cb2d</code></a>
Bumped v7.18.2 (<a
href="https://redirect.github.com/nodejs/undici/issues/4730">#4730</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/b04e3cbb569c1596f86c108e9b52c79d8475dcb3"><code>b04e3cb</code></a>
fix(decompress): limit Content-Encoding chain to 5 to prevent resource
exhaus...</li>
<li><a
href="https://github.com/nodejs/undici/commit/2bcb77bbc27f966ac86e31154161792a4a8dadf5"><code>2bcb77b</code></a>
Bumped v7.18.1 (<a
href="https://redirect.github.com/nodejs/undici/issues/4728">#4728</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/58a12b7f19f5d4b186c90aed2e3a55a3ba37decf"><code>58a12b7</code></a>
build(deps): bump actions/checkout from 6.0.0 to 6.0.1 (<a
href="https://redirect.github.com/nodejs/undici/issues/4719">#4719</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/5fa2930582cab9c387df5cb2ddef44cb42bdf4a9"><code>5fa2930</code></a>
build(deps): bump step-security/harden-runner from 2.13.1 to 2.14.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/4718">#4718</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/fbbe283fc4054c35ad21316bcf65996b0929ed58"><code>fbbe283</code></a>
docs: add security warning for strictContentLength option (<a
href="https://redirect.github.com/nodejs/undici/issues/4726">#4726</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/ce12d9e5dc1a72724cbef8ac43219ba9643b9142"><code>ce12d9e</code></a>
fix: do not crash if Node.js is compiled without SSL (<a
href="https://redirect.github.com/nodejs/undici/issues/4727">#4727</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/ebe3e33ea4d25402e0dc12dcc67902fdb7f231d4"><code>ebe3e33</code></a>
Bumped v7.18.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/4725">#4725</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/4e9b88b1c78349a956babef1151add83866f2dfb"><code>4e9b88b</code></a>
fix: limit Content-Encoding chain to 5 to prevent resource
exhaustion</li>
<li><a
href="https://github.com/nodejs/undici/commit/d5607677d444553183b0a637f687d20167427b36"><code>d560767</code></a>
Bumped v7.17.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/4724">#4724</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/nodejs/undici/compare/v7.16.0...v7.18.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=undici&package-manager=npm_and_yarn&previous-version=7.16.0&new-version=7.18.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/actions/create-github-app-token/network/alerts).

</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-13 15:51:23 -07:00
Stefan Petrushevski 14350b6aaa bump version 2025-08-28 10:26:30 +02:00
Stefan Petrushevski 6cf7b5f22a update tests with enterprise-slug 2025-08-28 10:23:07 +02:00
Stefan 22e6bc6b49 Update lib/main.js
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2025-08-28 09:34:44 +02:00
Stefan 3b3f07c3d1 Update lib/main.js
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2025-08-28 09:34:29 +02:00
Stefan 7b860611c2 Update lib/main.js
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2025-08-28 09:34:21 +02:00
Stefan a84c82dc20 Update action.yml
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2025-08-28 09:34:12 +02:00
Stefan 81e8c224df Update README.md
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2025-08-28 09:34:01 +02:00
Stefan 7434028a6d Update README.md
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2025-08-28 09:33:49 +02:00
Stefan Petrushevski 46f9f788b8 improve installation match; refactor test per copilot review 2025-07-08 17:52:25 +02:00
Stefan Petrushevski 3c69395e16 update package version 2025-07-08 17:22:19 +02:00
Stefan Petrushevski 55b8c24e8d tests; update README 2025-07-08 17:05:18 +02:00
Stefan Petrushevski cbc2930e9b enterprise input; logic to generate ent token 2025-07-08 15:04:32 +02:00
28 changed files with 76222 additions and 22440 deletions
+1
View File
@@ -26,6 +26,7 @@ jobs:
with:
node-version-file: package.json
- run: npm ci
- run: npm run build
- uses: ./
+1 -27
View File
@@ -4,7 +4,6 @@ on:
push:
branches:
- main
- beta
pull_request:
merge_group:
workflow_dispatch:
@@ -34,7 +33,7 @@ jobs:
name: end-to-end
runs-on: ubuntu-latest
# do not run from forks, as forks dont have access to repository secrets
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
if: github.event_name == 'merge_group' || github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
@@ -54,28 +53,3 @@ jobs:
with:
route: GET /installation/repositories
- run: echo '${{ steps.get-repository.outputs.data }}'
end-to-end-proxy:
name: end-to-end with unreachable proxy
runs-on: ubuntu-latest
# do not run from forks, as forks dont have access to repository secrets
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v4
with:
node-version-file: package.json
cache: 'npm'
- run: npm ci
- run: npm run build
- uses: ./ # Uses the action in the root directory
continue-on-error: true
id: test
env:
NODE_USE_ENV_PROXY: "1"
https_proxy: http://127.0.0.1:9
with:
app-id: ${{ vars.TEST_APP_ID }}
private-key: ${{ secrets.TEST_APP_PRIVATE_KEY }}
- name: Assert action failed through unreachable proxy
run: test "${{ steps.test.outcome }}" = "failure"
+1
View File
@@ -1,3 +1,4 @@
.env
coverage
node_modules/
.DS_Store
+41 -30
View File
@@ -28,7 +28,7 @@ jobs:
hello-world:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.APP_ID }}
@@ -47,13 +47,13 @@ jobs:
auto-format:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
# required
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.PRIVATE_KEY }}
- uses: actions/checkout@v5
- uses: actions/checkout@v4
with:
token: ${{ steps.app-token.outputs.token }}
ref: ${{ github.head_ref }}
@@ -73,7 +73,7 @@ jobs:
auto-format:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
# required
@@ -98,7 +98,7 @@ jobs:
auto-format:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
# required
@@ -135,7 +135,7 @@ jobs:
hello-world:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.APP_ID }}
@@ -157,7 +157,7 @@ jobs:
hello-world:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.APP_ID }}
@@ -182,7 +182,7 @@ jobs:
hello-world:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.APP_ID }}
@@ -195,6 +195,28 @@ jobs:
body: "Hello, World!"
```
### Create a token for an enterprise installation
```yaml
on: [workflow_dispatch]
jobs:
hello-world:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.PRIVATE_KEY }}
enterprise-slug: my-enterprise-slug
- name: Call enterprise management REST API with gh
run: |
gh api /enterprises/my-enterprise-slug/apps/installable_organizations
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
```
### Create a token with specific permissions
> [!NOTE]
@@ -207,7 +229,7 @@ jobs:
hello-world:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.APP_ID }}
@@ -249,7 +271,7 @@ jobs:
owners-and-repos: ${{ fromJson(needs.set-matrix.outputs.matrix) }}
steps:
- uses: actions/create-github-app-token@v3
- uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.APP_ID }}
@@ -279,7 +301,7 @@ jobs:
steps:
- name: Create GitHub App token
id: create_token
uses: actions/create-github-app-token@v3
uses: actions/create-github-app-token@v2
with:
app-id: ${{ vars.GHES_APP_ID }}
private-key: ${{ secrets.GHES_APP_PRIVATE_KEY }}
@@ -296,24 +318,6 @@ jobs:
GITHUB_TOKEN: ${{ steps.create_token.outputs.token }}
```
### Proxy support
This action relies on Node.js native proxy support.
If you set `HTTP_PROXY` or `HTTPS_PROXY`, also set `NODE_USE_ENV_PROXY: "1"` on the action step so Node.js honors those variables. If you need proxy bypass rules, set `NO_PROXY` alongside them.
```yaml
- uses: actions/create-github-app-token@v3
id: app-token
env:
HTTPS_PROXY: http://proxy.example.com:8080
NO_PROXY: github.example.com
NODE_USE_ENV_PROXY: "1"
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.PRIVATE_KEY }}
```
## Inputs
### `app-id`
@@ -336,7 +340,7 @@ steps:
echo "private-key=$private_key" >> "$GITHUB_OUTPUT"
- name: Generate GitHub App Token
id: app-token
uses: actions/create-github-app-token@v3
uses: actions/create-github-app-token@v2
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ steps.decode.outputs.private-key }}
@@ -353,6 +357,13 @@ steps:
> [!NOTE]
> If `owner` is set and `repositories` is empty, access will be scoped to all repositories in the provided repository owner's installation. If `owner` and `repositories` are empty, access will be scoped to only the current repository.
### `enterprise-slug`
**Optional:** The slug of the enterprise to generate a token for enterprise-level app installations.
> [!NOTE]
> The `enterprise-slug` input is mutually exclusive with `owner` and `repositories`. GitHub Apps can be installed on enterprise accounts with permissions that let them call enterprise management APIs. Enterprise installations do not grant access to organization or repository resources.
### `permission-<permission name>`
**Optional:** The permissions to grant to the token. By default, the token inherits all of the installation's permissions. We recommend to explicitly list the permissions that are required for a use case. This follows GitHub's own recommendation to [control permissions of `GITHUB_TOKEN` in workflows](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token). The documentation also lists all available permissions, just prefix the permission key with `permission-` (e.g., `pull-requests``permission-pull-requests`).
+4 -1
View File
@@ -17,6 +17,9 @@ inputs:
repositories:
description: "Comma or newline-separated list of repositories to install the GitHub App on (defaults to current repository if owner is unset)"
required: false
enterprise-slug:
description: "Enterprise slug for enterprise-level app installations (cannot be used with 'owner' or 'repositories')"
required: false
skip-token-revoke:
description: "If true, the token will not be revoked when the current job is complete"
required: false
@@ -136,6 +139,6 @@ outputs:
app-slug:
description: "GitHub App slug"
runs:
using: "node24"
using: "node20"
main: "dist/main.cjs"
post: "dist/post.cjs"
+36791 -10942
View File
File diff suppressed because one or more lines are too long
+36662 -10814
View File
File diff suppressed because one or more lines are too long
+98 -37
View File
@@ -4,6 +4,7 @@ import pRetry from "p-retry";
/**
* @param {string} appId
* @param {string} privateKey
* @param {string} enterpriseSlug
* @param {string} owner
* @param {string[]} repositories
* @param {undefined | Record<string, string>} permissions
@@ -15,58 +16,70 @@ import pRetry from "p-retry";
export async function main(
appId,
privateKey,
enterpriseSlug,
owner,
repositories,
permissions,
core,
createAppAuth,
request,
skipTokenRevoke
skipTokenRevoke,
) {
// Validate mutual exclusivity of enterprise-slug with owner/repositories
if (enterpriseSlug && (owner || repositories.length > 0)) {
throw new Error("Cannot use 'enterprise-slug' input with 'owner' or 'repositories' inputs");
}
let parsedOwner = "";
let parsedRepositoryNames = [];
// If neither owner nor repositories are set, default to current repository
if (!owner && repositories.length === 0) {
const [owner, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
parsedOwner = owner;
parsedRepositoryNames = [repo];
// Skip owner/repository parsing if enterprise-slug is set
if (!enterpriseSlug) {
// If neither owner nor repositories are set, default to current repository
if (!owner && repositories.length === 0) {
const [owner, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
parsedOwner = owner;
parsedRepositoryNames = [repo];
core.info(
`Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${owner}/${repo}).`
);
}
core.info(
`Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${owner}/${repo}).`
);
}
// If only an owner is set, default to all repositories from that owner
if (owner && repositories.length === 0) {
parsedOwner = owner;
// If only an owner is set, default to all repositories from that owner
if (owner && repositories.length === 0) {
parsedOwner = owner;
core.info(
`Input 'repositories' is not set. Creating token for all repositories owned by ${owner}.`
);
}
core.info(
`Input 'repositories' is not set. Creating token for all repositories owned by ${owner}.`
);
}
// If repositories are set, but no owner, default to `GITHUB_REPOSITORY_OWNER`
if (!owner && repositories.length > 0) {
parsedOwner = String(process.env.GITHUB_REPOSITORY_OWNER);
parsedRepositoryNames = repositories;
// If repositories are set, but no owner, default to `GITHUB_REPOSITORY_OWNER`
if (!owner && repositories.length > 0) {
parsedOwner = String(process.env.GITHUB_REPOSITORY_OWNER);
parsedRepositoryNames = repositories;
core.info(
`No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories
.map((repo) => `\n- ${parsedOwner}/${repo}`)
.join("")}`
);
}
core.info(
`No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories
.map((repo) => `\n- ${parsedOwner}/${repo}`)
.join("")}`
);
}
// If both owner and repositories are set, use those values
if (owner && repositories.length > 0) {
parsedOwner = owner;
parsedRepositoryNames = repositories;
// If both owner and repositories are set, use those values
if (owner && repositories.length > 0) {
parsedOwner = owner;
parsedRepositoryNames = repositories;
core.info(
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
core.info(
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
${repositories.map((repo) => `\n- ${parsedOwner}/${repo}`).join("")}`
);
);
}
} else {
core.info(`Creating enterprise installation token for enterprise "${enterpriseSlug}".`);
}
const auth = createAppAuth({
@@ -76,9 +89,22 @@ export async function main(
});
let authentication, installationId, appSlug;
// If at least one repository is set, get installation ID from that repository
if (parsedRepositoryNames.length > 0) {
// If enterprise-slug is set, get installation ID from the enterprise
if (enterpriseSlug) {
({ authentication, installationId, appSlug } = await pRetry(
() => getTokenFromEnterprise(request, auth, enterpriseSlug, permissions),
{
shouldRetry: (error) => error.status >= 500,
onFailedAttempt: (error) => {
core.info(
`Failed to create token for enterprise "${enterpriseSlug}" (attempt ${error.attemptNumber}): ${error.message}`
);
},
retries: 3,
}
));
} else if (parsedRepositoryNames.length > 0) {
({ authentication, installationId, appSlug } = await pRetry(
() =>
getTokenFromRepository(
@@ -181,3 +207,38 @@ async function getTokenFromRepository(
return { authentication, installationId, appSlug };
}
async function getTokenFromEnterprise(request, auth, enterpriseSlug, permissions) {
// Get all installations and find the enterprise one
// https://docs.github.com/rest/apps/apps#list-installations-for-the-authenticated-app
// Note: Currently we do not have a way to get the installation for an enterprise directly,
// so as a workaround we need to list all installations and filter for the enterprise one.
const response = await request("GET /app/installations", {
request: {
hook: auth.hook,
},
});
// Find the enterprise installation
const enterpriseInstallation = response.data.find(
installation => installation.target_type === "Enterprise" &&
installation.account?.slug === enterpriseSlug
);
/* c8 ignore next 3 */
if (!enterpriseInstallation) {
throw new Error(`No enterprise installation found matching the name ${enterpriseSlug}. Available installations: ${response.data.map(i => `${i.target_type}:${i.account?.login || 'N/A'}`).join(', ')}`);
}
// Get token for the enterprise installation
const authentication = await auth({
type: "installation",
installationId: enterpriseInstallation.id,
permissions,
});
const installationId = enterpriseInstallation.id;
const appSlug = enterpriseInstallation["app_slug"];
return { authentication, installationId, appSlug };
}
+29 -24
View File
@@ -1,36 +1,41 @@
import core from "@actions/core";
import * as core from "@actions/core";
import { request } from "@octokit/request";
import { ProxyAgent, fetch as undiciFetch } from "undici";
// Get the GitHub API URL from the action input and remove any trailing slash
const baseUrl = core.getInput("github-api-url").replace(/\/$/, "");
const proxyEnvironmentKeys = [
"https_proxy",
"HTTPS_PROXY",
"http_proxy",
"HTTP_PROXY",
];
// https://docs.github.com/actions/hosting-your-own-runners/managing-self-hosted-runners/using-a-proxy-server-with-self-hosted-runners
const proxyUrl =
process.env.https_proxy ||
process.env.HTTPS_PROXY ||
process.env.http_proxy ||
process.env.HTTP_PROXY;
function proxyEnvironmentConfigured() {
return proxyEnvironmentKeys.some((key) => process.env[key]);
}
/* c8 ignore start */
// Native support for proxies in Undici is under consideration: https://github.com/nodejs/undici/issues/1650
// Until then, we need to use a custom fetch function to add proxy support.
const proxyFetch = (url, options) => {
const urlHost = new URL(url).hostname;
const noProxy = (process.env.no_proxy || process.env.NO_PROXY || "").split(
",",
);
function nativeProxySupportEnabled() {
return process.env.NODE_USE_ENV_PROXY === "1";
}
export function ensureNativeProxySupport() {
if (!proxyEnvironmentConfigured() || nativeProxySupportEnabled()) {
return;
if (!noProxy.includes(urlHost)) {
options = {
...options,
dispatcher: new ProxyAgent(String(proxyUrl)),
};
}
throw new Error(
"A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.",
);
}
return undiciFetch(url, options);
};
/* c8 ignore stop */
// Configure the default settings for GitHub API requests
export default request.defaults({
headers: { "user-agent": "actions/create-github-app-token" },
headers: {
"user-agent": "actions/create-github-app-token",
},
baseUrl,
/* c8 ignore next */
request: proxyUrl ? { fetch: proxyFetch } : {},
});
+30 -31
View File
@@ -1,11 +1,11 @@
// @ts-check
import core from "@actions/core";
import * as core from "@actions/core";
import { createAppAuth } from "@octokit/auth-app";
import { getPermissionsFromInputs } from "./lib/get-permissions-from-inputs.js";
import { main } from "./lib/main.js";
import request, { ensureNativeProxySupport } from "./lib/request.js";
import request from "./lib/request.js";
if (!process.env.GITHUB_REPOSITORY) {
throw new Error("GITHUB_REPOSITORY missing, must be set to '<owner>/<repo>'");
@@ -15,38 +15,37 @@ if (!process.env.GITHUB_REPOSITORY_OWNER) {
throw new Error("GITHUB_REPOSITORY_OWNER missing, must be set to '<owner>'");
}
async function run() {
ensureNativeProxySupport();
const appId = core.getInput("app-id");
const privateKey = core.getInput("private-key");
const enterpriseSlug = core.getInput("enterprise-slug");
const owner = core.getInput("owner");
const repositories = core
.getInput("repositories")
.split(/[\n,]+/)
.map((s) => s.trim())
.filter((x) => x !== "");
const appId = core.getInput("app-id");
const privateKey = core.getInput("private-key");
const owner = core.getInput("owner");
const repositories = core
.getInput("repositories")
.split(/[\n,]+/)
.map((s) => s.trim())
.filter((x) => x !== "");
const skipTokenRevoke = core.getBooleanInput("skip-token-revoke");
const skipTokenRevoke = core.getBooleanInput("skip-token-revoke");
const permissions = getPermissionsFromInputs(process.env);
return main(
appId,
privateKey,
owner,
repositories,
permissions,
core,
createAppAuth,
request,
skipTokenRevoke,
);
}
const permissions = getPermissionsFromInputs(process.env);
// Export promise for testing
export default run().catch((error) => {
/* c8 ignore next 3 */
export default main(
appId,
privateKey,
enterpriseSlug,
owner,
repositories,
permissions,
core,
createAppAuth,
request,
skipTokenRevoke,
).catch((error) => {
/* c8 ignore next 5 */
console.error(error);
core.setFailed(error.message);
// Don't set failed in test mode (when GITHUB_OUTPUT is undefined)
if (process.env.GITHUB_OUTPUT !== undefined) {
core.setFailed(error.message);
}
});
+1823 -162
View File
File diff suppressed because it is too large Load Diff
+13 -9
View File
@@ -2,31 +2,34 @@
"name": "create-github-app-token",
"private": true,
"type": "module",
"version": "3.0.0-beta.5",
"version": "2.2.2",
"description": "GitHub Action for creating a GitHub App Installation Access Token",
"engines": {
"node": ">=24.4.0"
"node": ">=20"
},
"packageManager": "npm@10.9.4",
"scripts": {
"build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --packages=bundle",
"test": "c8 --100 node --test tests/index.js",
"build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle",
"test": "c8 --100 ava tests/index.js",
"coverage": "c8 report --reporter html",
"postcoverage": "open-cli coverage/index.html"
},
"license": "MIT",
"dependencies": {
"@actions/core": "^1.11.1",
"@octokit/auth-app": "^8.1.2",
"@octokit/request": "^10.0.3",
"p-retry": "^7.1.0",
"undici": "^7.16.0"
"@actions/core": "^3.0.0",
"@octokit/auth-app": "^8.2.0",
"@octokit/request": "^10.0.8",
"p-retry": "^7.1.1",
"undici": "^7.24.1"
},
"devDependencies": {
"@octokit/openapi": "^21.0.0",
"@sinonjs/fake-timers": "^15.1.0",
"ava": "^6.4.1",
"c8": "^10.1.3",
"dotenv": "^17.3.1",
"esbuild": "^0.27.3",
"execa": "^9.6.1",
"open-cli": "^8.0.0",
"yaml": "^2.8.2"
},
@@ -44,6 +47,7 @@
"@semantic-release/release-notes-generator",
"@semantic-release/github",
"@semantic-release/npm",
"semantic-release-plugin-github-breaking-version-tag",
[
"@semantic-release/git",
{
+3 -9
View File
@@ -1,17 +1,11 @@
// @ts-check
import core from "@actions/core";
import * as core from "@actions/core";
import { post } from "./lib/post.js";
import request, { ensureNativeProxySupport } from "./lib/request.js";
import request from "./lib/request.js";
async function run() {
ensureNativeProxySupport();
return post(core, request);
}
run().catch((error) => {
post(core, request).catch((error) => {
/* c8 ignore next 3 */
console.error(error);
core.setFailed(error.message);
+4 -10
View File
@@ -2,14 +2,14 @@
Add one test file per scenario. You can run them in isolation with:
```
```bash
node tests/post-token-set.test.js
```
All tests are run together in [tests/index.js](index.js), which can be executed with Node's built-in test runner
All tests are run together in [tests/index.js](index.js), which can be executed with ava
```
node --test tests/index.js
npx ava tests/index.js
```
or with npm
@@ -20,13 +20,7 @@ npm test
## How the tests work
The output from the tests is captured into a snapshot ([tests/index.js.snapshot](index.js.snapshot)). It includes all requests sent by our scripts to verify it's working correctly and to prevent regressions.
To update snapshots after an intentional change:
```
node --test --test-update-snapshots tests/index.js
```
The output from the tests is captured into a snapshot ([tests/snapshots/index.js.md](snapshots/index.js.md)). It includes all requests sent by our scripts to verify it's working correctly and to prevent regressions.
## How to add a new test
+11 -38
View File
@@ -1,23 +1,15 @@
import { readdirSync } from "node:fs";
import { execFile } from "node:child_process";
import { promisify } from "node:util";
import { snapshot, test } from "node:test";
const execFileAsync = promisify(execFile);
// Serialize strings as-is so multiline output is human-readable in snapshots
snapshot.setDefaultSnapshotSerializers([
(value) => (typeof value === "string" ? value : undefined),
]);
import test from "ava";
import { execa } from "execa";
// Get all files in tests directory
const files = readdirSync("tests");
// Files to ignore
const ignore = ["index.js", "index.js.snapshot", "main.js", "README.md"];
const ignore = ["index.js", "main.js", "README.md", "snapshots"];
const testFiles = files.filter((file) => !ignore.includes(file)).sort();
const testFiles = files.filter((file) => !ignore.includes(file));
// Throw an error if there is a file that does not end with test.js in the tests directory
for (const file of testFiles) {
@@ -26,31 +18,12 @@ for (const file of testFiles) {
}
test(file, async (t) => {
// Override Actions environment variables that change `core`s behavior
const {
GITHUB_OUTPUT,
GITHUB_STATE,
HTTP_PROXY,
HTTPS_PROXY,
http_proxy,
https_proxy,
NO_PROXY,
no_proxy,
NODE_OPTIONS,
NODE_USE_ENV_PROXY,
...env
} = process.env;
const { stderr, stdout } = await execFileAsync("node", [`tests/${file}`], {
env,
});
const trimmedStderr = stderr.replace(/\r?\n$/, "");
const trimmedStdout = stdout.replace(/\r?\n$/, "");
await t.test("stderr", (t) => {
if (trimmedStderr) t.assert.snapshot(trimmedStderr);
else t.assert.strictEqual(trimmedStderr, "");
});
await t.test("stdout", (t) => {
if (trimmedStdout) t.assert.snapshot(trimmedStdout);
else t.assert.strictEqual(trimmedStdout, "");
});
const env = {
GITHUB_OUTPUT: undefined,
GITHUB_STATE: undefined,
};
const { stderr, stdout } = await execa("node", [`tests/${file}`], { env });
t.snapshot(stderr, "stderr");
t.snapshot(stdout, "stdout");
});
}
-274
View File
@@ -1,274 +0,0 @@
exports[`main-custom-github-api-url.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /api/v3/repos/actions/create-github-app-token/installation
POST /api/v3/app/installations/123456/access_tokens
{"repositories":["create-github-app-token"]}
`;
exports[`main-missing-owner.test.js > stderr 1`] = `
GITHUB_REPOSITORY_OWNER missing, must be set to '<owner>'
`;
exports[`main-missing-repository.test.js > stderr 1`] = `
GITHUB_REPOSITORY missing, must be set to '<owner>/<repo>'
`;
exports[`main-private-key-with-escaped-newlines.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/create-github-app-token/installation
POST /app/installations/123456/access_tokens
{"repositories":["create-github-app-token"]}
`;
exports[`main-proxy-requires-native-support.test.js > stderr 1`] = `
A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.
`;
exports[`main-proxy-requires-native-support.test.js > stdout 1`] = `
::error::A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.
`;
exports[`main-repo-skew.test.js > stderr 1`] = `
'Issued at' claim ('iat') must be an Integer representing the time that the assertion was issued.
[@octokit/auth-app] GitHub API time and system time are different by 30 seconds. Retrying request with the difference accounted for.
`;
exports[`main-repo-skew.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/failed-repo
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/failed-repo/installation
GET /repos/actions/failed-repo/installation
POST /app/installations/123456/access_tokens
{"repositories":["failed-repo"]}
`;
exports[`main-token-get-owner-set-fail-response.test.js > stdout 1`] = `
Input 'repositories' is not set. Creating token for all repositories owned by smockle.
Failed to create token for "smockle" (attempt 1): GitHub API not available
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /users/smockle/installation
GET /users/smockle/installation
POST /app/installations/123456/access_tokens
null
`;
exports[`main-token-get-owner-set-repo-fail-response.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/failed-repo
Failed to create token for "failed-repo" (attempt 1): GitHub API not available
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/failed-repo/installation
GET /repos/actions/failed-repo/installation
POST /app/installations/123456/access_tokens
{"repositories":["failed-repo"]}
`;
exports[`main-token-get-owner-set-repo-set-to-many-newline.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token
- actions/toolkit
- actions/checkout
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/create-github-app-token/installation
POST /app/installations/123456/access_tokens
{"repositories":["create-github-app-token","toolkit","checkout"]}
`;
exports[`main-token-get-owner-set-repo-set-to-many.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token
- actions/toolkit
- actions/checkout
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/create-github-app-token/installation
POST /app/installations/123456/access_tokens
{"repositories":["create-github-app-token","toolkit","checkout"]}
`;
exports[`main-token-get-owner-set-repo-set-to-one.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/create-github-app-token/installation
POST /app/installations/123456/access_tokens
{"repositories":["create-github-app-token"]}
`;
exports[`main-token-get-owner-set-repo-unset.test.js > stdout 1`] = `
Input 'repositories' is not set. Creating token for all repositories owned by actions.
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /users/actions/installation
POST /app/installations/123456/access_tokens
null
`;
exports[`main-token-get-owner-unset-repo-set.test.js > stdout 1`] = `
No 'owner' input provided. Using default owner 'actions' to create token for the following repositories:
- actions/create-github-app-token
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/create-github-app-token/installation
POST /app/installations/123456/access_tokens
{"repositories":["create-github-app-token"]}
`;
exports[`main-token-get-owner-unset-repo-unset.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/create-github-app-token/installation
POST /app/installations/123456/access_tokens
{"repositories":["create-github-app-token"]}
`;
exports[`main-token-permissions-set.test.js > stdout 1`] = `
Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::set-output name=installation-id::123456
::set-output name=app-slug::github-actions
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
GET /repos/actions/create-github-app-token/installation
POST /app/installations/123456/access_tokens
{"repositories":["create-github-app-token"],"permissions":{"issues":"write","pull_requests":"read"}}
`;
exports[`post-proxy-requires-native-support.test.js > stderr 1`] = `
A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.
`;
exports[`post-proxy-requires-native-support.test.js > stdout 1`] = `
::error::A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.
`;
exports[`post-revoke-token-fail-response.test.js > stdout 1`] = `
::warning::Token revocation failed:
`;
exports[`post-token-expired.test.js > stdout 1`] = `
Token expired, skipping token revocation
`;
exports[`post-token-set.test.js > stdout 1`] = `
Token revoked
`;
exports[`post-token-skipped.test.js > stdout 1`] = `
Token revocation was skipped
`;
exports[`post-token-unset.test.js > stdout 1`] = `
Token is not set
`;
@@ -0,0 +1,40 @@
import { test } from "./main.js";
// Verify `main` handles when no enterprise installation is found.
await test((mockPool) => {
delete process.env.INPUT_OWNER;
delete process.env.INPUT_REPOSITORIES;
process.env["INPUT_ENTERPRISE-SLUG"] = "test-enterprise";
// Mock the /app/installations endpoint to return only non-enterprise installations
mockPool
.intercept({
path: "/app/installations",
method: "GET",
headers: {
accept: "application/vnd.github.v3+json",
"user-agent": "actions/create-github-app-token",
// Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
},
})
.reply(
200,
[
{
id: "111111",
app_slug: "github-actions",
target_type: "Organization",
account: { login: "some-org" }
},
{
id: "222222",
app_slug: "github-actions",
target_type: "User",
account: { login: "some-user" }
}
],
{ headers: { "content-type": "application/json" } }
);
});
@@ -0,0 +1,16 @@
import { DEFAULT_ENV } from "./main.js";
// Verify `main` exits with an error when `enterprise-slug` is used with both `owner` and `repositories` inputs.
try {
// Set up environment with enterprise-slug, owner, and repositories all set
for (const [key, value] of Object.entries(DEFAULT_ENV)) {
process.env[key] = value;
}
process.env["INPUT_ENTERPRISE-SLUG"] = "test-enterprise";
process.env.INPUT_OWNER = "test-owner";
process.env.INPUT_REPOSITORIES = "repo1,repo2";
await import("../main.js");
} catch (error) {
console.error(error.message);
}
@@ -0,0 +1,15 @@
import { DEFAULT_ENV } from "./main.js";
// Verify `main` exits with an error when `enterprise-slug` is used with `owner` input.
try {
// Set up environment with enterprise-slug and owner set
for (const [key, value] of Object.entries(DEFAULT_ENV)) {
process.env[key] = value;
}
process.env["INPUT_ENTERPRISE-SLUG"] = "test-enterprise";
process.env.INPUT_OWNER = "test-owner";
await import("../main.js");
} catch (error) {
console.error(error.message);
}
@@ -0,0 +1,15 @@
import { DEFAULT_ENV } from "./main.js";
// Verify `main` exits with an error when `enterprise-slug` is used with `repositories` input.
try {
// Set up environment with enterprise-slug and repositories set
for (const [key, value] of Object.entries(DEFAULT_ENV)) {
process.env[key] = value;
}
process.env["INPUT_ENTERPRISE-SLUG"] = "test-enterprise";
process.env.INPUT_REPOSITORIES = "repo1,repo2";
await import("../main.js");
} catch (error) {
console.error(error.message);
}
@@ -0,0 +1,34 @@
import { test } from "./main.js";
// Verify `main` successfully obtains a token when only the `enterprise-slug` input is set.
await test((mockPool) => {
process.env["INPUT_ENTERPRISE-SLUG"] = "test-enterprise";
delete process.env.INPUT_OWNER;
delete process.env.INPUT_REPOSITORIES;
// Mock the /app/installations endpoint to return an enterprise installation
const mockInstallationId = "123456";
const mockAppSlug = "github-actions";
mockPool
.intercept({
path: "/app/installations",
method: "GET",
headers: {
accept: "application/vnd.github.v3+json",
"user-agent": "actions/create-github-app-token",
// Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
},
})
.reply(
200,
[
{
id: mockInstallationId,
app_slug: mockAppSlug,
target_type: "Enterprise",
account: { login: "test-enterprise", slug: "test-enterprise" }
}
],
{ headers: { "content-type": "application/json" } }
);
});
@@ -0,0 +1,34 @@
import { test } from "./main.js";
// Verify `main` successfully generates enterprise token with basic functionality.
await test((mockPool) => {
process.env["INPUT_ENTERPRISE-SLUG"] = "test-enterprise";
delete process.env.INPUT_OWNER;
delete process.env.INPUT_REPOSITORIES;
// Mock the /app/installations endpoint to return an enterprise installation
const mockInstallationId = "123456";
const mockAppSlug = "github-actions";
mockPool
.intercept({
path: "/app/installations",
method: "GET",
headers: {
accept: "application/vnd.github.v3+json",
"user-agent": "actions/create-github-app-token",
// Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
},
})
.reply(
200,
[
{
id: mockInstallationId,
app_slug: mockAppSlug,
target_type: "Enterprise",
account: { login: "test-enterprise", slug: "test-enterprise" }
}
],
{ headers: { "content-type": "application/json" } }
);
});
@@ -0,0 +1,36 @@
import { test } from "./main.js";
// Verify `main` successfully generates enterprise token with specific permissions.
await test((mockPool) => {
process.env["INPUT_ENTERPRISE-SLUG"] = "test-enterprise";
delete process.env.INPUT_OWNER;
delete process.env.INPUT_REPOSITORIES;
process.env["INPUT_PERMISSION-ENTERPRISE-ORGANIZATIONS"] = "read";
process.env["INPUT_PERMISSION-ENTERPRISE-PEOPLE"] = "write";
// Mock the /app/installations endpoint to return an enterprise installation
const mockInstallationId = "123456";
const mockAppSlug = "github-actions";
mockPool
.intercept({
path: "/app/installations",
method: "GET",
headers: {
accept: "application/vnd.github.v3+json",
"user-agent": "actions/create-github-app-token",
// Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
},
})
.reply(
200,
[
{
id: mockInstallationId,
app_slug: mockAppSlug,
target_type: "Enterprise",
account: { login: "test-enterprise", slug: "test-enterprise" }
}
],
{ headers: { "content-type": "application/json" } }
);
});
@@ -1,14 +0,0 @@
process.env.GITHUB_REPOSITORY = "actions/create-github-app-token";
process.env.GITHUB_REPOSITORY_OWNER = "actions";
process.env.HTTPS_PROXY = "http://127.0.0.1:3128";
const originalConsoleError = console.error;
console.error = (...args) => {
originalConsoleError(
...args.map((arg) => (arg instanceof Error ? arg.message : arg)),
);
};
await import("../main.js");
await new Promise((resolve) => setImmediate(resolve));
process.exitCode = 0;
+3 -5
View File
@@ -1,7 +1,7 @@
import { mock } from "node:test";
import { test } from "./main.js";
import { install } from "@sinonjs/fake-timers";
// Verify `main` retry when the clock has drifted.
await test((mockPool) => {
process.env.INPUT_OWNER = "actions";
@@ -11,7 +11,7 @@ await test((mockPool) => {
const mockInstallationId = "123456";
const mockAppSlug = "github-actions";
mock.timers.enable({ apis: ["Date"], now: 0 });
install({ now: 0, toFake: ["Date"] });
mockPool
.intercept({
@@ -59,6 +59,4 @@ await test((mockPool) => {
};
})
.times(2);
}).finally(() => {
mock.timers.reset();
});
@@ -1,13 +0,0 @@
process.env["INPUT_GITHUB-API-URL"] = "https://api.github.com";
process.env.HTTPS_PROXY = "http://127.0.0.1:3128";
const originalConsoleError = console.error;
console.error = (...args) => {
originalConsoleError(
...args.map((arg) => (arg instanceof Error ? arg.message : arg)),
);
};
await import("../post.js");
await new Promise((resolve) => setImmediate(resolve));
process.exitCode = 0;
+517
View File
@@ -0,0 +1,517 @@
# Snapshot report for `tests/index.js`
The actual snapshot is saved in `index.js.snap`.
Generated by [AVA](https://avajs.dev).
## action-deprecated-inputs.test.js
> stderr
''
> stdout
''
## main-custom-github-api-url.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:␊
- actions/create-github-app-token␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /api/v3/repos/actions/create-github-app-token/installation␊
POST /api/v3/app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token"]}`
## main-enterprise-installation-not-found.test.js
> stderr
`Error: No enterprise installation found matching the name test-enterprise. Available installations: Organization:some-org, User:some-user␊
at getTokenFromEnterprise (file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/lib/main.js:230:11)␊
at process.processTicksAndRejections (node:internal/process/task_queues:104:5)␊
at async pRetry (file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/node_modules/p-retry/index.js:197:19)␊
at async main (file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/lib/main.js:95:52)␊
at async test (file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/tests/main.js:111:3)␊
at async file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/tests/main-enterprise-installation-not-found.test.js:5:1`
> stdout
`Creating enterprise installation token for enterprise "test-enterprise".␊
Failed to create token for enterprise "test-enterprise" (attempt 1): undefined␊
--- REQUESTS ---␊
GET /app/installations`
## main-enterprise-mutual-exclusivity-both.test.js
> stderr
`Error: Cannot use 'enterprise-slug' input with 'owner' or 'repositories' inputs␊
at main (file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/lib/main.js:31:11)␊
at file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/main.js:33:16␊
at ModuleJob.run (node:internal/modules/esm/module_job:430:25)␊
at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:639:26)␊
at async file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/tests/main-enterprise-mutual-exclusivity-both.test.js:13:3`
> stdout
''
## main-enterprise-mutual-exclusivity-owner.test.js
> stderr
`Error: Cannot use 'enterprise-slug' input with 'owner' or 'repositories' inputs␊
at main (file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/lib/main.js:31:11)␊
at file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/main.js:33:16␊
at ModuleJob.run (node:internal/modules/esm/module_job:430:25)␊
at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:639:26)␊
at async file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/tests/main-enterprise-mutual-exclusivity-owner.test.js:12:3`
> stdout
''
## main-enterprise-mutual-exclusivity-repositories.test.js
> stderr
`Error: Cannot use 'enterprise-slug' input with 'owner' or 'repositories' inputs␊
at main (file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/lib/main.js:31:11)␊
at file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/main.js:33:16␊
at ModuleJob.run (node:internal/modules/esm/module_job:430:25)␊
at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:639:26)␊
at async file:///Users/parkerbxyz/.copilot/worktrees/create-github-app-token/pr-263/tests/main-enterprise-mutual-exclusivity-repositories.test.js:12:3`
> stdout
''
## main-enterprise-only-success.test.js
> stderr
''
> stdout
`Creating enterprise installation token for enterprise "test-enterprise".␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /app/installations␊
POST /app/installations/123456/access_tokens␊
null`
## main-enterprise-token-success.test.js
> stderr
''
> stdout
`Creating enterprise installation token for enterprise "test-enterprise".␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /app/installations␊
POST /app/installations/123456/access_tokens␊
null`
## main-enterprise-token-with-permissions.test.js
> stderr
''
> stdout
`Creating enterprise installation token for enterprise "test-enterprise".␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /app/installations␊
POST /app/installations/123456/access_tokens␊
{"permissions":{"enterprise_organizations":"read","enterprise_people":"write"}}`
## main-missing-owner.test.js
> stderr
'GITHUB_REPOSITORY_OWNER missing, must be set to \'<owner>\''
> stdout
''
## main-missing-repository.test.js
> stderr
'GITHUB_REPOSITORY missing, must be set to \'<owner>/<repo>\''
> stdout
''
## main-private-key-with-escaped-newlines.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token"]}`
## main-repo-skew.test.js
> stderr
`'Issued at' claim ('iat') must be an Integer representing the time that the assertion was issued.␊
[@octokit/auth-app] GitHub API time and system time are different by 30 seconds. Retrying request with the difference accounted for.`
> stdout
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:␊
- actions/failed-repo␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/failed-repo/installation␊
GET /repos/actions/failed-repo/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["failed-repo"]}`
## main-token-get-owner-set-fail-response.test.js
> stderr
''
> stdout
`Input 'repositories' is not set. Creating token for all repositories owned by smockle.␊
Failed to create token for "smockle" (attempt 1): GitHub API not available␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /users/smockle/installation␊
GET /users/smockle/installation␊
POST /app/installations/123456/access_tokens␊
null`
## main-token-get-owner-set-repo-fail-response.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:␊
- actions/failed-repo␊
Failed to create token for "failed-repo" (attempt 1): GitHub API not available␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/failed-repo/installation␊
GET /repos/actions/failed-repo/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["failed-repo"]}`
## main-token-get-owner-set-repo-set-to-many-newline.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:␊
- actions/create-github-app-token␊
- actions/toolkit␊
- actions/checkout␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token","toolkit","checkout"]}`
## main-token-get-owner-set-repo-set-to-many.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:␊
- actions/create-github-app-token␊
- actions/toolkit␊
- actions/checkout␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token","toolkit","checkout"]}`
## main-token-get-owner-set-repo-set-to-one.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:␊
- actions/create-github-app-token␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token"]}`
## main-token-get-owner-set-repo-unset.test.js
> stderr
''
> stdout
`Input 'repositories' is not set. Creating token for all repositories owned by actions.␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /users/actions/installation␊
POST /app/installations/123456/access_tokens␊
null`
## main-token-get-owner-unset-repo-set.test.js
> stderr
''
> stdout
`No 'owner' input provided. Using default owner 'actions' to create token for the following repositories:␊
- actions/create-github-app-token␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token"]}`
## main-token-get-owner-unset-repo-unset.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token"]}`
## main-token-permissions-set.test.js
> stderr
''
> stdout
`Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=installation-id::123456␊
::set-output name=app-slug::github-actions␊
::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::save-state name=expiresAt::2016-07-11T22:14:10Z␊
--- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token"],"permissions":{"issues":"write","pull_requests":"read"}}`
## post-revoke-token-fail-response.test.js
> stderr
''
> stdout
'::warning::Token revocation failed: '
## post-token-expired.test.js
> stderr
''
> stdout
'Token expired, skipping token revocation'
## post-token-set.test.js
> stderr
''
> stdout
'Token revoked'
## post-token-skipped.test.js
> stderr
''
> stdout
'Token revocation was skipped'
## post-token-unset.test.js
> stderr
''
> stdout
'Token is not set'
Binary file not shown.