Files
languageservices/languageservice
eric scipleandGitHub 33291f0f8d Add missing validation for action.yml (parity with workflow files) (#311)
* Add missing validation for action.yml (parity with workflow files)

- Add uses format validation for composite action steps
  - Validates owner/repo@ref format
  - Supports docker:// and ./ local references
  - Warns about shortened SHA refs (security concern)
  - Detects reusable workflow references in wrong context

- Add if literal text detection for composite action steps
  - Detects literal text outside ${{ }} that makes conditions always truthy
  - Works for both plain string and mixed expression formats
  - Uses shared hasFormatWithLiteralText() utility

- Add pre-if/post-if validation for node and docker actions
  - Errors on explicit ${{ }} syntax (runner only supports implicit expressions)
  - Literal text detection for implicit expressions
  - New runs-if schema type with proper context (runner, github, job, env, inputs, status functions)
  - Validates only in strict schema used by language services

- Add format() function validation for all expressions
  - Validates format string syntax in all expression contexts
  - Checks argument count matches placeholders

- Fix env and matrix context providers to return complete=false
  - Prevents false positive 'unknown context' errors
  - Matches behavior of other dynamic contexts (secrets, vars, etc.)

- Refactor validation utilities into utils/validate-uses.ts and utils/validate-if.ts
  - Shared between workflow and action validation
  - Consistent error messages and codes

* Add strategy and matrix contexts to runs-if definition

Based on runner source code analysis (actions/runner):
- ExecutionContext.InitializeJob() populates ExpressionValues from message.ContextData
- strategy and matrix are part of message.ContextData, available before any steps run
- StepsRunner evaluates all steps (pre, main, post) using the same code path

Did NOT add:
- steps: empty at pre-if time (no steps completed yet)
- hashFiles: workspace files don't exist at pre-step time
2026-01-23 00:02:02 -06:00
..
2023-03-15 14:56:47 -04:00
2023-02-22 15:52:40 -08:00
2023-02-22 15:52:40 -08:00
2023-03-01 08:19:17 -08:00
2023-02-22 15:52:40 -08:00

actions/languageservice

This package contains the logic for the GitHub Actions workflows language server.

Installation

The package contains TypeScript types and compiled ECMAScript modules.

npm install @actions/languageservice

Usage

Basic usage

Concepts

The language service features use three sources of information:

  • a built-in static schema for the workflow YAML file
  • value providers which can dynamically add values to the schema, for example, the list of available labels for a repository when validating runs-on.
  • context providers which can dynamically provide available contexts used in expressions. For example, the contents of the github.event context for a given workflow file.

Validation

Validate a workflow file, returns an array of Diagnostic objects.

const config: ValidationConfig = {
  valueProviderConfig: valueProviders(sessionToken, repoContext, cache),
  contextProviderConfig: contextProviders(sessionToken, repoContext, cache),
};

const result = await validate(textDocument, config); // result is an array of `Diagnostic`

Hover

Get information when hovering over a token in the workflow file.

import {hover} from "@actions/languageservice";

const document = {
  uri: "file:///path/to/file",
  getText: () => "on: push\n  jobs:\n    build:\n      runs-on: ubuntu-latest\n      steps:\n        - run: echo hello"
};

const hover = await hover(document, {line: 0, character: 1}); // { contents: { kind: "markdown", value: "The event that triggers the workflow" } }

Auto-completion

import {complete} from "@actions/languageservice";

const document = {
  uri: "file:///path/to/file",
  getText: () => `on: 
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - run: echo hello`
};

// Trigger completion for `on: |`
const suggestions = await complete(document, {line: 0, character: 4});

will return

[{
  "documentation": {
    "kind": "markdown",
    "value": "Runs your workflow when branch protection rules in the workflow repository are changed.",
  },
  "label": "branch_protection_rule",
  "textEdit": {
    "newText": "branch_protection_rule",
    "range": {
      "end": {"character": 4, "line": 0,},
      "start": {"character": 4, "line": 0},
    },
  },
},
//... other events
]

Contributing

See CONTRIBUTING.md at the root of the repository for general guidelines and recommendations.

If you do want to contribute, please run prettier to format your code and add unit tests as appropriate before submitting your PR.

Build

npm run build

or to watch for changes

npm run watch

Test

npm test

or to watch for changes and run tests:

npm run test-watch

Lint

npm run format-check

License

This project is licensed under the terms of the MIT open source license. Please refer to MIT for the full terms.