Salman Chishti
a6edf8b70d
Update environment configuration in releases.yml
2026-03-26 12:27:00 +00:00
Salman Chishti
0df75b91ff
Merge pull request #2359 from actions/dependabot/npm_and_yarn/picomatch-2.3.2
...
chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2
2026-03-26 12:25:19 +00:00
dependabot[bot]
233d556477
chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2
...
Bumps [picomatch](https://github.com/micromatch/picomatch ) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/micromatch/picomatch/releases )
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md )
- [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2 )
---
updated-dependencies:
- dependency-name: picomatch
dependency-version: 2.3.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-25 22:41:36 +00:00
Bassem Dghaidi
44d43b5490
Merge pull request #2351 from actions/Link-/add-releases-docs
...
Add docs for the releases workflow
2026-03-16 16:45:42 +01:00
Bassem Dghaidi
76ac4dd95f
Update contributing.md
2026-03-16 08:39:20 -07:00
Bassem Dghaidi
632b2cbff6
Add screenshot
2026-03-16 08:33:25 -07:00
Bassem Dghaidi
73bdb59ac2
Explain the new releases workflow
2026-03-16 08:29:53 -07:00
Bassem Dghaidi
22d35395d4
Merge pull request #2350 from actions/Link-/fix-tests-in-releases
...
Scope tests to the package being published
2026-03-16 15:01:41 +01:00
Bassem Dghaidi
ed4fdc98c4
Add input to run isolated tests
2026-03-16 06:50:25 -07:00
Bassem Dghaidi
6211ca9cbd
Merge pull request #2349 from actions/Link-/update-release-workflow
...
Update release workflow to permit shipping from non main branches
2026-03-16 14:29:21 +01:00
Bassem Dghaidi
99dfdab194
Fix the description of npm-tag
2026-03-16 06:14:29 -07:00
Bassem Dghaidi
6ec76cbf3d
Update release workflow to permit shipping from non main branches
2026-03-16 06:05:25 -07:00
Salman Chishti
943ff82d3d
Merge pull request #2344 from actions/dependabot/npm_and_yarn/packages/artifact/undici-6.24.0
...
chore(deps): bump undici from 6.23.0 to 6.24.0 in /packages/artifact
2026-03-14 04:35:35 +00:00
dependabot[bot]
06bca4509d
chore(deps): bump undici from 6.23.0 to 6.24.0 in /packages/artifact
...
Bumps [undici](https://github.com/nodejs/undici ) from 6.23.0 to 6.24.0.
- [Release notes](https://github.com/nodejs/undici/releases )
- [Commits](https://github.com/nodejs/undici/compare/v6.23.0...v6.24.0 )
---
updated-dependencies:
- dependency-name: undici
dependency-version: 6.24.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-14 04:17:32 +00:00
Daniel Kennedy
21229dc09e
Artifact: support downloading artifacts with CJK characters in their name ( #2341 )
...
* Artifact: support downloading artifacts with CJK characters in their name
* Fix some linting/PR comments
* One more linting fix
2026-03-11 09:30:15 -04:00
Meredith Lancaster
6fd292ebdd
Merge pull request #2337 from actions/dependabot/npm_and_yarn/packages/attest/tar-7.5.10
...
chore(deps): bump tar from 7.5.7 to 7.5.10 in /packages/attest
2026-03-06 06:54:55 -08:00
dependabot[bot]
89f01c9125
chore(deps): bump tar from 7.5.7 to 7.5.10 in /packages/attest
...
Bumps [tar](https://github.com/isaacs/node-tar ) from 7.5.7 to 7.5.10.
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.10 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.10
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-06 13:29:24 +00:00
Zachary Taylor
85466c0f54
Merge pull request #2323 from actions/zaataylor-update-artifact-storage-err-msg
...
Update artifact storage error message
2026-02-26 14:37:38 -05:00
Zachary Taylor
bd4fb086f1
Update UsageError in cache
2026-02-26 14:31:12 -05:00
Zachary Taylor
49c3d09c01
Update error message
2026-02-26 14:28:46 -05:00
Brian DeHamer
91d76bea50
Merge pull request #2321 from actions/bdehamer/storage-record-orchestration-id
...
Custom user-agent string for storage record API reqs
2026-02-26 10:52:42 -08:00
Brian DeHamer
69f29a1b1c
Update packages/attest/src/artifactMetadata.ts
...
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2026-02-25 17:40:10 -08:00
Brian DeHamer
7987771a2b
new user-agent string for storage record API reqs
...
Signed-off-by: Brian DeHamer <bdehamer@github.com >
2026-02-25 15:36:27 -08:00
Brian DeHamer
605cc18397
Merge pull request #2320 from actions/bdehamer/attest-orchestration-id
...
custom user-agent string for attestation API reqs
2026-02-25 11:25:53 -08:00
Brian DeHamer
27e5a955bf
custom user-agent string for attestation API reqs
...
Signed-off-by: Brian DeHamer <bdehamer@github.com >
2026-02-25 11:20:54 -08:00
Daniel Kennedy
6fe3c0f3e6
Artifact upload: support uploading single un-zipped files ( #2256 )
...
* Artifact upload: support uploading single un-zipped files
* Fix linters
* Fix lint again
* Fix tests
* Check for 0 sized artifact lists
* Add some more stream tests and handle an upload failure gracefully
* Add CI tests for non-zipped artifacts
* Add an html report to test rendering in the browser
* Fix linting issue
* Artifact: bump the version and add release notes
* Fix Windows tests
* Fix linting
* stream: switch the error details to error type
* Refactor the validation logic in `uploadArtifact` a bit
* Added more details about how the name parameter is handled
2026-02-25 11:01:38 -05:00
Daniel Kennedy
8c90e2297a
fix(tests): close sockets to remove a Jest warning about resources outliving their tests ( #2279 )
2026-02-13 12:05:37 -05:00
dependabot[bot]
8351a5d84d
chore(deps): bump fast-xml-parser in /packages/artifact ( #2285 )
...
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser ) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases )
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.3...v5.3.4 )
---
updated-dependencies:
- dependency-name: fast-xml-parser
dependency-version: 5.3.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-30 16:26:32 -05:00
Daniel Kennedy
5203b671f1
Releases: use ubuntu-latest instead of macos-latest-large ( #2284 )
2026-01-30 16:04:52 -05:00
Daniel Kennedy
975fcbd402
Artifact download: don't unzip non-zip artifacts ( #2253 )
...
* Download artifact: don't extract the downloaded file if the content-type isn't a zip
* Remove unused `import`
* Add support for specifying whether to skip decompressing
* Prevent path traversal attacks
* Fix indenting
* Update packages/artifact/__tests__/download-artifact.test.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
* Parse the mime type out of the content-type header
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
* Fix some linting issues
* Swap `zip` for `application/zip-compressed`
* Test: negative check for malicious paths
* Increase the timeout on one of the tests
* Check the URL path for `.zip` to see if we can auto-decompress
* Fix linting issue
* Bump the package version and add release notes
* Remove `launch.json`
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2026-01-30 12:18:38 -05:00
Tingting Wang
ffae274475
Merge pull request #2268 from actions/dependabot/npm_and_yarn/packages/attest/tar-7.5.7
...
chore(deps): bump tar from 7.5.6 to 7.5.7 in /packages/attest
2026-01-29 13:01:33 -08:00
dependabot[bot]
1c20378379
chore(deps): bump tar from 7.5.6 to 7.5.7 in /packages/attest
...
Bumps [tar](https://github.com/isaacs/node-tar ) from 7.5.6 to 7.5.7.
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.6...v7.5.7 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-29 20:20:49 +00:00
Daniel Kennedy
0be0a6ef89
@actions/attest: convert to an ESM module (#2278 )
2026-01-29 15:19:39 -05:00
Daniel Kennedy
ae29a2751b
@actions/cache: convert to an ESM module (#2275 )
...
* `@actions/cache`: convert to an ESM module
* Update the fixture to ESM syntax
* Update the cache workflows
* Bump `@actions/glob` to `0.6.1`
* Fix awaiting in the cache unit tests
* Fix a type issues in contracts
* Export the `DownloadOptions`/`UploadOptions` like before
* More cache test fixes
* Make the cache units tests better
* Add some more logging
* Add retries to restore-cache.mjs
2026-01-29 14:23:32 -05:00
Daniel Kennedy
b48854e1ac
@actions/glob: fix minimatch imports (#2276 )
2026-01-29 13:30:54 -05:00
Daniel Kennedy
9d912b1840
@actions/tool-cache: convert to an ESM module (#2274 )
...
* `@actions/tool-cache`: convert to an ESM module
* Fix jest config
* Downgrade `nock` since it's conflicting with `@actions/attest`'s version
2026-01-29 11:26:14 -05:00
Daniel Kennedy
7a0147b5c6
@actions/glob: convert to an ESM module (#2273 )
...
* `@actions/glob`: convert to an ESM module
* Update packages/glob/RELEASES.md
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2026-01-29 10:41:33 -05:00
Daniel Kennedy
5793b08cd9
@actions/artifact: convert to an ESM module (#2266 )
...
* `@actions/artifact`: convert to an ESM module
* Update the package-lock.json
* Undo the GHES ignores
* Fix the reference to `@actions/http-client` in the lock file
* Bump `@actions/core` to `3.0.0`
* Remove `jest.config.cjs`
* Import `OctoKitOptions` from `@octokit/core/types`
* Pull the package version from `package.json`
* Workaround getting the package version for the user-agent
* Fix the `archiver` import
* Fix linting
2026-01-29 09:52:09 -05:00
Daniel Kennedy
ed3ea3b5ba
@actions/core: convert to ESM module
2026-01-28 20:50:58 -05:00
Daniel Kennedy
c9c663babe
Bump @actions/io to 3.0.2
2026-01-28 15:59:40 -05:00
Daniel Kennedy
0fc1805b46
@actions/exec: convert to ESM module
2026-01-28 15:59:40 -05:00
Daniel Kennedy
a6e9f4bab2
@actions/io: update lock file version
2026-01-28 14:36:03 -05:00
Daniel Kennedy
758b556388
@actions/io: export lib/io-util
2026-01-28 14:08:19 -05:00
Daniel Kennedy
9e060cb3e1
Add release notes
2026-01-28 13:33:17 -05:00
Daniel Kennedy
5501ba08b7
@actions/io: convert to ESM module
2026-01-28 13:33:17 -05:00
Daniel Kennedy
4446f00fc7
Add a release entry for 4.0.0
2026-01-28 10:27:09 -05:00
Daniel Kennedy
965dcc7493
Fix a JSON lint issue
2026-01-28 10:27:09 -05:00
Daniel Kennedy
d464f9dd60
Add proxy/interfaces exports
2026-01-28 10:27:09 -05:00
Daniel Kennedy
c9ab4f9548
http-client: convert to ESM
2026-01-28 10:27:09 -05:00
Lokesh Gopu
a2986ee511
Merge pull request #2260 from actions/lokesh755-actions-github-v9-esm
...
ESM-only with updated @octokit dependencies
2026-01-27 15:58:18 -05:00