Commit Graph

1837 Commits

Author SHA1 Message Date
Salman Chishti a6edf8b70d Update environment configuration in releases.yml 2026-03-26 12:27:00 +00:00
Salman Chishti 0df75b91ff Merge pull request #2359 from actions/dependabot/npm_and_yarn/picomatch-2.3.2
chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2
2026-03-26 12:25:19 +00:00
dependabot[bot] 233d556477 chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2
Bumps [picomatch](https://github.com/micromatch/picomatch) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2)

---
updated-dependencies:
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-25 22:41:36 +00:00
Bassem Dghaidi 44d43b5490 Merge pull request #2351 from actions/Link-/add-releases-docs
Add docs for the releases workflow
2026-03-16 16:45:42 +01:00
Bassem Dghaidi 76ac4dd95f Update contributing.md 2026-03-16 08:39:20 -07:00
Bassem Dghaidi 632b2cbff6 Add screenshot 2026-03-16 08:33:25 -07:00
Bassem Dghaidi 73bdb59ac2 Explain the new releases workflow 2026-03-16 08:29:53 -07:00
Bassem Dghaidi 22d35395d4 Merge pull request #2350 from actions/Link-/fix-tests-in-releases
Scope tests to the package being published
2026-03-16 15:01:41 +01:00
Bassem Dghaidi ed4fdc98c4 Add input to run isolated tests 2026-03-16 06:50:25 -07:00
Bassem Dghaidi 6211ca9cbd Merge pull request #2349 from actions/Link-/update-release-workflow
Update release workflow to permit shipping from non main branches
2026-03-16 14:29:21 +01:00
Bassem Dghaidi 99dfdab194 Fix the description of npm-tag 2026-03-16 06:14:29 -07:00
Bassem Dghaidi 6ec76cbf3d Update release workflow to permit shipping from non main branches 2026-03-16 06:05:25 -07:00
Salman Chishti 943ff82d3d Merge pull request #2344 from actions/dependabot/npm_and_yarn/packages/artifact/undici-6.24.0
chore(deps): bump undici from 6.23.0 to 6.24.0 in /packages/artifact
2026-03-14 04:35:35 +00:00
dependabot[bot] 06bca4509d chore(deps): bump undici from 6.23.0 to 6.24.0 in /packages/artifact
Bumps [undici](https://github.com/nodejs/undici) from 6.23.0 to 6.24.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.23.0...v6.24.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 6.24.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-14 04:17:32 +00:00
Daniel Kennedy 21229dc09e Artifact: support downloading artifacts with CJK characters in their name (#2341)
* Artifact: support downloading artifacts with CJK characters in their name

* Fix some linting/PR comments

* One more linting fix
2026-03-11 09:30:15 -04:00
Meredith Lancaster 6fd292ebdd Merge pull request #2337 from actions/dependabot/npm_and_yarn/packages/attest/tar-7.5.10
chore(deps): bump tar from 7.5.7 to 7.5.10 in /packages/attest
2026-03-06 06:54:55 -08:00
dependabot[bot] 89f01c9125 chore(deps): bump tar from 7.5.7 to 7.5.10 in /packages/attest
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.7 to 7.5.10.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.10)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.10
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-06 13:29:24 +00:00
Zachary Taylor 85466c0f54 Merge pull request #2323 from actions/zaataylor-update-artifact-storage-err-msg
Update artifact storage error message
2026-02-26 14:37:38 -05:00
Zachary Taylor bd4fb086f1 Update UsageError in cache 2026-02-26 14:31:12 -05:00
Zachary Taylor 49c3d09c01 Update error message 2026-02-26 14:28:46 -05:00
Brian DeHamer 91d76bea50 Merge pull request #2321 from actions/bdehamer/storage-record-orchestration-id
Custom user-agent string for storage record API reqs
2026-02-26 10:52:42 -08:00
Brian DeHamer 69f29a1b1c Update packages/attest/src/artifactMetadata.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-02-25 17:40:10 -08:00
Brian DeHamer 7987771a2b new user-agent string for storage record API reqs
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2026-02-25 15:36:27 -08:00
Brian DeHamer 605cc18397 Merge pull request #2320 from actions/bdehamer/attest-orchestration-id
custom user-agent string for attestation API reqs
2026-02-25 11:25:53 -08:00
Brian DeHamer 27e5a955bf custom user-agent string for attestation API reqs
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2026-02-25 11:20:54 -08:00
Daniel Kennedy 6fe3c0f3e6 Artifact upload: support uploading single un-zipped files (#2256)
* Artifact upload: support uploading single un-zipped files

* Fix linters

* Fix lint again

* Fix tests

* Check for 0 sized artifact lists

* Add some more stream tests and handle an upload failure gracefully

* Add CI tests for non-zipped artifacts

* Add an html report to test rendering in the browser

* Fix linting issue

* Artifact: bump the version and add release notes

* Fix Windows tests

* Fix linting

* stream: switch the error details to error type

* Refactor the validation logic in `uploadArtifact` a bit

* Added more details about how the name parameter is handled
2026-02-25 11:01:38 -05:00
Daniel Kennedy 8c90e2297a fix(tests): close sockets to remove a Jest warning about resources outliving their tests (#2279) 2026-02-13 12:05:37 -05:00
dependabot[bot] 8351a5d84d chore(deps): bump fast-xml-parser in /packages/artifact (#2285)
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.3...v5.3.4)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-version: 5.3.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-30 16:26:32 -05:00
Daniel Kennedy 5203b671f1 Releases: use ubuntu-latest instead of macos-latest-large (#2284) 2026-01-30 16:04:52 -05:00
Daniel Kennedy 975fcbd402 Artifact download: don't unzip non-zip artifacts (#2253)
* Download artifact: don't extract the downloaded file if the content-type isn't a zip

* Remove unused `import`

* Add support for specifying whether to skip decompressing

* Prevent path traversal attacks

* Fix indenting

* Update packages/artifact/__tests__/download-artifact.test.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Parse the mime type out of the content-type header

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Fix some linting issues

* Swap `zip` for `application/zip-compressed`

* Test: negative check for malicious paths

* Increase the timeout on one of the tests

* Check the URL path for `.zip` to see if we can auto-decompress

* Fix linting issue

* Bump the package version and add release notes

* Remove `launch.json`

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-01-30 12:18:38 -05:00
Tingting Wang ffae274475 Merge pull request #2268 from actions/dependabot/npm_and_yarn/packages/attest/tar-7.5.7
chore(deps): bump tar from 7.5.6 to 7.5.7 in /packages/attest
2026-01-29 13:01:33 -08:00
dependabot[bot] 1c20378379 chore(deps): bump tar from 7.5.6 to 7.5.7 in /packages/attest
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.6 to 7.5.7.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.6...v7.5.7)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-01-29 20:20:49 +00:00
Daniel Kennedy 0be0a6ef89 @actions/attest: convert to an ESM module (#2278) 2026-01-29 15:19:39 -05:00
Daniel Kennedy ae29a2751b @actions/cache: convert to an ESM module (#2275)
* `@actions/cache`: convert to an ESM module

* Update the fixture to ESM syntax

* Update the cache workflows

* Bump `@actions/glob` to `0.6.1`

* Fix awaiting in the cache unit tests

* Fix a type issues in contracts

* Export the `DownloadOptions`/`UploadOptions` like before

* More cache test fixes

* Make the cache units tests better

* Add some more logging

* Add retries to restore-cache.mjs
2026-01-29 14:23:32 -05:00
Daniel Kennedy b48854e1ac @actions/glob: fix minimatch imports (#2276) 2026-01-29 13:30:54 -05:00
Daniel Kennedy 9d912b1840 @actions/tool-cache: convert to an ESM module (#2274)
* `@actions/tool-cache`: convert to an ESM module

* Fix jest config

* Downgrade `nock` since it's conflicting with `@actions/attest`'s version
2026-01-29 11:26:14 -05:00
Daniel Kennedy 7a0147b5c6 @actions/glob: convert to an ESM module (#2273)
* `@actions/glob`: convert to an ESM module

* Update packages/glob/RELEASES.md

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-01-29 10:41:33 -05:00
Daniel Kennedy 5793b08cd9 @actions/artifact: convert to an ESM module (#2266)
* `@actions/artifact`: convert to an ESM module

* Update the package-lock.json

* Undo the GHES ignores

* Fix the reference to `@actions/http-client` in the lock file

* Bump `@actions/core` to `3.0.0`

* Remove `jest.config.cjs`

* Import `OctoKitOptions` from `@octokit/core/types`

* Pull the package version from `package.json`

* Workaround getting the package version for the user-agent

* Fix the `archiver` import

* Fix linting
2026-01-29 09:52:09 -05:00
Daniel Kennedy ed3ea3b5ba @actions/core: convert to ESM module 2026-01-28 20:50:58 -05:00
Daniel Kennedy c9c663babe Bump @actions/io to 3.0.2 2026-01-28 15:59:40 -05:00
Daniel Kennedy 0fc1805b46 @actions/exec: convert to ESM module 2026-01-28 15:59:40 -05:00
Daniel Kennedy a6e9f4bab2 @actions/io: update lock file version 2026-01-28 14:36:03 -05:00
Daniel Kennedy 758b556388 @actions/io: export lib/io-util 2026-01-28 14:08:19 -05:00
Daniel Kennedy 9e060cb3e1 Add release notes 2026-01-28 13:33:17 -05:00
Daniel Kennedy 5501ba08b7 @actions/io: convert to ESM module 2026-01-28 13:33:17 -05:00
Daniel Kennedy 4446f00fc7 Add a release entry for 4.0.0 2026-01-28 10:27:09 -05:00
Daniel Kennedy 965dcc7493 Fix a JSON lint issue 2026-01-28 10:27:09 -05:00
Daniel Kennedy d464f9dd60 Add proxy/interfaces exports 2026-01-28 10:27:09 -05:00
Daniel Kennedy c9ab4f9548 http-client: convert to ESM 2026-01-28 10:27:09 -05:00
Lokesh Gopu a2986ee511 Merge pull request #2260 from actions/lokesh755-actions-github-v9-esm
ESM-only with updated @octokit dependencies
2026-01-27 15:58:18 -05:00