main
7 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 dependabot[bot]
|
e02e816e55 |
build(deps-dev): bump undici from 7.24.6 to 8.2.0 (#366)
Bumps [undici](https://github.com/nodejs/undici) from 7.24.6 to 8.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodejs/undici/releases">undici's releases</a>.</em></p> <blockquote> <h2>v8.2.0</h2> <h2>What's Changed</h2> <ul> <li>chore: use native addAbortListener by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5021">nodejs/undici#5021</a></li> <li>fix: fix the logic for the UNDICI_NO_WASM_SIMD environment variable by <a href="https://github.com/ShenHongFei"><code>@ShenHongFei</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5026">nodejs/undici#5026</a></li> <li>fix(http2): send body for non-expectsPayload methods with content by <a href="https://github.com/mcollina"><code>@mcollina</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5030">nodejs/undici#5030</a></li> <li>fix(fetch): correct 'navigator' typo to 'navigate' in fetchFinale by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5044">nodejs/undici#5044</a></li> <li>fix(webidl): correct signed integer bounds in ConvertToInt by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5038">nodejs/undici#5038</a></li> <li>fix(fetch): use || for CRLF check in multipart formdata-parser by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5049">nodejs/undici#5049</a></li> <li>fix(websocket): correct argument order in WebSocketStream UTF-8 failure by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5050">nodejs/undici#5050</a></li> <li>fix(pool): propagate useH2c to connector when connections > 1 by <a href="https://github.com/SAY-5"><code>@SAY-5</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5031">nodejs/undici#5031</a></li> <li>fix(cache): return immutable staleAt in milliseconds by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5048">nodejs/undici#5048</a></li> <li>fix(socks5-proxy-agent): use per-origin pools to prevent cross-origin routing by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5041">nodejs/undici#5041</a></li> <li>fix(cache): evict oldest entries first in SqliteCacheStore prune by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5039">nodejs/undici#5039</a></li> <li>fix(socks5): correctly expand IPv6 '::' compressed notation by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5046">nodejs/undici#5046</a></li> <li>Remove unused func and unnecessary shim by <a href="https://github.com/tsctx"><code>@tsctx</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5053">nodejs/undici#5053</a></li> <li>fix: reject malformed content-length request headers by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5060">nodejs/undici#5060</a></li> <li>fix(request): reject NaN highWaterMark during option validation by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5062">nodejs/undici#5062</a></li> <li>docs: fix broken links in docsify sidebar by <a href="https://github.com/maruthang"><code>@maruthang</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5065">nodejs/undici#5065</a></li> <li>fix(fetch): prefer filename* over filename in multipart form-data by <a href="https://github.com/maruthang"><code>@maruthang</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5068">nodejs/undici#5068</a></li> <li>fix(http2): reject websocket upgrades on non-200 responses by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5072">nodejs/undici#5072</a></li> <li>feat: support username-only proxy authentication in ProxyAgent by <a href="https://github.com/rossilor95"><code>@rossilor95</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/4935">nodejs/undici#4935</a></li> <li>build(deps): bump uWebSockets.js from v20.58.0 to v20.64.0 in /benchmarks by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nodejs/undici/pull/5083">nodejs/undici#5083</a></li> <li>fix(client-h2): stop double-decrementing kOpenStreams on stream timeout by <a href="https://github.com/SAY-5"><code>@SAY-5</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5076">nodejs/undici#5076</a></li> <li>fix(http2): reject upgrade streams closed before response headers by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5069">nodejs/undici#5069</a></li> <li>fix(http2): allow GET and HEAD request bodies over h2 by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5058">nodejs/undici#5058</a></li> <li>fix(cache): include query in cache key when opts.path is undefined by <a href="https://github.com/maruthang"><code>@maruthang</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5081">nodejs/undici#5081</a></li> <li>fix: avoid premature cleanup of dispatcher in Agent by <a href="https://github.com/bienzaaron"><code>@bienzaaron</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5034">nodejs/undici#5034</a></li> <li>fix(http2): record ping failures on the socket by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5075">nodejs/undici#5075</a></li> <li>add undici security policy by <a href="https://github.com/mcollina"><code>@mcollina</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5056">nodejs/undici#5056</a></li> <li>fix(mock): make filterCalls AND operator actually intersect results by <a href="https://github.com/deepview-autofix"><code>@deepview-autofix</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5045">nodejs/undici#5045</a></li> <li>fix(socks5): enforce authenticated state before CONNECT by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5097">nodejs/undici#5097</a></li> <li>fix(cache): skip expired sqlite vary entries during lookup by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5095">nodejs/undici#5095</a></li> <li>fix: enforce maxCachedSessions in TLS session cache by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5102">nodejs/undici#5102</a></li> <li>fix(socks5): encode embedded IPv4 tails in IPv6 literals correctly by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5099">nodejs/undici#5099</a></li> <li>fix: handle invalid HTTP/2 connection headers (<a href="https://redirect.github.com/nodejs/undici/issues/4356">#4356</a>) by <a href="https://github.com/mcollina"><code>@mcollina</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5101">nodejs/undici#5101</a></li> <li>fix(interceptor): add throwOnMaxRedirect to types and interceptor opts by <a href="https://github.com/maruthang"><code>@maruthang</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5066">nodejs/undici#5066</a></li> <li>fix(websocket): avoid double-closing canceled stream readers by <a href="https://github.com/colinaaa"><code>@colinaaa</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5105">nodejs/undici#5105</a></li> <li>fix(cache): persist vary when updating sqlite cache entries by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5109">nodejs/undici#5109</a></li> <li>refactor(h1): track HEAD keep-alive override as boolean by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5110">nodejs/undici#5110</a></li> <li>client: cache llhttp wasm buffer view by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5115">nodejs/undici#5115</a></li> <li>deps: update llhttp to 9.3.1 by <a href="https://github.com/mcollina"><code>@mcollina</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5113">nodejs/undici#5113</a></li> <li>fix(http2): preserve accepted streams after GOAWAY by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5090">nodejs/undici#5090</a></li> <li>fix: reuse parser WeakRef for timeout callbacks by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5125">nodejs/undici#5125</a></li> <li>fix: stop buffering data after SOCKS5 connect by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5118">nodejs/undici#5118</a></li> <li>perf(http2): avoid response header reserialization by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5085">nodejs/undici#5085</a></li> <li>fix(cache): enforce sqlite maxCount after insert by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5112">nodejs/undici#5112</a></li> <li>perf: reduce EventSourceStream parser allocations by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5032">nodejs/undici#5032</a></li> <li>types(dispatcher): use OutgoingHttpHeaders for request headers by <a href="https://github.com/maruthang"><code>@maruthang</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5067">nodejs/undici#5067</a></li> <li>cleanup: delete redundant .gitkeep file by <a href="https://github.com/shivarm"><code>@shivarm</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5133">nodejs/undici#5133</a></li> <li>fix(http2): respect peer max concurrent streams by <a href="https://github.com/trivikr"><code>@trivikr</code></a> in <a href="https://redirect.github.com/nodejs/undici/pull/5135">nodejs/undici#5135</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodejs/undici/commit/bf684f7de01616708a33a5d1c092177622394442"><code>bf684f7</code></a> Bumped v8.2.0 (<a href="https://redirect.github.com/nodejs/undici/issues/5152">#5152</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/0ca054aa8524ed52709ebf15e94e187f4a18ebcf"><code>0ca054a</code></a> fix: replace stale pool clients under connection limit (<a href="https://redirect.github.com/nodejs/undici/issues/5145">#5145</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/7af90e9721f882bb5fc97606e3f95217ca849994"><code>7af90e9</code></a> perf: avoid redundant scans in BalancedPool dispatcher selection (<a href="https://redirect.github.com/nodejs/undici/issues/5146">#5146</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/abb9d06ba7b882d336129898f9e89176f1c8f1c3"><code>abb9d06</code></a> fix: validate H2CClient maxConcurrentStreams option (<a href="https://redirect.github.com/nodejs/undici/issues/5143">#5143</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/72a75913138bc6197bf0620a1291f7c2e764c430"><code>72a7591</code></a> perf(http2): avoid cloning headers when removing status (<a href="https://redirect.github.com/nodejs/undici/issues/5127">#5127</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/96fd5e9da9b19a4d49eb9e67534f73f4cfa1c677"><code>96fd5e9</code></a> fix(cache): allow streamed entries at maxEntrySize limit (<a href="https://redirect.github.com/nodejs/undici/issues/5129">#5129</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/f41e53f112659ec37b6fa8db4e4f39388b9e6ca6"><code>f41e53f</code></a> perf: use byteLength property for binary body chunks (<a href="https://redirect.github.com/nodejs/undici/issues/5126">#5126</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/bec49615931e3df3df4f75956b35c3f7f1fd05ca"><code>bec4961</code></a> chore(deps): add lockfile (<a href="https://redirect.github.com/nodejs/undici/issues/5139">#5139</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/86f1242cfc86364fe5c30d7e0fc1deec8d52954b"><code>86f1242</code></a> perf(http2): reduce writeH2 per-request callback allocations (<a href="https://redirect.github.com/nodejs/undici/issues/5138">#5138</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/cad3f70a86b95966a3e368f9f7118377858b8c3e"><code>cad3f70</code></a> perf(client): parse h1 content-length statelessly (<a href="https://redirect.github.com/nodejs/undici/issues/5124">#5124</a>)</li> <li>Additional commits viewable in <a href="https://github.com/nodejs/undici/compare/v7.24.6...v8.2.0">compare view</a></li> </ul> </details> <br /> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
Stefan
|
952a2a7073 |
feat: add support for enterprise-level GitHub Apps (#263)
This pull request adds support for generating GitHub App installation
tokens for enterprise-level installations.
### What changed
- Added a new `enterprise` input to `action.yml`.
- Wired `enterprise` through `main.js` and `lib/main.js`.
- Added validation so `enterprise` cannot be combined with `owner` or
`repositories`.
- Implemented enterprise installation lookup using the direct GitHub API
route `GET /enterprises/{enterprise}/installation`, then used the
returned installation ID to mint an installation token through
`@octokit/auth-app`.
- Updated `README.md` with enterprise installation usage and input
documentation.
- Updated `dist/main.cjs` for the bundled action.
- Shared token creation retry behavior across repository, owner, and
enterprise paths so server errors and transient network errors are
retried, while client errors fail immediately.
### Tests
Added focused test coverage for:
- enterprise token creation
- enterprise token creation with explicit permissions
- enterprise installation not found
- mutual exclusivity with `owner`
- mutual exclusivity with `repositories`
- owner installation client errors are not retried
- transient network errors are retried during token creation
### Notes
- This keeps the existing repository-scoped token behavior unchanged.
- Owner, repository, and enterprise token creation now share the same
retry policy: server errors and recognized transient network errors are
retried, while client errors fail immediately. This intentionally fixes
the previous owner-path behavior that retried client errors.
Refs:
-
https://github.blog/changelog/2025-07-01-enterprise-level-access-for-github-apps-and-installation-automation-apis/
-
https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-enterprise-installation-for-the-authenticated-app
---------
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
||
|
Parker Brown
|
496a7ac4eb |
test: migrate from AVA to Node.js native test runner (#346)
AVA stores snapshots in a binary format (`.snap`), which produces no
meaningful diffs and bloats Git history. This replaces AVA with the
built-in `node:test` module, whose snapshot support generates
human-readable text files that are easy to diff and review in pull
requests.
The migration also replaces `@sinonjs/fake-timers` and `execa` with
Node.js built-ins (`node:test` mock timers and `node:child_process`),
removing three dev dependencies total.
- **`tests/index.js`**: Rewritten to use `node:test` with a custom
snapshot serializer that renders strings with actual newlines. Uses
subtests for labeled `stderr`/`stdout` snapshots, and only snapshots
non-empty output.
- **`tests/main-repo-skew.test.js`**: Replace `@sinonjs/fake-timers`
with `mock.timers.enable()` from `node:test`.
- **`tests/README.md`**: Updated documentation to reflect `node --test`
and the new snapshot file.
- **`package.json`**: Remove `ava`, `@sinonjs/fake-timers`, and `execa`
from devDependencies. Update test script to `c8 --100 node --test
tests/index.js`.
- **`tests/index.js.snapshot`**: New text-based snapshot file replacing
binary `tests/snapshots/index.js.snap`.
- **`tests/snapshots/`**: Deleted.
All 22 test scenarios (66 subtests) pass with 100% code coverage.
Closes #344
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
(cherry picked from commit
|
||
|
Parker Brown
|
4451bcbc13 |
fix!: require NODE_USE_ENV_PROXY for proxy support (#342)
BREAKING CHANGE: Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step. |
||
|
Parker Brown
|
15db0371da |
test: fix test file extensions and inputs for repositories (#161)
This pull request fixes the file extension for two test files that were incorrectly named. This caused them not to be tested. A new test has been added to ensure all test files have the correct extension. This also fixes a bug in some tests where `repositories` inputs included the repository owner. The owner has been removed from these inputs and the snapshots have been updated. |
||
|
Clay Miller
|
9b283559f1 |
test: integration tests for main.js (#56)
Part of https://github.com/actions/create-github-app-token/issues/43 This PR adds tests for [`main.js`](https://github.com/actions/create-github-app-token/blob/main/lib/main.js), similar to [the tests that already exist for `post.js`](https://github.com/actions/create-github-app-token/tree/main/tests). Specifically, it tests that: - `main` exits with an error when `GITHUB_REPOSITORY` is missing. - `main` exits with an error when `GITHUB_REPOSITORY_OWNER` is missing. - `main` successfully obtains a token when… - …the `owner` and `repositories` inputs are set (and the latter is a single repo). - …the `owner` and `repositories` inputs are set (and the latter is a list of repos). - …the `owner` input is set (to an org), but the `repositories` input isn’t set. - …the `owner` input is set (to a user), but the `repositories` input isn’t set. - …the `owner` input is not set, but the `repositories` input is set. - …neither the `owner` nor `repositories` input is set. ❧ Architecturally, in order to keep individual tests concise, this PR adds `tests/main.js`, which: - sets commonly-used inputs, environment variables, and mocks, then - calls a callback function that can edit the variables and add additional mocks, then - runs `main.js` itself. The `tests/main-token-get-*.test.js` test files run `tests/main.js` with various scenario-specific callback functions. |
||
|
Parker Brown
|
10f155294b |
test: integration tests (#40)
Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com> |