build(release): 3.0.0-beta.6 [skip ci]

# [3.0.0-beta.6](https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.5...v3.0.0-beta.6) (2026-03-13)

### Bug Fixes

* **deps:** bump @actions/core from 1.11.1 to 3.0.0 ([#337](https://github.com/actions/create-github-app-token/issues/337)) ([b044133](https://github.com/actions/create-github-app-token/commit/b04413352d4644ac2131b9a90c074f5e93ca18a1))
* **deps:** bump minimatch from 9.0.5 to 9.0.9 ([#335](https://github.com/actions/create-github-app-token/issues/335)) ([5cbc656](https://github.com/actions/create-github-app-token/commit/5cbc65624c9ddc4589492bda7c8b146223e8c3e4))
* **deps:** bump the production-dependencies group with 4 updates ([#336](https://github.com/actions/create-github-app-token/issues/336)) ([6bda5bc](https://github.com/actions/create-github-app-token/commit/6bda5bc1410576b9a0879ce6076d53345485bba9))
* **deps:** bump undici from 7.16.0 to 7.18.2 ([#323](https://github.com/actions/create-github-app-token/issues/323)) ([b4f638f](https://github.com/actions/create-github-app-token/commit/b4f638f48ee0dcdbb0bc646c48e4cb2a2de847fe))

.github/workflows/test.yml

@@ -61,8 +61,8 @@ jobs:
     # do not run from forks, as forks don’t have access to repository secrets
     if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
     steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v4
         with:
           node-version-file: package.json
           cache: 'npm'

README.md

@@ -9,11 +9,9 @@ GitHub Action for creating a GitHub App installation access token.
 In order to use this action, you need to:
 
 1. [Register new GitHub App](https://docs.github.com/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app).
-2. [Store the App's Client ID in your repository environment variables](https://docs.github.com/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows) (example: `APP_CLIENT_ID`).
+2. [Store the App's ID or Client ID in your repository environment variables](https://docs.github.com/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows) (example: `APP_ID`).
 3. [Store the App's private key in your repository secrets](https://docs.github.com/actions/security-guides/encrypted-secrets?tool=webui#creating-encrypted-secrets-for-a-repository) (example: `PRIVATE_KEY`).
 
-Pass the App's Client ID using the `client-id` input. The legacy `app-id` input remains available for compatibility, but is deprecated.
-
 > [!IMPORTANT]  
 > An installation access token expires after 1 hour. Please [see this comment](https://github.com/actions/create-github-app-token/issues/121#issuecomment-2043214796) for alternative approaches if you have long-running processes.
 
@@ -33,7 +31,7 @@ jobs:
       - uses: actions/create-github-app-token@v3
         id: app-token
         with:
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
       - uses: ./actions/staging-tests
         with:
@@ -53,15 +51,15 @@ jobs:
         id: app-token
         with:
           # required
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
         with:
           token: ${{ steps.app-token.outputs.token }}
           ref: ${{ github.head_ref }}
           # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config
           persist-credentials: false
-      - uses: creyD/prettier_action@v6
+      - uses: creyD/prettier_action@v4.3
         with:
           github_token: ${{ steps.app-token.outputs.token }}
 ```
@@ -79,7 +77,7 @@ jobs:
         id: app-token
         with:
           # required
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
       - name: Get GitHub App User ID
         id: get-user-id
@@ -104,7 +102,7 @@ jobs:
         id: app-token
         with:
           # required
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
       - name: Get GitHub App User ID
         id: get-user-id
@@ -140,10 +138,10 @@ jobs:
       - uses: actions/create-github-app-token@v3
         id: app-token
         with:
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ github.repository_owner }}
-      - uses: peter-evans/create-or-update-comment@v4
+      - uses: peter-evans/create-or-update-comment@v3
         with:
           token: ${{ steps.app-token.outputs.token }}
           issue-number: ${{ github.event.issue.number }}
@@ -162,13 +160,13 @@ jobs:
       - uses: actions/create-github-app-token@v3
         id: app-token
         with:
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ github.repository_owner }}
           repositories: |
             repo1
             repo2
-      - uses: peter-evans/create-or-update-comment@v4
+      - uses: peter-evans/create-or-update-comment@v3
         with:
           token: ${{ steps.app-token.outputs.token }}
           issue-number: ${{ github.event.issue.number }}
@@ -187,10 +185,10 @@ jobs:
       - uses: actions/create-github-app-token@v3
         id: app-token
         with:
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
           owner: another-owner
-      - uses: peter-evans/create-or-update-comment@v4
+      - uses: peter-evans/create-or-update-comment@v3
         with:
           token: ${{ steps.app-token.outputs.token }}
           issue-number: ${{ github.event.issue.number }}
@@ -212,11 +210,11 @@ jobs:
       - uses: actions/create-github-app-token@v3
         id: app-token
         with:
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ github.repository_owner }}
           permission-issues: write
-      - uses: peter-evans/create-or-update-comment@v4
+      - uses: peter-evans/create-or-update-comment@v3
         with:
           token: ${{ steps.app-token.outputs.token }}
           issue-number: ${{ github.event.issue.number }}
@@ -254,7 +252,7 @@ jobs:
       - uses: actions/create-github-app-token@v3
         id: app-token
         with:
-          client-id: ${{ vars.APP_CLIENT_ID }}
+          app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ matrix.owners-and-repos.owner }}
           repositories: ${{ join(matrix.owners-and-repos.repos) }}
@@ -283,7 +281,7 @@ jobs:
         id: create_token
         uses: actions/create-github-app-token@v3
         with:
-          client-id: ${{ vars.GHES_APP_CLIENT_ID }}
+          app-id: ${{ vars.GHES_APP_ID }}
           private-key: ${{ secrets.GHES_APP_PRIVATE_KEY }}
           owner: ${{ vars.GHES_INSTALLATION_ORG }}
           github-api-url: ${{ vars.GITHUB_API_URL }}
@@ -312,24 +310,15 @@ If you set `HTTP_PROXY` or `HTTPS_PROXY`, also set `NODE_USE_ENV_PROXY: "1"` on
     NO_PROXY: github.example.com
     NODE_USE_ENV_PROXY: "1"
   with:
-    client-id: ${{ vars.APP_CLIENT_ID }}
+    app-id: ${{ vars.APP_ID }}
     private-key: ${{ secrets.PRIVATE_KEY }}
 ```
 
 ## Inputs
 
-### `client-id`
-
-**Optional:** GitHub App Client ID. This is the recommended input.
-
 ### `app-id`
 
-**Optional:** GitHub App ID.
-
-> [!WARNING]
-> `app-id` is deprecated. Use `client-id` instead.
-
-You must set either `client-id` or `app-id`. If both are set, `client-id` takes precedence.
+**Required:** GitHub App ID.
 
 ### `private-key`
 
@@ -349,7 +338,7 @@ steps:
     id: app-token
     uses: actions/create-github-app-token@v3
     with:
-      client-id: ${{ vars.APP_CLIENT_ID }}
+      app-id: ${{ vars.APP_ID }}
       private-key: ${{ steps.decode.outputs.private-key }}
 ```
 

action.yml

@@ -5,13 +5,9 @@ branding:
   icon: "lock"
   color: "gray-dark"
 inputs:
-  client-id:
-    description: "GitHub App Client ID"
-    required: false
   app-id:
     description: "GitHub App ID"
-    required: false
-    deprecationMessage: "Use 'client-id' instead."
+    required: true
   private-key:
     description: "GitHub App private key"
     required: true

dist/main.cjs

@@ -23153,7 +23153,7 @@ async function pRetry(input, options = {}) {
 }
 
 // lib/main.js
-async function main(clientId, privateKey, owner, repositories, permissions, core, createAppAuth2, request2, skipTokenRevoke) {
+async function main(appId, privateKey, owner, repositories, permissions, core, createAppAuth2, request2, skipTokenRevoke) {
   let parsedOwner = "";
   let parsedRepositoryNames = [];
   if (!owner && repositories.length === 0) {
@@ -23188,7 +23188,7 @@ async function main(clientId, privateKey, owner, repositories, permissions, core
     );
   }
   const auth5 = createAppAuth2({
-    appId: clientId,
+    appId,
     privateKey,
     request: request2
   });
@@ -23307,17 +23307,14 @@ if (!process.env.GITHUB_REPOSITORY_OWNER) {
 }
 async function run() {
   ensureNativeProxySupport();
-  const clientId = getInput("client-id") || getInput("app-id");
-  if (!clientId) {
-    throw new Error("Either 'client-id' or 'app-id' input must be set");
-  }
+  const appId = getInput("app-id");
   const privateKey = getInput("private-key");
   const owner = getInput("owner");
   const repositories = getInput("repositories").split(/[\n,]+/).map((s) => s.trim()).filter((x) => x !== "");
   const skipTokenRevoke = getBooleanInput("skip-token-revoke");
   const permissions = getPermissionsFromInputs(process.env);
   return main(
-    clientId,
+    appId,
     privateKey,
     owner,
     repositories,

lib/main.js

@@ -2,7 +2,7 @@ import pRetry from "p-retry";
 // @ts-check
 
 /**
- * @param {string} clientId
+ * @param {string} appId
  * @param {string} privateKey
  * @param {string} owner
  * @param {string[]} repositories
@@ -13,7 +13,7 @@ import pRetry from "p-retry";
  * @param {boolean} skipTokenRevoke
  */
 export async function main(
-  clientId,
+  appId,
   privateKey,
   owner,
   repositories,
@@ -70,7 +70,7 @@ export async function main(
   }
 
   const auth = createAppAuth({
-    appId: clientId,
+    appId,
     privateKey,
     request,
   });

main.js

@@ -18,10 +18,7 @@ if (!process.env.GITHUB_REPOSITORY_OWNER) {
 async function run() {
   ensureNativeProxySupport();
 
-  const clientId = core.getInput("client-id") || core.getInput("app-id");
-  if (!clientId) {
-    throw new Error("Either 'client-id' or 'app-id' input must be set");
-  }
+  const appId = core.getInput("app-id");
   const privateKey = core.getInput("private-key");
   const owner = core.getInput("owner");
   const repositories = core
@@ -35,7 +32,7 @@ async function run() {
   const permissions = getPermissionsFromInputs(process.env);
 
   return main(
-    clientId,
+    appId,
     privateKey,
     owner,
     repositories,

package-lock.json

@@ -1,25 +1,26 @@
 {
   "name": "create-github-app-token",
-  "version": "3.0.0",
+  "version": "3.0.0-beta.6",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "create-github-app-token",
-      "version": "3.0.0",
+      "version": "3.0.0-beta.6",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^3.0.0",
         "@octokit/auth-app": "^8.2.0",
         "@octokit/request": "^10.0.8",
-        "p-retry": "^7.1.1"
+        "p-retry": "^7.1.1",
+        "undici": "^7.24.1"
       },
       "devDependencies": {
         "@octokit/openapi": "^21.0.0",
         "c8": "^10.1.3",
+        "dotenv": "^17.3.1",
         "esbuild": "^0.27.3",
         "open-cli": "^8.0.0",
-        "undici": "^7.24.1",
         "yaml": "^2.8.2"
       },
       "engines": {
@@ -1050,6 +1051,19 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/dotenv": {
+      "version": "17.3.1",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.3.1.tgz",
+      "integrity": "sha512-IO8C/dzEb6O3F9/twg6ZLXz164a2fhTnEWb95H23Dm4OuN+92NmEAlTrupP9VW6Jm3sO26tQlqyvyi4CsnY9GA==",
+      "dev": true,
+      "license": "BSD-2-Clause",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://dotenvx.com"
+      }
+    },
     "node_modules/eastasianwidth": {
       "version": "0.2.0",
       "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz",
@@ -1954,7 +1968,6 @@
       "version": "7.24.1",
       "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.1.tgz",
       "integrity": "sha512-5xoBibbmnjlcR3jdqtY2Lnx7WbrD/tHlT01TmvqZUFVc9Q1w4+j5hbnapTqbcXITMH1ovjq/W7BkqBilHiVAaA==",
-      "dev": true,
       "license": "MIT",
       "engines": {
         "node": ">=20.18.1"

package.json

@@ -2,7 +2,7 @@
   "name": "create-github-app-token",
   "private": true,
   "type": "module",
-  "version": "3.0.0",
+  "version": "3.0.0-beta.6",
   "description": "GitHub Action for creating a GitHub App Installation Access Token",
   "engines": {
     "node": ">=24.4.0"
@@ -19,14 +19,15 @@
     "@actions/core": "^3.0.0",
     "@octokit/auth-app": "^8.2.0",
     "@octokit/request": "^10.0.8",
-    "p-retry": "^7.1.1"
+    "p-retry": "^7.1.1",
+    "undici": "^7.24.1"
   },
   "devDependencies": {
     "@octokit/openapi": "^21.0.0",
     "c8": "^10.1.3",
+    "dotenv": "^17.3.1",
     "esbuild": "^0.27.3",
     "open-cli": "^8.0.0",
-    "undici": "^7.24.1",
     "yaml": "^2.8.2"
   },
   "release": {
@@ -43,7 +44,6 @@
       "@semantic-release/release-notes-generator",
       "@semantic-release/github",
       "@semantic-release/npm",
-      "semantic-release-plugin-github-breaking-version-tag",
       [
         "@semantic-release/git",
         {

tests/README.md

@@ -33,4 +33,4 @@ node --test --test-update-snapshots tests/index.js
 We have tests both for the `main.js` and `post.js` scripts.
 
 - If you do not expect an error, take [main-token-permissions-set.test.js](tests/main-token-permissions-set.test.js) as a starting point.
-- If your test has an expected error, take [main-missing-client-and-app-id.test.js](tests/main-missing-client-and-app-id.test.js) as a starting point.
+- If your test has an expected error, take [main-missing-app-id.test.js](tests/main-missing-app-id.test.js) as a starting point.

tests/index.js.snapshot

@@ -1,24 +1,3 @@
-exports[`action-deprecated-inputs.test.js > stdout 1`] = `
-app-id — Use 'client-id' instead.
-`;
-
-exports[`main-client-id.test.js > stdout 1`] = `
-Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
-::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=installation-id::123456
-
-::set-output name=app-slug::github-actions
-::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-::save-state name=expiresAt::2016-07-11T22:14:10Z
---- REQUESTS ---
-GET /repos/actions/create-github-app-token/installation
-POST /app/installations/123456/access_tokens
-{"repositories":["create-github-app-token"]}
-`;
-
 exports[`main-custom-github-api-url.test.js > stdout 1`] = `
 Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
       
@@ -38,19 +17,6 @@ POST /api/v3/app/installations/123456/access_tokens
 {"repositories":["create-github-app-token"]}
 `;
 
-exports[`main-missing-client-and-app-id.test.js > stderr 1`] = `
-Error: Either 'client-id' or 'app-id' input must be set
-    at run (file:///home/runner/work/create-github-app-token/create-github-app-token/main.js:23:11)
-    at file:///home/runner/work/create-github-app-token/create-github-app-token/main.js:51:16
-    at ModuleJob.run (node:internal/modules/esm/module_job:430:25)
-    at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:661:26)
-    at async file:///home/runner/work/create-github-app-token/create-github-app-token/tests/main-missing-client-and-app-id.test.js:12:30
-`;
-
-exports[`main-missing-client-and-app-id.test.js > stdout 1`] = `
-::error::Either 'client-id' or 'app-id' input must be set
-`;
-
 exports[`main-missing-owner.test.js > stderr 1`] = `
 GITHUB_REPOSITORY_OWNER missing, must be set to '<owner>'
 `;

tests/main-client-id.test.js

@@ -1,11 +0,0 @@
-import { DEFAULT_ENV, test } from "./main.js";
-
-// Verify `main` accepts a GitHub App client ID via the `client-id` input
-await test(
-  () => {},
-  {
-    ...DEFAULT_ENV,
-    "INPUT_CLIENT-ID": "Iv1.0123456789abcdef",
-    "INPUT_APP-ID": "",
-  }
-);

tests/main-missing-client-and-app-id.test.js

@@ -1,14 +0,0 @@
-import { DEFAULT_ENV } from "./main.js";
-
-for (const [key, value] of Object.entries({
-  ...DEFAULT_ENV,
-  "INPUT_CLIENT-ID": "",
-  "INPUT_APP-ID": "",
-})) {
-  process.env[key] = value;
-}
-
-// Verify `main` exits with an error when neither `client-id` nor `app-id` is set.
-const { default: promise } = await import("../main.js");
-await promise;
-process.exitCode = 0;