actions/create-github-app-token
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: actions/create-github-app-token:v1.1.0
Branches Tags
actions/create-github-app-token:main actions/create-github-app-token:parkerbxyz/fix-repositories-github-repository actions/create-github-app-token:release-please--branches--main--components--create-github-app-token actions/create-github-app-token:parkerbxyz/add-git-commit-signing actions/create-github-app-token:enterprise-app-enterprise-slug actions/create-github-app-token:parkerbxyz/dependabot-multi-ecosystem-groups actions/create-github-app-token:pr-353 actions/create-github-app-token:parkerbxyz/proxy-support actions/create-github-app-token:parkerbxyz/test-proxy actions/create-github-app-token:nothing-to-see-here
actions/create-github-app-token:v3.1.1 actions/create-github-app-token:v3 actions/create-github-app-token:v3.1.0 actions/create-github-app-token:v3.0.0 actions/create-github-app-token:v3.0.0-beta.6 actions/create-github-app-token:v2.2.2 actions/create-github-app-token:v2 actions/create-github-app-token:v3.0.0-beta.5 actions/create-github-app-token:v3.0.0-beta.4 actions/create-github-app-token:v3.0.0-beta.3 actions/create-github-app-token:v2.2.1 actions/create-github-app-token:v2.2.0 actions/create-github-app-token:v2.1.4 actions/create-github-app-token:v2.1.3 actions/create-github-app-token:v2.1.2 actions/create-github-app-token:v3.0.0-beta.2 actions/create-github-app-token:v3.0.0-beta.1 actions/create-github-app-token:v2.1.1 actions/create-github-app-token:v2.1.0 actions/create-github-app-token:v2.0.6 actions/create-github-app-token:v2.0.5 actions/create-github-app-token:v2.0.4 actions/create-github-app-token:v2.0.3 actions/create-github-app-token:v2.0.2 actions/create-github-app-token:v2.0.1 actions/create-github-app-token:v2.0.0 actions/create-github-app-token:v1.12.0 actions/create-github-app-token:v1 actions/create-github-app-token:v1.11.7 actions/create-github-app-token:v1.11.6 actions/create-github-app-token:v1.11.5 actions/create-github-app-token:v1.11.4 actions/create-github-app-token:v1.11.3 actions/create-github-app-token:v1.11.2 actions/create-github-app-token:v1.11.1 actions/create-github-app-token:v1.11.0 actions/create-github-app-token:v1.10.4 actions/create-github-app-token:v1.10.3 actions/create-github-app-token:v1.10.2 actions/create-github-app-token:v1.10.1 actions/create-github-app-token:v1.10.0 actions/create-github-app-token:v1.9.3 actions/create-github-app-token:v1.9.2 actions/create-github-app-token:v1.9.1 actions/create-github-app-token:v1.9.0 actions/create-github-app-token:v1.8.2 actions/create-github-app-token:v1.8.1 actions/create-github-app-token:v1.8.0 actions/create-github-app-token:v1.7.0 actions/create-github-app-token:v1.6.4 actions/create-github-app-token:v1.6.3 actions/create-github-app-token:v1.6.2 actions/create-github-app-token:v1.6.1 actions/create-github-app-token:v1.6.0 actions/create-github-app-token:v1.5.1 actions/create-github-app-token:v1.5.0 actions/create-github-app-token:v1.4.0 actions/create-github-app-token:v1.3.0 actions/create-github-app-token:v1.2.2 actions/create-github-app-token:v1.2.1 actions/create-github-app-token:v1.2.0 actions/create-github-app-token:v1.1.5 actions/create-github-app-token:v1.1.4 actions/create-github-app-token:v1.1.3 actions/create-github-app-token:v1.1.2 actions/create-github-app-token:v1.1.1 actions/create-github-app-token:v1.1.0 actions/create-github-app-token:v1.0.5 actions/create-github-app-token:v1.0.4 actions/create-github-app-token:v1.0.3 actions/create-github-app-token:v1.0.2 actions/create-github-app-token:v1.0.1 actions/create-github-app-token:v1.0.0
...
compare: actions/create-github-app-token:v1.2.1
Branches Tags
actions/create-github-app-token:main actions/create-github-app-token:parkerbxyz/fix-repositories-github-repository actions/create-github-app-token:release-please--branches--main--components--create-github-app-token actions/create-github-app-token:parkerbxyz/add-git-commit-signing actions/create-github-app-token:enterprise-app-enterprise-slug actions/create-github-app-token:parkerbxyz/dependabot-multi-ecosystem-groups actions/create-github-app-token:pr-353 actions/create-github-app-token:parkerbxyz/proxy-support actions/create-github-app-token:parkerbxyz/test-proxy actions/create-github-app-token:nothing-to-see-here
actions/create-github-app-token:v3.1.1 actions/create-github-app-token:v3 actions/create-github-app-token:v3.1.0 actions/create-github-app-token:v3.0.0 actions/create-github-app-token:v3.0.0-beta.6 actions/create-github-app-token:v2.2.2 actions/create-github-app-token:v2 actions/create-github-app-token:v3.0.0-beta.5 actions/create-github-app-token:v3.0.0-beta.4 actions/create-github-app-token:v3.0.0-beta.3 actions/create-github-app-token:v2.2.1 actions/create-github-app-token:v2.2.0 actions/create-github-app-token:v2.1.4 actions/create-github-app-token:v2.1.3 actions/create-github-app-token:v2.1.2 actions/create-github-app-token:v3.0.0-beta.2 actions/create-github-app-token:v3.0.0-beta.1 actions/create-github-app-token:v2.1.1 actions/create-github-app-token:v2.1.0 actions/create-github-app-token:v2.0.6 actions/create-github-app-token:v2.0.5 actions/create-github-app-token:v2.0.4 actions/create-github-app-token:v2.0.3 actions/create-github-app-token:v2.0.2 actions/create-github-app-token:v2.0.1 actions/create-github-app-token:v2.0.0 actions/create-github-app-token:v1.12.0 actions/create-github-app-token:v1 actions/create-github-app-token:v1.11.7 actions/create-github-app-token:v1.11.6 actions/create-github-app-token:v1.11.5 actions/create-github-app-token:v1.11.4 actions/create-github-app-token:v1.11.3 actions/create-github-app-token:v1.11.2 actions/create-github-app-token:v1.11.1 actions/create-github-app-token:v1.11.0 actions/create-github-app-token:v1.10.4 actions/create-github-app-token:v1.10.3 actions/create-github-app-token:v1.10.2 actions/create-github-app-token:v1.10.1 actions/create-github-app-token:v1.10.0 actions/create-github-app-token:v1.9.3 actions/create-github-app-token:v1.9.2 actions/create-github-app-token:v1.9.1 actions/create-github-app-token:v1.9.0 actions/create-github-app-token:v1.8.2 actions/create-github-app-token:v1.8.1 actions/create-github-app-token:v1.8.0 actions/create-github-app-token:v1.7.0 actions/create-github-app-token:v1.6.4 actions/create-github-app-token:v1.6.3 actions/create-github-app-token:v1.6.2 actions/create-github-app-token:v1.6.1 actions/create-github-app-token:v1.6.0 actions/create-github-app-token:v1.5.1 actions/create-github-app-token:v1.5.0 actions/create-github-app-token:v1.4.0 actions/create-github-app-token:v1.3.0 actions/create-github-app-token:v1.2.2 actions/create-github-app-token:v1.2.1 actions/create-github-app-token:v1.2.0 actions/create-github-app-token:v1.1.5 actions/create-github-app-token:v1.1.4 actions/create-github-app-token:v1.1.3 actions/create-github-app-token:v1.1.2 actions/create-github-app-token:v1.1.1 actions/create-github-app-token:v1.1.0 actions/create-github-app-token:v1.0.5 actions/create-github-app-token:v1.0.4 actions/create-github-app-token:v1.0.3 actions/create-github-app-token:v1.0.2 actions/create-github-app-token:v1.0.1 actions/create-github-app-token:v1.0.0

18 Commits
v1.1.0 ... v1.2.1

Author SHA1 Message Date
semantic-release-bot 49ce228ea7 build(release): 1.2.1 [skip ci] 
## [1.2.1](https://github.com/actions/create-github-app-token/compare/v1.2.0...v1.2.1) (2023-08-30)

### Bug Fixes

* **GHES:** respect `GITHUB_API_URL` when creating installation access token ([#38](https://github.com/actions/create-github-app-token/issues/38)) ([c08c5ac](https://github.com/actions/create-github-app-token/commit/c08c5ace340664df431bf7f11d51b61d92358c2b)), closes [#36](https://github.com/actions/create-github-app-token/issues/36)
 2023-08-30 05:30:14 +00:00
Gregor Martynus c08c5ace34 fix(GHES): respect GITHUB_API_URL when creating installation access token (#38) 
Follow up to #36. I just wanted to do some refactoring but turns out I
missed to pass the custom `request` instance to `createAppAuth`. It will
fallback to the default `request` which does not respect
`GITHUB_API_URL`
 2023-08-29 22:29:41 -07:00
semantic-release-bot c72844caa4 build(release): 1.2.0 [skip ci] 
# [1.2.0](https://github.com/actions/create-github-app-token/compare/v1.1.5...v1.2.0) (2023-08-29)

### Features

* add GitHub Enterprise Server (GHES) support ([#36](https://github.com/actions/create-github-app-token/issues/36)) ([ede6c15](https://github.com/actions/create-github-app-token/commit/ede6c158812854da7c63aa6635138d168de14bea))
 2023-08-29 23:14:09 +00:00
7Hazard ede6c15881 feat: add GitHub Enterprise Server (GHES) support (#36) 
This adds support for this action to be used in GitHub Enterprise
Server.

It sends request to the base url extracted from
[GITHUB_API_URL](https://docs.github.com/en/enterprise-server@3.10/actions/learn-github-actions/variables#default-environment-variables).

---------

Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com>
 2023-08-29 16:13:34 -07:00
semantic-release-bot 17cde8a7d8 build(release): 1.1.5 [skip ci] 
## [1.1.5](https://github.com/actions/create-github-app-token/compare/v1.1.4...v1.1.5) (2023-08-28)

### Bug Fixes

* **release:** update version in `package.json` ([#35](https://github.com/actions/create-github-app-token/issues/35)) ([1dccc4c](https://github.com/actions/create-github-app-token/commit/1dccc4ccc6e1df7d6adc1bde339ce0d7a2ea7df7)), closes [#34](https://github.com/actions/create-github-app-token/issues/34)
 2023-08-28 22:38:26 +00:00
Gregor Martynus 1dccc4ccc6 fix(release): update version in package.json (#35) 
closes #34

Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
 2023-08-28 15:37:47 -07:00
semantic-release-bot 35d8ea9fdb build(release): 1.1.4 [skip ci] 
## [1.1.4](https://github.com/actions/create-github-app-token/compare/v1.1.3...v1.1.4) (2023-08-28)

### Bug Fixes

* **release:** build `dist/` before release ([#33](https://github.com/actions/create-github-app-token/issues/33)) ([9a6a017](https://github.com/actions/create-github-app-token/commit/9a6a017c104eb1b36533ee8195e814f567934ce8)), closes [#32](https://github.com/actions/create-github-app-token/issues/32)
 2023-08-28 22:29:27 +00:00
Gregor Martynus 9a6a017c10 fix(release): build dist/ before release (#33) 
closes #32
 2023-08-28 15:28:55 -07:00
David Sanders 2540ed49e5 fix: check for token before revoking (#30) 
Check before trying to revoke the token, in case the token generation
failed. Otherwise the post step will throw an error.

---------

Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com>
 2023-08-28 15:14:31 -07:00
Josh Gross 5611f921d9 docs(README): clarify token masking (#29) 
With #13, this action is explicitly masking the token so we don't need to mention that we're relying on a specific format of GitHub tokens being masked by the runner.
 2023-08-25 21:51:50 -07:00
Parker Brown bc256c234b fix: mask the installation token in logs (#28) 
The runner will automatically mask GitHub token formats it recognizes,
but sometimes a new pattern rolls out before the runner is updated to
recognize it.
 2023-08-25 11:59:01 -07:00
Parker Brown 04f8ace9a0 build(dependabot): group dependency updates by type and configure commit prefixes (#27) 
- Group production and development dependency updates
- Configure dependency update commit prefixes to release on production
dependency updates

  Dependabot commit messages before:

  - `build(deps): bump semver from 7.5.1 to 7.5.4`
  - `build(deps-dev): bump dotenv from 16.0.3 to 16.3.1`

  Dependabot commit messages after:

  - `fix(deps): bump semver from 7.5.1 to 7.5.4`
- `build(deps-dev): bump dotenv from 16.0.3 to 16.3.1` (no change to dev
dependencies)
 2023-08-25 09:01:54 -07:00
Parker Brown 4fd0ce7c29 ci(test): run on pull request and add concurrency configuration (#17) 
- Run test on pull requests to the main branch instead of on every push
- Cancel in-progress workflows if a PR is updated (i.e., a new commit is
pushed) and the same workflows are triggered to run again
- Rename step ID from `demo` to `test`

---------

Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com>
 2023-08-24 15:30:49 -07:00
Gregor Martynus 27ab48741c ci(release): use installation access token to checkout and push back changes (#26) 2023-08-23 10:57:42 -07:00
Gregor Martynus b287cb86e2 fix(deps): update @octokit packages to latest (#24) 2023-08-22 12:14:42 -07:00
dependabot[bot] 73a9531b26 build(deps-dev): bump dotenv from 16.0.3 to 16.3.1 (#18) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.0.3 to
16.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md">dotenv's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.3.0...v16.3.1">16.3.1</a>
(2023-06-17)</h2>
<h3>Added</h3>
<ul>
<li>Add missing type definitions for <code>processEnv</code> and
<code>DOTENV_KEY</code> options. <a
href="https://redirect.github.com/motdotla/dotenv/pull/756">#756</a></li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.2.0...v16.3.0">16.3.0</a>
(2023-06-16)</h2>
<h3>Added</h3>
<ul>
<li>Optionally pass <code>DOTENV_KEY</code> to options rather than
relying on <code>process.env.DOTENV_KEY</code>. Defaults to
<code>process.env.DOTENV_KEY</code> <a
href="https://redirect.github.com/motdotla/dotenv/pull/754">#754</a></li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.1.4...v16.2.0">16.2.0</a>
(2023-06-15)</h2>
<h3>Added</h3>
<ul>
<li>Optionally write to your own target object rather than
<code>process.env</code>. Defaults to <code>process.env</code>. <a
href="https://redirect.github.com/motdotla/dotenv/pull/753">#753</a></li>
<li>Add import type URL to types file <a
href="https://redirect.github.com/motdotla/dotenv/pull/751">#751</a></li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.1.3...v16.1.4">16.1.4</a>
(2023-06-04)</h2>
<h3>Added</h3>
<ul>
<li>Added <code>.github/</code> to <code>.npmignore</code> <a
href="https://redirect.github.com/motdotla/dotenv/pull/747">#747</a></li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.1.2...v16.1.3">16.1.3</a>
(2023-05-31)</h2>
<h3>Removed</h3>
<ul>
<li>Removed <code>browser</code> keys for <code>path</code>,
<code>os</code>, and <code>crypto</code> in package.json. These were set
to false incorrectly as of 16.1. Instead, if using dotenv on the
front-end make sure to include polyfills for <code>path</code>,
<code>os</code>, and <code>crypto</code>. <a
href="https://github.com/Richienb/node-polyfill-webpack-plugin">node-polyfill-webpack-plugin</a>
provides these.</li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.1.1...v16.1.2">16.1.2</a>
(2023-05-31)</h2>
<h3>Changed</h3>
<ul>
<li>Exposed private function <code>_configDotenv</code> as
<code>configDotenv</code>. <a
href="https://redirect.github.com/motdotla/dotenv/pull/744">#744</a></li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.1.0...v16.1.1">16.1.1</a>
(2023-05-30)</h2>
<h3>Added</h3>
<ul>
<li>Added type definition for <code>decrypt</code> function</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Fixed <code>{crypto: false}</code> in
<code>packageJson.browser</code></li>
</ul>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.0.3...v16.1.0">16.1.0</a>
(2023-05-30)</h2>
<h3>Added</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/motdotla/dotenv/commit/b13ca7bbdae868e2565db1188a033761ff59cb47"><code>b13ca7b</code></a>
16.3.1</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/9bcc2e716c5dc6c9aa00efdd95f60e5fdf316623"><code>9bcc2e7</code></a>
Merge pull request <a
href="https://redirect.github.com/motdotla/dotenv/issues/756">#756</a>
from motdotla/type-fix</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/80fff4bbf052c68e51b7a3efcca6e9322621202a"><code>80fff4b</code></a>
Add type definition for DOTENV_KEY</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/50163a1de9ae392fef03600350fef7d043e26361"><code>50163a1</code></a>
update type file</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/5c7d7f5f3ffa7b130a9630ff9b9639c0dea1ca77"><code>5c7d7f5</code></a>
Add example demonstrating setting DOTENV_KEY</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/76d3682e104f10440c8c6085fe27556f828cb48e"><code>76d3682</code></a>
16.3.0</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/80219ae50e64443f1bc21e87c6eeb74d639a297c"><code>80219ae</code></a>
Merge pull request <a
href="https://redirect.github.com/motdotla/dotenv/issues/754">#754</a>
from motdotla/dotenv-key-option</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/dacd4501580e3830ee6298cc6556a33ba88a94d4"><code>dacd450</code></a>
Add DOTENV_KEY to cli config and environment config options</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/f20e646603bfe11d0444529774be5afce31a3089"><code>f20e646</code></a>
Add options.DOTENV_KEY</li>
<li><a
href="https://github.com/motdotla/dotenv/commit/5861f6a94abceddb6746f4b459919c548db95f47"><code>5861f6a</code></a>
Add failing test demonstrating need for DOTENV_KEY option</li>
<li>Additional commits viewable in <a
href="https://github.com/motdotla/dotenv/compare/v16.0.3...v16.3.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dotenv&package-manager=npm_and_yarn&previous-version=16.0.3&new-version=16.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-22 10:29:05 -07:00
dependabot[bot] bc0f04c81b build(deps): bump semver from 7.5.1 to 7.5.4 (#14) 
Bumps [semver](https://github.com/npm/node-semver) from 7.5.1 to 7.5.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.5.4</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.3...v7.5.4">7.5.4</a>
(2023-07-07)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/cc6fde2d34b95cb600d126649d926901bd2a9703"><code>cc6fde2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/588">#588</a>
trim each range set before parsing (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/99d8287516a1d2abf0286033e2e26eca6b69c09f"><code>99d8287</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/583">#583</a>
correctly parse long build ids as valid (<a
href="https://redirect.github.com/npm/node-semver/issues/583">#583</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
</ul>
<h2>v7.5.3</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.2...v7.5.3">7.5.3</a>
(2023-06-22)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/abdd93d55496d22e3c15a454a5cf13f101e48bce"><code>abdd93d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/571">#571</a>
set max lengths in regex for numeric and build identifiers (<a
href="https://redirect.github.com/npm/node-semver/issues/571">#571</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/bf53dd8da15a17eb6b8111115d0d8ef341fea5db"><code>bf53dd8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/569">#569</a>
add example for <code>&gt;</code> comparator (<a
href="https://redirect.github.com/npm/node-semver/issues/569">#569</a>)
(<a href="https://github.com/mbtools"><code>@​mbtools</code></a>)</li>
</ul>
<h2>v7.5.2</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.1...v7.5.2">7.5.2</a>
(2023-06-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/58c791f40ba8cf4be35a5ca6644353ecd6249edc"><code>58c791f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/566">#566</a>
diff when detecting major change from prerelease (<a
href="https://redirect.github.com/npm/node-semver/issues/566">#566</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/5c8efbcb3c6c125af10746d054faff13e8c33fbd"><code>5c8efbc</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/565">#565</a>
preserve build in raw after inc (<a
href="https://redirect.github.com/npm/node-semver/issues/565">#565</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"><code>717534e</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/564">#564</a>
better handling of whitespace (<a
href="https://redirect.github.com/npm/node-semver/issues/564">#564</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.3...v7.5.4">7.5.4</a>
(2023-07-07)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/cc6fde2d34b95cb600d126649d926901bd2a9703"><code>cc6fde2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/588">#588</a>
trim each range set before parsing (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/99d8287516a1d2abf0286033e2e26eca6b69c09f"><code>99d8287</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/583">#583</a>
correctly parse long build ids as valid (<a
href="https://redirect.github.com/npm/node-semver/issues/583">#583</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
</ul>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.2...v7.5.3">7.5.3</a>
(2023-06-22)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/abdd93d55496d22e3c15a454a5cf13f101e48bce"><code>abdd93d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/571">#571</a>
set max lengths in regex for numeric and build identifiers (<a
href="https://redirect.github.com/npm/node-semver/issues/571">#571</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/bf53dd8da15a17eb6b8111115d0d8ef341fea5db"><code>bf53dd8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/569">#569</a>
add example for <code>&gt;</code> comparator (<a
href="https://redirect.github.com/npm/node-semver/issues/569">#569</a>)
(<a href="https://github.com/mbtools"><code>@​mbtools</code></a>)</li>
</ul>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.1...v7.5.2">7.5.2</a>
(2023-06-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/58c791f40ba8cf4be35a5ca6644353ecd6249edc"><code>58c791f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/566">#566</a>
diff when detecting major change from prerelease (<a
href="https://redirect.github.com/npm/node-semver/issues/566">#566</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/5c8efbcb3c6c125af10746d054faff13e8c33fbd"><code>5c8efbc</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/565">#565</a>
preserve build in raw after inc (<a
href="https://redirect.github.com/npm/node-semver/issues/565">#565</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"><code>717534e</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/564">#564</a>
better handling of whitespace (<a
href="https://redirect.github.com/npm/node-semver/issues/564">#564</a>)
(<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/npm/node-semver/commit/36cd334708ec1f85a71445622fb1864bceee0f4e"><code>36cd334</code></a>
chore: release 7.5.4</li>
<li><a
href="https://github.com/npm/node-semver/commit/8456d87971a447ce295d9f1a396b37b29a972a63"><code>8456d87</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="https://github.com/npm/node-semver/commit/dde1f002baadf7b4cc45504c4046d13586de11b7"><code>dde1f00</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="https://github.com/npm/node-semver/commit/dffcd1b07ec6a192bc0fb405d30d19da46fdc690"><code>dffcd1b</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.16.0 to
4.17.0</li>
<li><a
href="https://github.com/npm/node-semver/commit/d619f66513a0fa953177882ecee2c365a65efe97"><code>d619f66</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="https://github.com/npm/node-semver/commit/3bc42477d1a69361eb79978851be090e5fb4bc2a"><code>3bc4247</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.15.1 to
4.16.0</li>
<li><a
href="https://github.com/npm/node-semver/commit/cc6fde2d34b95cb600d126649d926901bd2a9703"><code>cc6fde2</code></a>
fix: trim each range set before parsing</li>
<li><a
href="https://github.com/npm/node-semver/commit/99d8287516a1d2abf0286033e2e26eca6b69c09f"><code>99d8287</code></a>
fix: correctly parse long build ids as valid (<a
href="https://redirect.github.com/npm/node-semver/issues/583">#583</a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/4f0f6b19a54b1ba7e1c62af2dfba61f7a4fa68d5"><code>4f0f6b1</code></a>
chore: fix arguments in whitespace test (<a
href="https://redirect.github.com/npm/node-semver/issues/574">#574</a>)</li>
<li><a
href="https://github.com/npm/node-semver/commit/6bd1a37f95904512015353a3a5dd726f785c9eb8"><code>6bd1a37</code></a>
chore: remove duplicate test in semver class (<a
href="https://redirect.github.com/npm/node-semver/issues/575">#575</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/npm/node-semver/compare/v7.5.1...v7.5.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=semver&package-manager=npm_and_yarn&previous-version=7.5.1&new-version=7.5.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/actions/create-github-app-token/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-22 10:27:16 -07:00
dependabot[bot] 1fc9983a3b build(deps-dev): bump esbuild from 0.17.19 to 0.19.2 (#19) 
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.17.19 to
0.19.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.19.2</h2>
<ul>
<li>
<p>Update how CSS nesting is parsed again</p>
<p>CSS nesting syntax has been changed again, and esbuild has been
updated to match. Type selectors may now be used with CSS nesting:</p>
<pre lang="css"><code>.foo {
  div {
    color: red;
  }
}
</code></pre>
<p>Previously this was disallowed in the CSS specification because it's
ambiguous whether an identifier is a declaration or a nested rule
starting with a type selector without requiring unbounded lookahead in
the parser. It has now been allowed because the CSS working group has
decided that requiring unbounded lookahead is acceptable after all.</p>
<p>Note that this change means esbuild no longer considers any existing
browser to support CSS nesting since none of the existing browsers
support this new syntax. CSS nesting will now always be transformed when
targeting a browser. This situation will change in the future as
browsers add support for this new syntax.</p>
</li>
<li>
<p>Fix a scope-related bug with <code>--drop-labels=</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/3311">#3311</a>)</p>
<p>The recently-released <code>--drop-labels=</code> feature previously
had a bug where esbuild's internal scope stack wasn't being restored
properly when a statement with a label was dropped. This could manifest
as a tree-shaking issue, although it's possible that this could have
also been causing other subtle problems too. The bug has been fixed in
this release.</p>
</li>
<li>
<p>Make renamed CSS names unique across entry points (<a
href="https://redirect.github.com/evanw/esbuild/issues/3295">#3295</a>)</p>
<p>Previously esbuild's generated names for local names in CSS were only
unique within a given entry point (or across all entry points when code
splitting was enabled). That meant that building multiple entry points
with esbuild could result in local names being renamed to the same
identifier even when those entry points were built simultaneously within
a single esbuild API call. This problem was especially likely to happen
with minification enabled. With this release, esbuild will now avoid
renaming local names from two separate entry points to the same name if
those entry points were built with a single esbuild API call, even when
code splitting is disabled.</p>
</li>
<li>
<p>Fix CSS ordering bug with <code>@layer</code> before
<code>@import</code></p>
<p>CSS lets you put <code>@layer</code> rules before
<code>@import</code> rules to define the order of layers in a
stylesheet. Previously esbuild's CSS bundler incorrectly ordered these
after the imported files because before the introduction of cascade
layers to CSS, imported files could be bundled by removing the
<code>@import</code> rules and then joining files together in the right
order. But with <code>@layer</code>, CSS files may now need to be split
apart into multiple pieces in the bundle. For example:</p>
<pre><code>/* Original code */
@layer start;
@import &quot;data:text/css,@layer inner.start;&quot;;
@import &quot;data:text/css,@layer inner.end;&quot;;
@layer end;
<p>/* Old output (with --bundle) */
<a href="https://github.com/layer"><code>@​layer</code></a> inner.start;
<a href="https://github.com/layer"><code>@​layer</code></a> inner.end;
<a href="https://github.com/layer"><code>@​layer</code></a> start;
<a href="https://github.com/layer"><code>@​layer</code></a> end;</p>
<p>/* New output (with --bundle) */
<a href="https://github.com/layer"><code>@​layer</code></a> start;
<a href="https://github.com/layer"><code>@​layer</code></a> inner.start;
<a href="https://github.com/layer"><code>@​layer</code></a> inner.end;
<a href="https://github.com/layer"><code>@​layer</code></a> end;
</code></pre></p>
</li>
<li>
<p>Unwrap nested duplicate <code>@media</code> rules (<a
href="https://redirect.github.com/evanw/esbuild/issues/3226">#3226</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h2>0.19.2</h2>
<ul>
<li>
<p>Update how CSS nesting is parsed again</p>
<p>CSS nesting syntax has been changed again, and esbuild has been
updated to match. Type selectors may now be used with CSS nesting:</p>
<pre lang="css"><code>.foo {
  div {
    color: red;
  }
}
</code></pre>
<p>Previously this was disallowed in the CSS specification because it's
ambiguous whether an identifier is a declaration or a nested rule
starting with a type selector without requiring unbounded lookahead in
the parser. It has now been allowed because the CSS working group has
decided that requiring unbounded lookahead is acceptable after all.</p>
<p>Note that this change means esbuild no longer considers any existing
browser to support CSS nesting since none of the existing browsers
support this new syntax. CSS nesting will now always be transformed when
targeting a browser. This situation will change in the future as
browsers add support for this new syntax.</p>
</li>
<li>
<p>Fix a scope-related bug with <code>--drop-labels=</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/3311">#3311</a>)</p>
<p>The recently-released <code>--drop-labels=</code> feature previously
had a bug where esbuild's internal scope stack wasn't being restored
properly when a statement with a label was dropped. This could manifest
as a tree-shaking issue, although it's possible that this could have
also been causing other subtle problems too. The bug has been fixed in
this release.</p>
</li>
<li>
<p>Make renamed CSS names unique across entry points (<a
href="https://redirect.github.com/evanw/esbuild/issues/3295">#3295</a>)</p>
<p>Previously esbuild's generated names for local names in CSS were only
unique within a given entry point (or across all entry points when code
splitting was enabled). That meant that building multiple entry points
with esbuild could result in local names being renamed to the same
identifier even when those entry points were built simultaneously within
a single esbuild API call. This problem was especially likely to happen
with minification enabled. With this release, esbuild will now avoid
renaming local names from two separate entry points to the same name if
those entry points were built with a single esbuild API call, even when
code splitting is disabled.</p>
</li>
<li>
<p>Fix CSS ordering bug with <code>@layer</code> before
<code>@import</code></p>
<p>CSS lets you put <code>@layer</code> rules before
<code>@import</code> rules to define the order of layers in a
stylesheet. Previously esbuild's CSS bundler incorrectly ordered these
after the imported files because before the introduction of cascade
layers to CSS, imported files could be bundled by removing the
<code>@import</code> rules and then joining files together in the right
order. But with <code>@layer</code>, CSS files may now need to be split
apart into multiple pieces in the bundle. For example:</p>
<pre><code>/* Original code */
@layer start;
@import &quot;data:text/css,@layer inner.start;&quot;;
@import &quot;data:text/css,@layer inner.end;&quot;;
@layer end;
<p>/* Old output (with --bundle) */
<a href="https://github.com/layer"><code>@​layer</code></a> inner.start;
<a href="https://github.com/layer"><code>@​layer</code></a> inner.end;
<a href="https://github.com/layer"><code>@​layer</code></a> start;
<a href="https://github.com/layer"><code>@​layer</code></a> end;</p>
<p>/* New output (with --bundle) */
<a href="https://github.com/layer"><code>@​layer</code></a> start;
<a href="https://github.com/layer"><code>@​layer</code></a> inner.start;
<a href="https://github.com/layer"><code>@​layer</code></a> inner.end;
<a href="https://github.com/layer"><code>@​layer</code></a> end;
</code></pre></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/evanw/esbuild/commit/09a100124e9daef9e0be57d21cc7729c6f3516e7"><code>09a1001</code></a>
publish 0.19.2 to npm</li>
<li><a
href="https://github.com/evanw/esbuild/commit/4d9b764f11b8f52024c798f3e3361be9f575b1cc"><code>4d9b764</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3311">#3311</a>:
pop scope after <code>--drop-labels=</code> runs</li>
<li><a
href="https://github.com/evanw/esbuild/commit/f2d23b294e41253062f6c49fd7e339dfb8019940"><code>f2d23b2</code></a>
fix some typos</li>
<li><a
href="https://github.com/evanw/esbuild/commit/e76780c041b15fbf5d273861af2a95707f1621f1"><code>e76780c</code></a>
css: further changes to css nesting syntax</li>
<li><a
href="https://github.com/evanw/esbuild/commit/71f4a5aff3c943d2f44c606337a9a4d5ef530e31"><code>71f4a5a</code></a>
update compat-table (note: css nesting changed)</li>
<li><a
href="https://github.com/evanw/esbuild/commit/eb667c35bd1c32b3ea2fc5f56326665298131b3a"><code>eb667c3</code></a>
css: try to merge adjacent <code>@layer</code> rules together</li>
<li><a
href="https://github.com/evanw/esbuild/commit/f7596931bb79ab8708dd630aa729d49bc68bbbbd"><code>f759693</code></a>
css: fix ordering with <code>@layer</code> before
<code>@import</code></li>
<li><a
href="https://github.com/evanw/esbuild/commit/c73f0f8fc9185f7b2335363a2f8b98e29077a327"><code>c73f0f8</code></a>
css: extract wrapping logic to a helper function</li>
<li><a
href="https://github.com/evanw/esbuild/commit/a05a2f9c7a91dbe32202f4e963c8aca9ec24481d"><code>a05a2f9</code></a>
css: make source index on compile results optional</li>
<li><a
href="https://github.com/evanw/esbuild/commit/bb16fb7a92f07136d4b5b6a07132367e6533dc59"><code>bb16fb7</code></a>
css: parser separates layers pre/post <code>@import</code></li>
<li>Additional commits viewable in <a
href="https://github.com/evanw/esbuild/compare/v0.17.19...v0.19.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=esbuild&package-manager=npm_and_yarn&previous-version=0.17.19&new-version=0.19.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-22 10:27:02 -07:00
13 changed files with 1320 additions and 7041 deletions
Expand all files Collapse all files
.github/dependabot.yml
+9
View File
@@ -4,6 +4,15 @@ updates:
directory: "/"
schedule:
interval: "monthly"
groups:
production-dependencies:
dependency-type: "production"
development-dependencies:
dependency-type: "development"
commit-message:
prefix: "fix"
prefix-development: "build"
include: "scope"
- package-ecosystem: "github-actions"
directory: "/"
schedule:
.github/workflows/release.yml
+6 -9
View File
@@ -14,19 +14,16 @@ jobs:
name: release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
cache: npm
node-version: lts/*
- run: npm ci
- run: npm run build
- uses: ./ # Uses the action in the root directory
- uses: actions/create-github-app-token@v1
id: app-token
with:
app_id: ${{ vars.RELEASER_APP_ID }}
private_key: ${{ secrets.RELEASER_APP_PRIVATE_KEY }}
- uses: actions/checkout@v3
with:
token: ${{ steps.app-token.outputs.token }}
- run: npm install --no-save @semantic-release/git semantic-release-plugin-github-breaking-version-tag
- run: npx semantic-release
- run: npm run build
- run: npx semantic-release --debug
env:
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
.github/workflows/test.yml
+8 -3
View File
@@ -1,5 +1,10 @@
name: test
on: [push]
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
test:
@@ -13,14 +18,14 @@ jobs:
- run: npm ci
- run: npm run build
- uses: ./ # Uses the action in the root directory
id: demo
id: test
with:
app_id: ${{ vars.TEST_APP_ID }}
private_key: ${{ secrets.TEST_APP_PRIVATE_KEY }}
- uses: octokit/request-action@v2.x
id: get-repository
env:
GITHUB_TOKEN: ${{ steps.demo.outputs.token }}
GITHUB_TOKEN: ${{ steps.test.outputs.token }}
with:
route: GET /installation/repositories
- run: echo '${{ steps.get-repository.outputs.data }}'
README.md
+1 -1
View File
@@ -81,7 +81,7 @@ The action creates an installation access token using [the `POST /app/installati
2. The token inherits all the installation's permissions.
3. The token is set as output `token` which can be used in subsequent steps.
4. The token is revoked in the `post` step of the action, which means it cannot be passed to another job.
5. The token is masked, it cannot be logged accidentally. That is not a feature by the action, but by the GitHub Actions runner itself, due to the specific format of GitHub tokens.
5. The token is masked, it cannot be logged accidentally.
> [!NOTE]
> Installation permissions can differ from the app's permissions they belong to. Installation permissions are set when an app is installed on an account. When the app adds more permissions after the installation, an account administrator will have to approve the new permissions before they are set on the installation.
dist/main.cjs
Vendored
+805 -3566
View File
File diff suppressed because one or more lines are too long
dist/post.cjs
Vendored
+262 -3215
View File
File diff suppressed because one or more lines are too long
lib/main.js
+7 -7
View File
@@ -1,16 +1,12 @@
// @ts-check
import core from "@actions/core";
import { createAppAuth } from "@octokit/auth-app";
import { request } from "@octokit/request";
/**
* @param {string} appId
* @param {string} privateKey
* @param {string} repository
* @param {core} core
* @param {createAppAuth} createAppAuth
* @param {request} request
* @param {import("@actions/core")} core
* @param {import("@octokit/auth-app").createAppAuth} createAppAuth
* @param {import("@octokit/request").request} request
*/
export async function main(
appId,
@@ -26,6 +22,7 @@ export async function main(
const auth = createAppAuth({
appId,
privateKey,
request,
});
const appAuthentication = await auth({
@@ -52,6 +49,9 @@ export async function main(
repositoryNames: [repo],
});
// Register the token with the runner as a secret to ensure it is masked in logs
core.setSecret(authentication.token);
core.setOutput("token", authentication.token);
// Make token accessible to post function (so we can invalidate it)
lib/post.js
+4 -5
View File
@@ -1,15 +1,14 @@
// @ts-check
import core from "@actions/core";
import { request } from "@octokit/request";
/**
* @param {core} core
* @param {request} request
* @param {import("@actions/core")} core
* @param {import("@octokit/request").request} request
*/
export async function post(core, request) {
const token = core.getState("token");
if (!token) return;
await request("DELETE /installation/token", {
headers: {
authorization: `token ${token}`,
lib/request.js
+8
View File
@@ -0,0 +1,8 @@
import { request } from "@octokit/request";
export default request.defaults({
baseUrl: process.env["GITHUB_API_URL"],
headers: {
"user-agent": "actions/create-github-app-token",
},
});
main.js
+14 -7
View File
@@ -2,9 +2,9 @@
import core from "@actions/core";
import { createAppAuth } from "@octokit/auth-app";
import { request } from "@octokit/request";
import { main } from "./lib/main.js";
import request from "./lib/request.js";
if (!process.env.GITHUB_REPOSITORY) {
throw new Error("GITHUB_REPOSITORY missing, must be set to '<owner>/<repo>'");
@@ -15,9 +15,16 @@ const privateKey = core.getInput("private_key");
const repository = process.env.GITHUB_REPOSITORY;
main(appId, privateKey, repository, core, createAppAuth, request).catch(
(error) => {
console.error(error);
core.setFailed(error.message);
}
);
main(
appId,
privateKey,
repository,
core,
createAppAuth,
request.defaults({
baseUrl: process.env["GITHUB_API_URL"],
})
).catch((error) => {
console.error(error);
core.setFailed(error.message);
});
package-lock.json
Generated
+180 -216
View File
@@ -1,21 +1,21 @@
{
"name": "app-token-action",
"version": "1.0.0",
"name": "create-github-app-token",
"version": "1.0.5",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "app-token-action",
"version": "1.0.0",
"name": "create-github-app-token",
"version": "1.0.5",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.10.0",
"@octokit/auth-app": "^4.0.13",
"@octokit/request": "^6.2.5"
"@octokit/auth-app": "^6.0.0",
"@octokit/request": "^8.1.1"
},
"devDependencies": {
"dotenv": "^16.0.3",
"esbuild": "^0.17.19"
"dotenv": "^16.3.1",
"esbuild": "^0.19.2"
}
},
"node_modules/@actions/core": {
@@ -36,9 +36,9 @@
}
},
"node_modules/@esbuild/android-arm": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.17.19.tgz",
"integrity": "sha512-rIKddzqhmav7MSmoFCmDIb6e2W57geRsM94gV2l38fzhXMwq7hZoClug9USI2pFRGL06f4IOPHHpFNOkWieR8A==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.19.2.tgz",
"integrity": "sha512-tM8yLeYVe7pRyAu9VMi/Q7aunpLwD139EY1S99xbQkT4/q2qa6eA4ige/WJQYdJ8GBL1K33pPFhPfPdJ/WzT8Q==",
"cpu": [
"arm"
],
@@ -52,9 +52,9 @@
}
},
"node_modules/@esbuild/android-arm64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.17.19.tgz",
"integrity": "sha512-KBMWvEZooR7+kzY0BtbTQn0OAYY7CsiydT63pVEaPtVYF0hXbUaOyZog37DKxK7NF3XacBJOpYT4adIJh+avxA==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.19.2.tgz",
"integrity": "sha512-lsB65vAbe90I/Qe10OjkmrdxSX4UJDjosDgb8sZUKcg3oefEuW2OT2Vozz8ef7wrJbMcmhvCC+hciF8jY/uAkw==",
"cpu": [
"arm64"
],
@@ -68,9 +68,9 @@
}
},
"node_modules/@esbuild/android-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.17.19.tgz",
"integrity": "sha512-uUTTc4xGNDT7YSArp/zbtmbhO0uEEK9/ETW29Wk1thYUJBz3IVnvgEiEwEa9IeLyvnpKrWK64Utw2bgUmDveww==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.19.2.tgz",
"integrity": "sha512-qK/TpmHt2M/Hg82WXHRc/W/2SGo/l1thtDHZWqFq7oi24AjZ4O/CpPSu6ZuYKFkEgmZlFoa7CooAyYmuvnaG8w==",
"cpu": [
"x64"
],
@@ -84,9 +84,9 @@
}
},
"node_modules/@esbuild/darwin-arm64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.17.19.tgz",
"integrity": "sha512-80wEoCfF/hFKM6WE1FyBHc9SfUblloAWx6FJkFWTWiCoht9Mc0ARGEM47e67W9rI09YoUxJL68WHfDRYEAvOhg==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.2.tgz",
"integrity": "sha512-Ora8JokrvrzEPEpZO18ZYXkH4asCdc1DLdcVy8TGf5eWtPO1Ie4WroEJzwI52ZGtpODy3+m0a2yEX9l+KUn0tA==",
"cpu": [
"arm64"
],
@@ -100,9 +100,9 @@
}
},
"node_modules/@esbuild/darwin-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.17.19.tgz",
"integrity": "sha512-IJM4JJsLhRYr9xdtLytPLSH9k/oxR3boaUIYiHkAawtwNOXKE8KoU8tMvryogdcT8AU+Bflmh81Xn6Q0vTZbQw==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.19.2.tgz",
"integrity": "sha512-tP+B5UuIbbFMj2hQaUr6EALlHOIOmlLM2FK7jeFBobPy2ERdohI4Ka6ZFjZ1ZYsrHE/hZimGuU90jusRE0pwDw==",
"cpu": [
"x64"
],
@@ -116,9 +116,9 @@
}
},
"node_modules/@esbuild/freebsd-arm64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.17.19.tgz",
"integrity": "sha512-pBwbc7DufluUeGdjSU5Si+P3SoMF5DQ/F/UmTSb8HXO80ZEAJmrykPyzo1IfNbAoaqw48YRpv8shwd1NoI0jcQ==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.19.2.tgz",
"integrity": "sha512-YbPY2kc0acfzL1VPVK6EnAlig4f+l8xmq36OZkU0jzBVHcOTyQDhnKQaLzZudNJQyymd9OqQezeaBgkTGdTGeQ==",
"cpu": [
"arm64"
],
@@ -132,9 +132,9 @@
}
},
"node_modules/@esbuild/freebsd-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.17.19.tgz",
"integrity": "sha512-4lu+n8Wk0XlajEhbEffdy2xy53dpR06SlzvhGByyg36qJw6Kpfk7cp45DR/62aPH9mtJRmIyrXAS5UWBrJT6TQ==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.19.2.tgz",
"integrity": "sha512-nSO5uZT2clM6hosjWHAsS15hLrwCvIWx+b2e3lZ3MwbYSaXwvfO528OF+dLjas1g3bZonciivI8qKR/Hm7IWGw==",
"cpu": [
"x64"
],
@@ -148,9 +148,9 @@
}
},
"node_modules/@esbuild/linux-arm": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.17.19.tgz",
"integrity": "sha512-cdmT3KxjlOQ/gZ2cjfrQOtmhG4HJs6hhvm3mWSRDPtZ/lP5oe8FWceS10JaSJC13GBd4eH/haHnqf7hhGNLerA==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.19.2.tgz",
"integrity": "sha512-Odalh8hICg7SOD7XCj0YLpYCEc+6mkoq63UnExDCiRA2wXEmGlK5JVrW50vZR9Qz4qkvqnHcpH+OFEggO3PgTg==",
"cpu": [
"arm"
],
@@ -164,9 +164,9 @@
}
},
"node_modules/@esbuild/linux-arm64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.17.19.tgz",
"integrity": "sha512-ct1Tg3WGwd3P+oZYqic+YZF4snNl2bsnMKRkb3ozHmnM0dGWuxcPTTntAF6bOP0Sp4x0PjSF+4uHQ1xvxfRKqg==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.2.tgz",
"integrity": "sha512-ig2P7GeG//zWlU0AggA3pV1h5gdix0MA3wgB+NsnBXViwiGgY77fuN9Wr5uoCrs2YzaYfogXgsWZbm+HGr09xg==",
"cpu": [
"arm64"
],
@@ -180,9 +180,9 @@
}
},
"node_modules/@esbuild/linux-ia32": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.17.19.tgz",
"integrity": "sha512-w4IRhSy1VbsNxHRQpeGCHEmibqdTUx61Vc38APcsRbuVgK0OPEnQ0YD39Brymn96mOx48Y2laBQGqgZ0j9w6SQ==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.19.2.tgz",
"integrity": "sha512-mLfp0ziRPOLSTek0Gd9T5B8AtzKAkoZE70fneiiyPlSnUKKI4lp+mGEnQXcQEHLJAcIYDPSyBvsUbKUG2ri/XQ==",
"cpu": [
"ia32"
],
@@ -196,9 +196,9 @@
}
},
"node_modules/@esbuild/linux-loong64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.17.19.tgz",
"integrity": "sha512-2iAngUbBPMq439a+z//gE+9WBldoMp1s5GWsUSgqHLzLJ9WoZLZhpwWuym0u0u/4XmZ3gpHmzV84PonE+9IIdQ==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.19.2.tgz",
"integrity": "sha512-hn28+JNDTxxCpnYjdDYVMNTR3SKavyLlCHHkufHV91fkewpIyQchS1d8wSbmXhs1fiYDpNww8KTFlJ1dHsxeSw==",
"cpu": [
"loong64"
],
@@ -212,9 +212,9 @@
}
},
"node_modules/@esbuild/linux-mips64el": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.17.19.tgz",
"integrity": "sha512-LKJltc4LVdMKHsrFe4MGNPp0hqDFA1Wpt3jE1gEyM3nKUvOiO//9PheZZHfYRfYl6AwdTH4aTcXSqBerX0ml4A==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.19.2.tgz",
"integrity": "sha512-KbXaC0Sejt7vD2fEgPoIKb6nxkfYW9OmFUK9XQE4//PvGIxNIfPk1NmlHmMg6f25x57rpmEFrn1OotASYIAaTg==",
"cpu": [
"mips64el"
],
@@ -228,9 +228,9 @@
}
},
"node_modules/@esbuild/linux-ppc64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.17.19.tgz",
"integrity": "sha512-/c/DGybs95WXNS8y3Ti/ytqETiW7EU44MEKuCAcpPto3YjQbyK3IQVKfF6nbghD7EcLUGl0NbiL5Rt5DMhn5tg==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.19.2.tgz",
"integrity": "sha512-dJ0kE8KTqbiHtA3Fc/zn7lCd7pqVr4JcT0JqOnbj4LLzYnp+7h8Qi4yjfq42ZlHfhOCM42rBh0EwHYLL6LEzcw==",
"cpu": [
"ppc64"
],
@@ -244,9 +244,9 @@
}
},
"node_modules/@esbuild/linux-riscv64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.17.19.tgz",
"integrity": "sha512-FC3nUAWhvFoutlhAkgHf8f5HwFWUL6bYdvLc/TTuxKlvLi3+pPzdZiFKSWz/PF30TB1K19SuCxDTI5KcqASJqA==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.19.2.tgz",
"integrity": "sha512-7Z/jKNFufZ/bbu4INqqCN6DDlrmOTmdw6D0gH+6Y7auok2r02Ur661qPuXidPOJ+FSgbEeQnnAGgsVynfLuOEw==",
"cpu": [
"riscv64"
],
@@ -260,9 +260,9 @@
}
},
"node_modules/@esbuild/linux-s390x": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.17.19.tgz",
"integrity": "sha512-IbFsFbxMWLuKEbH+7sTkKzL6NJmG2vRyy6K7JJo55w+8xDk7RElYn6xvXtDW8HCfoKBFK69f3pgBJSUSQPr+4Q==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.19.2.tgz",
"integrity": "sha512-U+RinR6aXXABFCcAY4gSlv4CL1oOVvSSCdseQmGO66H+XyuQGZIUdhG56SZaDJQcLmrSfRmx5XZOWyCJPRqS7g==",
"cpu": [
"s390x"
],
@@ -276,9 +276,9 @@
}
},
"node_modules/@esbuild/linux-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.17.19.tgz",
"integrity": "sha512-68ngA9lg2H6zkZcyp22tsVt38mlhWde8l3eJLWkyLrp4HwMUr3c1s/M2t7+kHIhvMjglIBrFpncX1SzMckomGw==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.19.2.tgz",
"integrity": "sha512-oxzHTEv6VPm3XXNaHPyUTTte+3wGv7qVQtqaZCrgstI16gCuhNOtBXLEBkBREP57YTd68P0VgDgG73jSD8bwXQ==",
"cpu": [
"x64"
],
@@ -292,9 +292,9 @@
}
},
"node_modules/@esbuild/netbsd-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.17.19.tgz",
"integrity": "sha512-CwFq42rXCR8TYIjIfpXCbRX0rp1jo6cPIUPSaWwzbVI4aOfX96OXY8M6KNmtPcg7QjYeDmN+DD0Wp3LaBOLf4Q==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.19.2.tgz",
"integrity": "sha512-WNa5zZk1XpTTwMDompZmvQLHszDDDN7lYjEHCUmAGB83Bgs20EMs7ICD+oKeT6xt4phV4NDdSi/8OfjPbSbZfQ==",
"cpu": [
"x64"
],
@@ -308,9 +308,9 @@
}
},
"node_modules/@esbuild/openbsd-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.17.19.tgz",
"integrity": "sha512-cnq5brJYrSZ2CF6c35eCmviIN3k3RczmHz8eYaVlNasVqsNY+JKohZU5MKmaOI+KkllCdzOKKdPs762VCPC20g==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.19.2.tgz",
"integrity": "sha512-S6kI1aT3S++Dedb7vxIuUOb3oAxqxk2Rh5rOXOTYnzN8JzW1VzBd+IqPiSpgitu45042SYD3HCoEyhLKQcDFDw==",
"cpu": [
"x64"
],
@@ -324,9 +324,9 @@
}
},
"node_modules/@esbuild/sunos-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.17.19.tgz",
"integrity": "sha512-vCRT7yP3zX+bKWFeP/zdS6SqdWB8OIpaRq/mbXQxTGHnIxspRtigpkUcDMlSCOejlHowLqII7K2JKevwyRP2rg==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.19.2.tgz",
"integrity": "sha512-VXSSMsmb+Z8LbsQGcBMiM+fYObDNRm8p7tkUDMPG/g4fhFX5DEFmjxIEa3N8Zr96SjsJ1woAhF0DUnS3MF3ARw==",
"cpu": [
"x64"
],
@@ -340,9 +340,9 @@
}
},
"node_modules/@esbuild/win32-arm64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.17.19.tgz",
"integrity": "sha512-yYx+8jwowUstVdorcMdNlzklLYhPxjniHWFKgRqH7IFlUEa0Umu3KuYplf1HUZZ422e3NU9F4LGb+4O0Kdcaag==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.19.2.tgz",
"integrity": "sha512-5NayUlSAyb5PQYFAU9x3bHdsqB88RC3aM9lKDAz4X1mo/EchMIT1Q+pSeBXNgkfNmRecLXA0O8xP+x8V+g/LKg==",
"cpu": [
"arm64"
],
@@ -356,9 +356,9 @@
}
},
"node_modules/@esbuild/win32-ia32": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.17.19.tgz",
"integrity": "sha512-eggDKanJszUtCdlVs0RB+h35wNlb5v4TWEkq4vZcmVt5u/HiDZrTXe2bWFQUez3RgNHwx/x4sk5++4NSSicKkw==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.19.2.tgz",
"integrity": "sha512-47gL/ek1v36iN0wL9L4Q2MFdujR0poLZMJwhO2/N3gA89jgHp4MR8DKCmwYtGNksbfJb9JoTtbkoe6sDhg2QTA==",
"cpu": [
"ia32"
],
@@ -372,9 +372,9 @@
}
},
"node_modules/@esbuild/win32-x64": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.17.19.tgz",
"integrity": "sha512-lAhycmKnVOuRYNtRtatQR1LPQf2oYCkRGkSFnseDAKPl8lu5SOsK/e1sXe5a0Pc5kHIHe6P2I/ilntNv2xf3cA==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.19.2.tgz",
"integrity": "sha512-tcuhV7ncXBqbt/Ybf0IyrMcwVOAPDckMK9rXNHtF17UTK18OKLpg08glminN06pt2WCoALhXdLfSPbVvK/6fxw==",
"cpu": [
"x64"
],
@@ -388,147 +388,146 @@
}
},
"node_modules/@octokit/auth-app": {
"version": "4.0.13",
"resolved": "https://registry.npmjs.org/@octokit/auth-app/-/auth-app-4.0.13.tgz",
"integrity": "sha512-NBQkmR/Zsc+8fWcVIFrwDgNXS7f4XDrkd9LHdi9DPQw1NdGHLviLzRO2ZBwTtepnwHXW5VTrVU9eFGijMUqllg==",
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/@octokit/auth-app/-/auth-app-6.0.0.tgz",
"integrity": "sha512-OKct7Rukf3g9DjpzcpdacQsdmd6oPrJ7fZND22JkjzhDvfhttUOnmh+qPS4kHhaNNyTxqSThnfrUWvkqNLd1nw==",
"dependencies": {
"@octokit/auth-oauth-app": "^5.0.0",
"@octokit/auth-oauth-user": "^2.0.0",
"@octokit/request": "^6.0.0",
"@octokit/request-error": "^3.0.0",
"@octokit/types": "^9.0.0",
"@octokit/auth-oauth-app": "^7.0.0",
"@octokit/auth-oauth-user": "^4.0.0",
"@octokit/request": "^8.0.2",
"@octokit/request-error": "^5.0.0",
"@octokit/types": "^11.0.0",
"deprecation": "^2.3.1",
"lru-cache": "^9.0.0",
"lru-cache": "^10.0.0",
"universal-github-app-jwt": "^1.1.1",
"universal-user-agent": "^6.0.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/auth-oauth-app": {
"version": "5.0.5",
"resolved": "https://registry.npmjs.org/@octokit/auth-oauth-app/-/auth-oauth-app-5.0.5.tgz",
"integrity": "sha512-UPX1su6XpseaeLVCi78s9droxpGtBWIgz9XhXAx9VXabksoF0MyI5vaa1zo1njyYt6VaAjFisC2A2Wchcu2WmQ==",
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/@octokit/auth-oauth-app/-/auth-oauth-app-7.0.0.tgz",
"integrity": "sha512-8JvJEXGoEqrbzLwt3SwIUvkDd+1wrM8up0KawvDIElB8rbxPbvWppGO0SLKAWSJ0q8ILcVq+mWck6pDcZ3a9KA==",
"dependencies": {
"@octokit/auth-oauth-device": "^4.0.0",
"@octokit/auth-oauth-user": "^2.0.0",
"@octokit/request": "^6.0.0",
"@octokit/types": "^9.0.0",
"@octokit/auth-oauth-device": "^6.0.0",
"@octokit/auth-oauth-user": "^4.0.0",
"@octokit/request": "^8.0.2",
"@octokit/types": "^11.0.0",
"@types/btoa-lite": "^1.0.0",
"btoa-lite": "^1.0.0",
"universal-user-agent": "^6.0.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/auth-oauth-device": {
"version": "4.0.4",
"resolved": "https://registry.npmjs.org/@octokit/auth-oauth-device/-/auth-oauth-device-4.0.4.tgz",
"integrity": "sha512-Xl85BZYfqCMv+Uvz33nVVUjE7I/PVySNaK6dRRqlkvYcArSr9vRcZC9KVjXYObGRTCN6mISeYdakAZvWEN4+Jw==",
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/@octokit/auth-oauth-device/-/auth-oauth-device-6.0.0.tgz",
"integrity": "sha512-Zgf/LKhwWk54rJaTGYVYtbKgUty+ouil6VQeRd+pCw7Gd0ECoSWaZuHK6uDGC/HtnWHjpSWFhzxPauDoHcNRtg==",
"dependencies": {
"@octokit/oauth-methods": "^2.0.0",
"@octokit/request": "^6.0.0",
"@octokit/types": "^9.0.0",
"@octokit/oauth-methods": "^4.0.0",
"@octokit/request": "^8.0.0",
"@octokit/types": "^11.0.0",
"universal-user-agent": "^6.0.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/auth-oauth-user": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/@octokit/auth-oauth-user/-/auth-oauth-user-2.1.1.tgz",
"integrity": "sha512-JgqnNNPf9CaWLxWm9uh2WgxcaVYhxBR09NVIPTiMU2dVZ3FObOHs3njBiLNw+zq84k+rEdm5Y7AsiASrZ84Apg==",
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/@octokit/auth-oauth-user/-/auth-oauth-user-4.0.0.tgz",
"integrity": "sha512-VOm5aIkVGHaOhIvsF/4YmSjoYDzzrKbbYkdSEO0KqHK7I8SlO3ZndSikQ1fBlNPUEH0ve2BOTxLrVvI1qBf9/Q==",
"dependencies": {
"@octokit/auth-oauth-device": "^4.0.0",
"@octokit/oauth-methods": "^2.0.0",
"@octokit/request": "^6.0.0",
"@octokit/types": "^9.0.0",
"@octokit/auth-oauth-device": "^6.0.0",
"@octokit/oauth-methods": "^4.0.0",
"@octokit/request": "^8.0.2",
"@octokit/types": "^11.0.0",
"btoa-lite": "^1.0.0",
"universal-user-agent": "^6.0.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/endpoint": {
"version": "7.0.5",
"resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-7.0.5.tgz",
"integrity": "sha512-LG4o4HMY1Xoaec87IqQ41TQ+glvIeTKqfjkCEmt5AIwDZJwQeVZFIEYXrYY6yLwK+pAScb9Gj4q+Nz2qSw1roA==",
"version": "9.0.0",
"resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-9.0.0.tgz",
"integrity": "sha512-szrQhiqJ88gghWY2Htt8MqUDO6++E/EIXqJ2ZEp5ma3uGS46o7LZAzSLt49myB7rT+Hfw5Y6gO3LmOxGzHijAQ==",
"dependencies": {
"@octokit/types": "^9.0.0",
"@octokit/types": "^11.0.0",
"is-plain-object": "^5.0.0",
"universal-user-agent": "^6.0.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/oauth-authorization-url": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/@octokit/oauth-authorization-url/-/oauth-authorization-url-5.0.0.tgz",
"integrity": "sha512-y1WhN+ERDZTh0qZ4SR+zotgsQUE1ysKnvBt1hvDRB2WRzYtVKQjn97HEPzoehh66Fj9LwNdlZh+p6TJatT0zzg==",
"version": "6.0.2",
"resolved": "https://registry.npmjs.org/@octokit/oauth-authorization-url/-/oauth-authorization-url-6.0.2.tgz",
"integrity": "sha512-CdoJukjXXxqLNK4y/VOiVzQVjibqoj/xHgInekviUJV73y/BSIcwvJ/4aNHPBPKcPWFnd4/lO9uqRV65jXhcLA==",
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/oauth-methods": {
"version": "2.0.5",
"resolved": "https://registry.npmjs.org/@octokit/oauth-methods/-/oauth-methods-2.0.5.tgz",
"integrity": "sha512-yQP6B5gE3axNxuM3U9KqWs/ErAQ+WLPaPgC/7EjsZsQibkf8sjdAfF8/y/EJW+Dd05XQvadX4WhQZPMnO1SE1A==",
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/@octokit/oauth-methods/-/oauth-methods-4.0.0.tgz",
"integrity": "sha512-dqy7BZLfLbi3/8X8xPKUKZclMEK9vN3fK5WF3ortRvtplQTszFvdAGbTo71gGLO+4ZxspNiLjnqdd64Chklf7w==",
"dependencies": {
"@octokit/oauth-authorization-url": "^5.0.0",
"@octokit/request": "^6.2.3",
"@octokit/request-error": "^3.0.3",
"@octokit/types": "^9.0.0",
"@octokit/oauth-authorization-url": "^6.0.2",
"@octokit/request": "^8.0.2",
"@octokit/request-error": "^5.0.0",
"@octokit/types": "^11.0.0",
"btoa-lite": "^1.0.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/openapi-types": {
"version": "17.2.0",
"resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-17.2.0.tgz",
"integrity": "sha512-MazrFNx4plbLsGl+LFesMo96eIXkFgEtaKbnNpdh4aQ0VM10aoylFsTYP1AEjkeoRNZiiPe3T6Gl2Hr8dJWdlQ=="
"version": "18.0.0",
"resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-18.0.0.tgz",
"integrity": "sha512-V8GImKs3TeQRxRtXFpG2wl19V7444NIOTDF24AWuIbmNaNYOQMWRbjcGDXV5B+0n887fgDcuMNOmlul+k+oJtw=="
},
"node_modules/@octokit/request": {
"version": "6.2.5",
"resolved": "https://registry.npmjs.org/@octokit/request/-/request-6.2.5.tgz",
"integrity": "sha512-z83E8UIlPNaJUsXpjD8E0V5o/5f+vJJNbNcBwVZsX3/vC650U41cOkTLjq4PKk9BYonQGOnx7N17gvLyNjgGcQ==",
"version": "8.1.1",
"resolved": "https://registry.npmjs.org/@octokit/request/-/request-8.1.1.tgz",
"integrity": "sha512-8N+tdUz4aCqQmXl8FpHYfKG9GelDFd7XGVzyN8rc6WxVlYcfpHECnuRkgquzz+WzvHTK62co5di8gSXnzASZPQ==",
"dependencies": {
"@octokit/endpoint": "^7.0.0",
"@octokit/request-error": "^3.0.0",
"@octokit/types": "^9.0.0",
"@octokit/endpoint": "^9.0.0",
"@octokit/request-error": "^5.0.0",
"@octokit/types": "^11.1.0",
"is-plain-object": "^5.0.0",
"node-fetch": "^2.6.7",
"universal-user-agent": "^6.0.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/request-error": {
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-3.0.3.tgz",
"integrity": "sha512-crqw3V5Iy2uOU5Np+8M/YexTlT8zxCfI+qu+LxUB7SZpje4Qmx3mub5DfEKSO8Ylyk0aogi6TYdf6kxzh2BguQ==",
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-5.0.0.tgz",
"integrity": "sha512-1ue0DH0Lif5iEqT52+Rf/hf0RmGO9NWFjrzmrkArpG9trFfDM/efx00BJHdLGuro4BR/gECxCU2Twf5OKrRFsQ==",
"dependencies": {
"@octokit/types": "^9.0.0",
"@octokit/types": "^11.0.0",
"deprecation": "^2.0.0",
"once": "^1.4.0"
},
"engines": {
"node": ">= 14"
"node": ">= 18"
}
},
"node_modules/@octokit/types": {
"version": "9.2.3",
"resolved": "https://registry.npmjs.org/@octokit/types/-/types-9.2.3.tgz",
"integrity": "sha512-MMeLdHyFIALioycq+LFcA71v0S2xpQUX2cw6pPbHQjaibcHYwLnmK/kMZaWuGfGfjBJZ3wRUq+dOaWsvrPJVvA==",
"version": "11.1.0",
"resolved": "https://registry.npmjs.org/@octokit/types/-/types-11.1.0.tgz",
"integrity": "sha512-Fz0+7GyLm/bHt8fwEqgvRBWwIV1S6wRRyq+V6exRKLVWaKGsuy6H9QFYeBVDV7rK6fO3XwHgQOPxv+cLj2zpXQ==",
"dependencies": {
"@octokit/openapi-types": "^17.2.0"
"@octokit/openapi-types": "^18.0.0"
}
},
"node_modules/@types/btoa-lite": {
@@ -565,12 +564,15 @@
"integrity": "sha512-xmHIy4F3scKVwMsQ4WnVaS8bHOx0DmVwRywosKhaILI0ywMDWPtBSku2HNxRvF7jtwDRsoEwYQSfbxj8b7RlJQ=="
},
"node_modules/dotenv": {
"version": "16.0.3",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.0.3.tgz",
"integrity": "sha512-7GO6HghkA5fYG9TYnNxi14/7K9f5occMlp3zXAuSxn7CKCxt9xbNWG7yF8hTCSUchlfWSe3uLmlPfigevRItzQ==",
"version": "16.3.1",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.3.1.tgz",
"integrity": "sha512-IPzF4w4/Rd94bA9imS68tZBaYyBWSCE47V1RGuMrB94iyTOIEwRmVL2x/4An+6mETpLrKJ5hQkB8W4kFAadeIQ==",
"dev": true,
"engines": {
"node": ">=12"
},
"funding": {
"url": "https://github.com/motdotla/dotenv?sponsor=1"
}
},
"node_modules/ecdsa-sig-formatter": {
@@ -582,9 +584,9 @@
}
},
"node_modules/esbuild": {
"version": "0.17.19",
"resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.17.19.tgz",
"integrity": "sha512-XQ0jAPFkK/u3LcVRcvVHQcTIqD6E2H1fvZMA5dQPSOWb3suUbWbfbRf94pjc0bNzRYLfIrDRQXr7X+LHIm5oHw==",
"version": "0.19.2",
"resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.19.2.tgz",
"integrity": "sha512-G6hPax8UbFakEj3hWO0Vs52LQ8k3lnBhxZWomUJDxfz3rZTLqF5k/FCzuNdLx2RbpBiQQF9H9onlDDH1lZsnjg==",
"dev": true,
"hasInstallScript": true,
"bin": {
@@ -594,28 +596,28 @@
"node": ">=12"
},
"optionalDependencies": {
"@esbuild/android-arm": "0.17.19",
"@esbuild/android-arm64": "0.17.19",
"@esbuild/android-x64": "0.17.19",
"@esbuild/darwin-arm64": "0.17.19",
"@esbuild/darwin-x64": "0.17.19",
"@esbuild/freebsd-arm64": "0.17.19",
"@esbuild/freebsd-x64": "0.17.19",
"@esbuild/linux-arm": "0.17.19",
"@esbuild/linux-arm64": "0.17.19",
"@esbuild/linux-ia32": "0.17.19",
"@esbuild/linux-loong64": "0.17.19",
"@esbuild/linux-mips64el": "0.17.19",
"@esbuild/linux-ppc64": "0.17.19",
"@esbuild/linux-riscv64": "0.17.19",
"@esbuild/linux-s390x": "0.17.19",
"@esbuild/linux-x64": "0.17.19",
"@esbuild/netbsd-x64": "0.17.19",
"@esbuild/openbsd-x64": "0.17.19",
"@esbuild/sunos-x64": "0.17.19",
"@esbuild/win32-arm64": "0.17.19",
"@esbuild/win32-ia32": "0.17.19",
"@esbuild/win32-x64": "0.17.19"
"@esbuild/android-arm": "0.19.2",
"@esbuild/android-arm64": "0.19.2",
"@esbuild/android-x64": "0.19.2",
"@esbuild/darwin-arm64": "0.19.2",
"@esbuild/darwin-x64": "0.19.2",
"@esbuild/freebsd-arm64": "0.19.2",
"@esbuild/freebsd-x64": "0.19.2",
"@esbuild/linux-arm": "0.19.2",
"@esbuild/linux-arm64": "0.19.2",
"@esbuild/linux-ia32": "0.19.2",
"@esbuild/linux-loong64": "0.19.2",
"@esbuild/linux-mips64el": "0.19.2",
"@esbuild/linux-ppc64": "0.19.2",
"@esbuild/linux-riscv64": "0.19.2",
"@esbuild/linux-s390x": "0.19.2",
"@esbuild/linux-x64": "0.19.2",
"@esbuild/netbsd-x64": "0.19.2",
"@esbuild/openbsd-x64": "0.19.2",
"@esbuild/sunos-x64": "0.19.2",
"@esbuild/win32-arm64": "0.19.2",
"@esbuild/win32-ia32": "0.19.2",
"@esbuild/win32-x64": "0.19.2"
}
},
"node_modules/is-plain-object": {
@@ -666,9 +668,9 @@
"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
},
"node_modules/lru-cache": {
"version": "9.1.1",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-9.1.1.tgz",
"integrity": "sha512-65/Jky17UwSb0BuB9V+MyDpsOtXKmYwzhyl+cOa9XUiI4uV2Ouy/2voFP3+al0BjZbJgMBD8FojMpAf+Z+qn4A==",
"version": "10.0.1",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.0.1.tgz",
"integrity": "sha512-IJ4uwUTi2qCccrioU6g9g/5rvvVl13bsdczUUcqbciD9iLr095yj8DQKdObriEvuNSx325N1rV1O0sJFszx75g==",
"engines": {
"node": "14 || >=16.14"
}
@@ -678,25 +680,6 @@
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
"integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA=="
},
"node_modules/node-fetch": {
"version": "2.6.11",
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.11.tgz",
"integrity": "sha512-4I6pdBY1EthSqDmJkiNk3JIT8cswwR9nfeW/cPdUagJYEQG7R95WRH74wpz7ma8Gh/9dI9FP+OU+0E4FvtA55w==",
"dependencies": {
"whatwg-url": "^5.0.0"
},
"engines": {
"node": "4.x || >=6.0.0"
},
"peerDependencies": {
"encoding": "^0.1.0"
},
"peerDependenciesMeta": {
"encoding": {
"optional": true
}
}
},
"node_modules/once": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
@@ -725,9 +708,9 @@
]
},
"node_modules/semver": {
"version": "7.5.1",
"resolved": "https://registry.npmjs.org/semver/-/semver-7.5.1.tgz",
"integrity": "sha512-Wvss5ivl8TMRZXXESstBA4uR5iXgEN/VC5/sOcuXdVLzcdkz4HWetIoRfG5gb5X+ij/G9rw9YoGn3QoQ8OCSpw==",
"version": "7.5.4",
"resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz",
"integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==",
"dependencies": {
"lru-cache": "^6.0.0"
},
@@ -749,11 +732,6 @@
"node": ">=10"
}
},
"node_modules/tr46": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
"integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw=="
},
"node_modules/tunnel": {
"version": "0.0.6",
"resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz",
@@ -784,20 +762,6 @@
"uuid": "dist/bin/uuid"
}
},
"node_modules/webidl-conversions": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
"integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ=="
},
"node_modules/whatwg-url": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
"integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==",
"dependencies": {
"tr46": "~0.0.3",
"webidl-conversions": "^3.0.0"
}
},
"node_modules/wrappy": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
package.json
+6 -5
View File
@@ -2,7 +2,7 @@
"name": "create-github-app-token",
"private": true,
"type": "module",
"version": "1.0.5",
"version": "1.2.1",
"description": "GitHub Action for creating a GitHub App Installation Access Token",
"scripts": {
"build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node16.16",
@@ -11,12 +11,12 @@
"license": "MIT",
"dependencies": {
"@actions/core": "^1.10.0",
"@octokit/auth-app": "^4.0.13",
"@octokit/request": "^6.2.5"
"@octokit/auth-app": "^6.0.0",
"@octokit/request": "^8.1.1"
},
"devDependencies": {
"dotenv": "^16.0.3",
"esbuild": "^0.17.19"
"dotenv": "^16.3.1",
"esbuild": "^0.19.2"
},
"release": {
"branches": [
@@ -27,6 +27,7 @@
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"@semantic-release/github",
"@semantic-release/npm",
"semantic-release-plugin-github-breaking-version-tag",
[
"@semantic-release/git",
post.js
+10 -7
View File
@@ -1,13 +1,16 @@
// @ts-check
import core from "@actions/core";
import { request } from "@octokit/request";
import { post } from "./lib/post.js";
import request from "./lib/request.js";
post(core, request).catch(
(error) => {
console.error(error);
core.setFailed(error.message);
}
);
post(
core,
request.defaults({
baseUrl: process.env["GITHUB_API_URL"],
})
).catch((error) => {
console.error(error);
core.setFailed(error.message);
});