Create debug.yml

.github/dependabot.yml

@@ -1,30 +1,19 @@
 version: 2
 updates:
-  - package-ecosystem: 'npm'
-    directory: '/'
+  - package-ecosystem: "npm"
+    directory: "/"
     schedule:
-      interval: 'monthly'
+      interval: "monthly"
     groups:
       production-dependencies:
-        dependency-type: 'production'
-        update-types:
-          - minor
-          - patch
+        dependency-type: "production"
       development-dependencies:
-        dependency-type: 'development'
-        update-types:
-          - minor
-          - patch
+        dependency-type: "development"
     commit-message:
-      prefix: 'fix'
-      prefix-development: 'build'
-      include: 'scope'
-  - package-ecosystem: 'github-actions'
-    directory: '/'
+      prefix: "fix"
+      prefix-development: "build"
+      include: "scope"
+  - package-ecosystem: "github-actions"
+    directory: "/"
     schedule:
-      interval: 'monthly'
-    groups:
-      github-actions:
-        update-types:
-          - minor
-          - patch
+      interval: "monthly"

.github/workflows/debug.yml

@@ -0,0 +1,11 @@
+on:
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup tmate session
+        uses: mxschmitt/action-tmate@v3
+        env:
+          test_app_private_key: ${{ secrets.TEST_APP_PRIVATE_KEY }}

.github/workflows/publish-immutable-action.yml

@@ -1,17 +0,0 @@
-name: 'Publish Immutable Action'
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-      packages: write
-    steps:
-      - uses: actions/checkout@v4
-      - name: Publish Immutable Action
-        uses: actions/publish-immutable-action@v0.0.4

.github/workflows/test.yml

@@ -5,7 +5,6 @@ on:
     branches:
       - main
   pull_request:
-  workflow_dispatch:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}

README.md

@@ -86,7 +86,7 @@ jobs:
           GH_TOKEN: ${{ steps.app-token.outputs.token }}
       - id: committer
         run: echo "string=${{ steps.app-token.outputs.app-slug }}[bot] <${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>"  >> "$GITHUB_OUTPUT"
-      - run: echo "committer string is ${{ steps.committer.outputs.string }}"
+      - run: echo "committer string is ${ {steps.committer.outputs.string }}"
 ```
 
 ### Configure git CLI for an app's bot user
@@ -111,7 +111,7 @@ jobs:
           GH_TOKEN: ${{ steps.app-token.outputs.token }}
       - run: |
           git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
-          git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com'
+          git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>'
       # git commands like commit work using the bot user
       - run: |
           git add .
@@ -163,9 +163,7 @@ jobs:
           app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ github.repository_owner }}
-          repositories: |
-            repo1
-            repo2
+          repositories: "repo1,repo2"
       - uses: peter-evans/create-or-update-comment@v3
         with:
           token: ${{ steps.app-token.outputs.token }}
@@ -304,7 +302,7 @@ steps:
 
 ### `repositories`
 
-**Optional:** Comma or newline-separated list of repositories to grant access to.
+**Optional:** Comma-separated list of repositories to grant access to.
 
 > [!NOTE]
 > If `owner` is set and `repositories` is empty, access will be scoped to all repositories in the provided repository owner's installation. If `owner` and `repositories` are empty, access will be scoped to only the current repository.

action.yml

@@ -23,7 +23,7 @@ inputs:
     description: "The owner of the GitHub App installation (defaults to current repository owner)"
     required: false
   repositories:
-    description: "Comma or newline-separated list of repositories to install the GitHub App on (defaults to current repository if owner is unset)"
+    description: "Repositories to install the GitHub App on (defaults to current repository if owner is unset)"
     required: false
   skip-token-revoke:
     description: "If truthy, the token will not be revoked when the current job is complete"

lib/main.js

@@ -5,7 +5,7 @@ import pRetry from "p-retry";
  * @param {string} appId
  * @param {string} privateKey
  * @param {string} owner
- * @param {string[]} repositories
+ * @param {string} repositories
  * @param {import("@actions/core")} core
  * @param {import("@octokit/auth-app").createAppAuth} createAppAuth
  * @param {import("@octokit/request").request} request
@@ -22,21 +22,21 @@ export async function main(
   skipTokenRevoke
 ) {
   let parsedOwner = "";
-  let parsedRepositoryNames = [];
+  let parsedRepositoryNames = "";
 
   // If neither owner nor repositories are set, default to current repository
-  if (!owner && repositories.length === 0) {
-    const [owner, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
-    parsedOwner = owner;
-    parsedRepositoryNames = [repo];
+  if (!owner && !repositories) {
+    [parsedOwner, parsedRepositoryNames] = String(
+      process.env.GITHUB_REPOSITORY
+    ).split("/");
 
     core.info(
-      `owner and repositories not set, creating token for the current repository ("${repo}")`
+      `owner and repositories not set, creating token for the current repository ("${parsedRepositoryNames}")`
     );
   }
 
   // If only an owner is set, default to all repositories from that owner
-  if (owner && repositories.length === 0) {
+  if (owner && !repositories) {
     parsedOwner = owner;
 
     core.info(
@@ -45,26 +45,22 @@ export async function main(
   }
 
   // If repositories are set, but no owner, default to `GITHUB_REPOSITORY_OWNER`
-  if (!owner && repositories.length > 0) {
+  if (!owner && repositories) {
     parsedOwner = String(process.env.GITHUB_REPOSITORY_OWNER);
     parsedRepositoryNames = repositories;
 
     core.info(
-      `owner not set, creating owner for given repositories "${repositories.join(
-        ","
-      )}" in current owner ("${parsedOwner}")`
+      `owner not set, creating owner for given repositories "${repositories}" in current owner ("${parsedOwner}")`
     );
   }
 
   // If both owner and repositories are set, use those values
-  if (owner && repositories.length > 0) {
+  if (owner && repositories) {
     parsedOwner = owner;
     parsedRepositoryNames = repositories;
 
     core.info(
-      `owner and repositories set, creating token for repositories "${repositories.join(
-        ","
-      )}" owned by "${owner}"`
+      `owner and repositories set, creating token for repositories "${repositories}" owned by "${owner}"`
     );
   }
 
@@ -77,39 +73,25 @@ export async function main(
   let authentication, installationId, appSlug;
   // If at least one repository is set, get installation ID from that repository
 
-  if (parsedRepositoryNames.length > 0) {
-    ({ authentication, installationId, appSlug } = await pRetry(
-      () =>
-        getTokenFromRepository(
-          request,
-          auth,
-          parsedOwner,
-          parsedRepositoryNames
-        ),
-      {
-        onFailedAttempt: (error) => {
-          core.info(
-            `Failed to create token for "${parsedRepositoryNames.join(
-              ","
-            )}" (attempt ${error.attemptNumber}): ${error.message}`
-          );
-        },
-        retries: 3,
-      }
-    ));
+  if (parsedRepositoryNames) {
+    ({ authentication, installationId, appSlug } = await pRetry(() => getTokenFromRepository(request, auth, parsedOwner, parsedRepositoryNames), {
+      onFailedAttempt: (error) => {
+        core.info(
+          `Failed to create token for "${parsedRepositoryNames}" (attempt ${error.attemptNumber}): ${error.message}`
+        );
+      },
+      retries: 3,
+    }));
   } else {
     // Otherwise get the installation for the owner, which can either be an organization or a user account
-    ({ authentication, installationId, appSlug } = await pRetry(
-      () => getTokenFromOwner(request, auth, parsedOwner),
-      {
-        onFailedAttempt: (error) => {
-          core.info(
-            `Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`
-          );
-        },
-        retries: 3,
-      }
-    ));
+    ({ authentication, installationId, appSlug } = await pRetry(() => getTokenFromOwner(request, auth, parsedOwner), {
+      onFailedAttempt: (error) => {
+        core.info(
+          `Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`
+        );
+      },
+      retries: 3,
+    }));
   }
 
   // Register the token with the runner as a secret to ensure it is masked in logs
@@ -127,13 +109,23 @@ export async function main(
 }
 
 async function getTokenFromOwner(request, auth, parsedOwner) {
-  // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-user-installation-for-the-authenticated-app
-  // This endpoint works for both users and organizations
-  const response = await request("GET /users/{username}/installation", {
-    username: parsedOwner,
+  // https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-organization-installation-for-the-authenticated-app
+  const response = await request("GET /orgs/{org}/installation", {
+    org: parsedOwner,
     request: {
       hook: auth.hook,
     },
+  }).catch((error) => {
+    /* c8 ignore next */
+    if (error.status !== 404) throw error;
+
+    // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-user-installation-for-the-authenticated-app
+    return request("GET /users/{username}/installation", {
+      username: parsedOwner,
+      request: {
+        hook: auth.hook,
+      },
+    });
   });
 
   // Get token for for all repositories of the given installation
@@ -143,21 +135,16 @@ async function getTokenFromOwner(request, auth, parsedOwner) {
   });
 
   const installationId = response.data.id;
-  const appSlug = response.data["app_slug"];
+  const appSlug = response.data['app_slug'];
 
   return { authentication, installationId, appSlug };
 }
 
-async function getTokenFromRepository(
-  request,
-  auth,
-  parsedOwner,
-  parsedRepositoryNames
-) {
+async function getTokenFromRepository(request, auth, parsedOwner, parsedRepositoryNames) {
   // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-repository-installation-for-the-authenticated-app
   const response = await request("GET /repos/{owner}/{repo}/installation", {
     owner: parsedOwner,
-    repo: parsedRepositoryNames[0],
+    repo: parsedRepositoryNames.split(",")[0],
     request: {
       hook: auth.hook,
     },
@@ -167,11 +154,11 @@ async function getTokenFromRepository(
   const authentication = await auth({
     type: "installation",
     installationId: response.data.id,
-    repositoryNames: parsedRepositoryNames,
+    repositoryNames: parsedRepositoryNames.split(","),
   });
 
   const installationId = response.data.id;
-  const appSlug = response.data["app_slug"];
+  const appSlug = response.data['app_slug'];
 
   return { authentication, installationId, appSlug };
-}
+ }

main.js

@@ -25,10 +25,7 @@ if (!privateKey) {
   throw new Error("Input required and not supplied: private-key");
 }
 const owner = core.getInput("owner");
-const repositories = core.getInput("repositories")
-  .split(/[\n,]+/)
-  .map(s => s.trim())
-  .filter(x => x !== '');
+const repositories = core.getInput("repositories");
 
 const skipTokenRevoke = Boolean(
   core.getInput("skip-token-revoke") || core.getInput("skip_token_revoke")

package.json

@@ -2,7 +2,7 @@
   "name": "create-github-app-token",
   "private": true,
   "type": "module",
-  "version": "1.11.2",
+  "version": "1.10.3",
   "description": "GitHub Action for creating a GitHub App Installation Access Token",
   "scripts": {
     "build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle",
@@ -12,21 +12,21 @@
   },
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.11.1",
-    "@octokit/auth-app": "^7.1.3",
-    "@octokit/request": "^9.1.4",
-    "p-retry": "^6.2.1",
-    "undici": "^7.2.0"
+    "@actions/core": "^1.10.1",
+    "@octokit/auth-app": "^7.1.0",
+    "@octokit/request": "^9.0.1",
+    "p-retry": "^6.2.0",
+    "undici": "^6.19.2"
   },
   "devDependencies": {
-    "@sinonjs/fake-timers": "^14.0.0",
-    "ava": "^6.2.0",
-    "c8": "^10.1.3",
-    "dotenv": "^16.4.7",
-    "esbuild": "^0.24.2",
-    "execa": "^9.5.2",
+    "@sinonjs/fake-timers": "^11.2.2",
+    "ava": "^6.1.3",
+    "c8": "^10.1.2",
+    "dotenv": "^16.4.5",
+    "esbuild": "^0.22.0",
+    "execa": "^9.3.0",
     "open-cli": "^8.0.0",
-    "yaml": "^2.7.0"
+    "yaml": "^2.4.5"
   },
   "release": {
     "branches": [

tests/index.js

@@ -1,21 +1,11 @@
 import { readdirSync } from "node:fs";
 
-import test from "ava";
 import { execa } from "execa";
+import test from "ava";
 
-// Get all files in tests directory
-const files = readdirSync("tests");
+const tests = readdirSync("tests").filter((file) => file.endsWith(".test.js"));
 
-// Files to ignore
-const ignore = ["index.js", "main.js", "README.md", "snapshots"];
-
-const testFiles = files.filter((file) => !ignore.includes(file));
-
-// Throw an error if there is a file that does not end with test.js in the tests directory
-for (const file of testFiles) {
-  if (!file.endsWith(".test.js")) {
-    throw new Error(`File ${file} does not end with .test.js`);
-  }
+for (const file of tests) {
   test(file, async (t) => {
     // Override Actions environment variables that change `core`’s behavior
     const env = {

tests/main-custom-github-api-url.test.js

@@ -1,11 +1,10 @@
-import { DEFAULT_ENV, test } from "./main.js";
+import { test, DEFAULT_ENV } from "./main.js";
 
 // Verify that main works with a custom GitHub API URL passed as `github-api-url` input
 await test(
   () => {
     process.env.INPUT_OWNER = process.env.GITHUB_REPOSITORY_OWNER;
-    const currentRepoName = process.env.GITHUB_REPOSITORY.split("/")[1];
-    process.env.INPUT_REPOSITORIES = currentRepoName;
+    process.env.INPUT_REPOSITORIES = process.env.GITHUB_REPOSITORY;
   },
   {
     ...DEFAULT_ENV,

tests/main-private-key-with-escaped-newlines.js

@@ -0,0 +1,6 @@
+import { test, DEFAULT_ENV } from "./main.js";
+
+// Verify `main` works correctly when `private-key` input has escaped newlines
+await test(() => {
+  process.env['INPUT_PRIVATE-KEY'] = DEFAULT_ENV.PRIVATE_KEY.replace(/\n/g, '\\n')
+});

tests/main-private-key-with-escaped-newlines.test.js

@@ -1,9 +0,0 @@
-import { DEFAULT_ENV, test } from "./main.js";
-
-// Verify `main` works correctly when `private-key` input has escaped newlines
-await test(() => {
-  process.env["INPUT_PRIVATE-KEY"] = DEFAULT_ENV["INPUT_PRIVATE-KEY"].replace(
-    /\n/g,
-    "\\n"
-  );
-});

tests/main-token-get-owner-set-repo-set-to-many-newline.test.js

@@ -1,9 +0,0 @@
-import { test } from "./main.js";
-
-// Verify `main` successfully obtains a token when the `owner` and `repositories` inputs are set (and the latter is a list of repos).
-await test(() => {
-  process.env.INPUT_OWNER = process.env.GITHUB_REPOSITORY_OWNER;
-  const currentRepoName = process.env.GITHUB_REPOSITORY.split("/")[1];
-  // Intentional unnecessary whitespace to test parsing to array
-  process.env.INPUT_REPOSITORIES = `\n ${currentRepoName}\ntoolkit \n\n checkout \n`;
-});

tests/main-token-get-owner-set-repo-set-to-many.test.js

@@ -3,7 +3,5 @@ import { test } from "./main.js";
 // Verify `main` successfully obtains a token when the `owner` and `repositories` inputs are set (and the latter is a list of repos).
 await test(() => {
   process.env.INPUT_OWNER = process.env.GITHUB_REPOSITORY_OWNER;
-  const currentRepoName = process.env.GITHUB_REPOSITORY.split("/")[1];
-  // Intentional unnecessary whitespace to test parsing to array
-  process.env.INPUT_REPOSITORIES = ` ${currentRepoName}, toolkit  ,checkout`;
+  process.env.INPUT_REPOSITORIES = `${process.env.GITHUB_REPOSITORY},actions/toolkit`;
 });

tests/main-token-get-owner-set-repo-set-to-one.test.js

@@ -3,6 +3,5 @@ import { test } from "./main.js";
 // Verify `main` successfully obtains a token when the `owner` and `repositories` inputs are set (and the latter is a single repo).
 await test(() => {
   process.env.INPUT_OWNER = process.env.GITHUB_REPOSITORY_OWNER;
-  const currentRepoName = process.env.GITHUB_REPOSITORY.split("/")[1];
-  process.env.INPUT_REPOSITORIES = currentRepoName;
+  process.env.INPUT_REPOSITORIES = process.env.GITHUB_REPOSITORY;
 });

tests/main-token-get-owner-set-to-org-repo-unset.test.js

@@ -1,16 +1,16 @@
 import { test } from "./main.js";
 
-// Verify `main` successfully obtains a token when the `owner` input is set, and the `repositories` input isn’t set.
+// Verify `main` successfully obtains a token when the `owner` input is set (to an org), but the `repositories` input isn’t set.
 await test((mockPool) => {
   process.env.INPUT_OWNER = process.env.GITHUB_REPOSITORY_OWNER;
   delete process.env.INPUT_REPOSITORIES;
 
-  // Mock installation ID and app slug request
+  // Mock installation id and app slug request
   const mockInstallationId = "123456";
   const mockAppSlug = "github-actions";
   mockPool
     .intercept({
-      path: `/users/${process.env.INPUT_OWNER}/installation`,
+      path: `/orgs/${process.env.INPUT_OWNER}/installation`,
       method: "GET",
       headers: {
         accept: "application/vnd.github.v3+json",
@@ -20,7 +20,7 @@ await test((mockPool) => {
     })
     .reply(
       200,
-      { id: mockInstallationId, app_slug: mockAppSlug },
+      { id: mockInstallationId, "app_slug": mockAppSlug },
       { headers: { "content-type": "application/json" } }
     );
 });

tests/main-token-get-owner-set-to-user-fail-response.test.js

@@ -0,0 +1,37 @@
+import { test } from "./main.js";
+
+// Verify `main` successfully obtains a token when the `owner` input is set (to a user), but the `repositories` input isn’t set.
+await test((mockPool) => {
+  process.env.INPUT_OWNER = "smockle";
+  delete process.env.INPUT_REPOSITORIES;
+
+  // Mock installation ID and app slug request
+  const mockInstallationId = "123456";
+  const mockAppSlug = "github-actions";
+  mockPool
+    .intercept({
+      path: `/orgs/${process.env.INPUT_OWNER}/installation`,
+      method: "GET",
+      headers: {
+        accept: "application/vnd.github.v3+json",
+        "user-agent": "actions/create-github-app-token",
+        // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
+      },
+    })
+    .reply(500, "GitHub API not available");
+  mockPool
+    .intercept({
+      path: `/orgs/${process.env.INPUT_OWNER}/installation`,
+      method: "GET",
+      headers: {
+        accept: "application/vnd.github.v3+json",
+        "user-agent": "actions/create-github-app-token",
+        // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
+      },
+    })
+    .reply(
+      200,
+      { id: mockInstallationId, "app_slug": mockAppSlug },
+      { headers: { "content-type": "application/json" } }
+    );
+});

tests/main-token-get-owner-set-to-user-repo-unset.test.js

@@ -1,6 +1,6 @@
 import { test } from "./main.js";
 
-// Verify retries work when getting a token for a user or organization fails on the first attempt.
+// Verify `main` successfully obtains a token when the `owner` input is set (to a user), but the `repositories` input isn’t set.
 await test((mockPool) => {
   process.env.INPUT_OWNER = "smockle";
   delete process.env.INPUT_REPOSITORIES;
@@ -10,7 +10,7 @@ await test((mockPool) => {
   const mockAppSlug = "github-actions";
   mockPool
     .intercept({
-      path: `/users/${process.env.INPUT_OWNER}/installation`,
+      path: `/orgs/${process.env.INPUT_OWNER}/installation`,
       method: "GET",
       headers: {
         accept: "application/vnd.github.v3+json",
@@ -18,7 +18,7 @@ await test((mockPool) => {
         // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
       },
     })
-    .reply(500, "GitHub API not available");
+    .reply(404);
   mockPool
     .intercept({
       path: `/users/${process.env.INPUT_OWNER}/installation`,
@@ -31,7 +31,7 @@ await test((mockPool) => {
     })
     .reply(
       200,
-      { id: mockInstallationId, app_slug: mockAppSlug },
+      { id: mockInstallationId, "app_slug": mockAppSlug },
       { headers: { "content-type": "application/json" } }
     );
 });

tests/main-token-get-owner-unset-repo-set.test.js

@@ -3,6 +3,5 @@ import { test } from "./main.js";
 // Verify `main` successfully obtains a token when the `owner` input is not set, but the `repositories` input is set.
 await test(() => {
   delete process.env.INPUT_OWNER;
-  const currentRepoName = process.env.GITHUB_REPOSITORY.split("/")[1];
-  process.env.INPUT_REPOSITORIES = currentRepoName;
+  process.env.INPUT_REPOSITORIES = process.env.GITHUB_REPOSITORY;
 });

tests/main.js

@@ -46,7 +46,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
 
   // Set up mocking
   const baseUrl = new URL(env["INPUT_GITHUB-API-URL"]);
-  const basePath = baseUrl.pathname === "/" ? "" : baseUrl.pathname;
+  const basePath = baseUrl.pathname === '/' ? '' : baseUrl.pathname;
   const mockAgent = new MockAgent();
   mockAgent.disableNetConnect();
   setGlobalDispatcher(mockAgent);
@@ -58,9 +58,8 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
   const mockInstallationId = "123456";
   const mockAppSlug = "github-actions";
   const owner = env.INPUT_OWNER ?? env.GITHUB_REPOSITORY_OWNER;
-  const currentRepoName = env.GITHUB_REPOSITORY.split("/")[1];
   const repo = encodeURIComponent(
-    (env.INPUT_REPOSITORIES ?? currentRepoName).split(",")[0]
+    (env.INPUT_REPOSITORIES ?? env.GITHUB_REPOSITORY).split(",")[0]
   );
   mockPool
     .intercept({
@@ -74,7 +73,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
     })
     .reply(
       200,
-      { id: mockInstallationId, app_slug: mockAppSlug },
+      { id: mockInstallationId, "app_slug": mockAppSlug },
       { headers: { "content-type": "application/json" } }
     );
 

tests/snapshots/index.js.md

@@ -24,7 +24,7 @@ Generated by [AVA](https://avajs.dev).
 
 > stdout
 
-    `owner and repositories set, creating token for repositories "create-github-app-token" owned by "actions"␊
+    `owner and repositories set, creating token for repositories "actions/create-github-app-token" owned by "actions"␊
     ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
     ␊
     ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -75,65 +75,6 @@ Generated by [AVA](https://avajs.dev).
 
     ''
 
-## main-private-key-with-escaped-newlines.test.js
-
-> stderr
-
-    ''
-
-> stdout
-
-    `owner and repositories not set, creating token for the current repository ("create-github-app-token")␊
-    ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=installation-id::123456␊
-    ␊
-    ::set-output name=app-slug::github-actions␊
-    ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ::save-state name=expiresAt::2016-07-11T22:14:10Z`
-
-## main-repo-skew.test.js
-
-> stderr
-
-    `'Issued at' claim ('iat') must be an Integer representing the time that the assertion was issued.␊
-    [@octokit/auth-app] GitHub API time and system time are different by 30 seconds. Retrying request with the difference accounted for.`
-
-> stdout
-
-    `owner and repositories set, creating token for repositories "failed-repo" owned by "actions"␊
-    ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=installation-id::123456␊
-    ␊
-    ::set-output name=app-slug::github-actions␊
-    ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ::save-state name=expiresAt::2016-07-11T22:14:10Z`
-
-## main-token-get-owner-set-fail-response.test.js
-
-> stderr
-
-    ''
-
-> stdout
-
-    `repositories not set, creating token for all repositories for given owner "smockle"␊
-    Failed to create token for "smockle" (attempt 1): GitHub API not available␊
-    ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=installation-id::123456␊
-    ␊
-    ::set-output name=app-slug::github-actions␊
-    ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ::save-state name=expiresAt::2016-07-11T22:14:10Z`
-
 ## main-token-get-owner-set-repo-fail-response.test.js
 
 > stderr
@@ -154,25 +95,6 @@ Generated by [AVA](https://avajs.dev).
     ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
     ::save-state name=expiresAt::2016-07-11T22:14:10Z`
 
-## main-token-get-owner-set-repo-set-to-many-newline.test.js
-
-> stderr
-
-    ''
-
-> stdout
-
-    `owner and repositories set, creating token for repositories "create-github-app-token,toolkit,checkout" owned by "actions"␊
-    ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ␊
-    ::set-output name=installation-id::123456␊
-    ␊
-    ::set-output name=app-slug::github-actions␊
-    ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
-    ::save-state name=expiresAt::2016-07-11T22:14:10Z`
-
 ## main-token-get-owner-set-repo-set-to-many.test.js
 
 > stderr
@@ -181,7 +103,7 @@ Generated by [AVA](https://avajs.dev).
 
 > stdout
 
-    `owner and repositories set, creating token for repositories "create-github-app-token,toolkit,checkout" owned by "actions"␊
+    `owner and repositories set, creating token for repositories "actions/create-github-app-token,actions/toolkit" owned by "actions"␊
     ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
     ␊
     ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -200,7 +122,7 @@ Generated by [AVA](https://avajs.dev).
 
 > stdout
 
-    `owner and repositories set, creating token for repositories "create-github-app-token" owned by "actions"␊
+    `owner and repositories set, creating token for repositories "actions/create-github-app-token" owned by "actions"␊
     ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
     ␊
     ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -211,7 +133,7 @@ Generated by [AVA](https://avajs.dev).
     ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
     ::save-state name=expiresAt::2016-07-11T22:14:10Z`
 
-## main-token-get-owner-set-repo-unset.test.js
+## main-token-get-owner-set-to-org-repo-unset.test.js
 
 > stderr
 
@@ -230,6 +152,45 @@ Generated by [AVA](https://avajs.dev).
     ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
     ::save-state name=expiresAt::2016-07-11T22:14:10Z`
 
+## main-token-get-owner-set-to-user-fail-response.test.js
+
+> stderr
+
+    ''
+
+> stdout
+
+    `repositories not set, creating token for all repositories for given owner "smockle"␊
+    Failed to create token for "smockle" (attempt 1): GitHub API not available␊
+    ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
+    ␊
+    ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
+    ␊
+    ::set-output name=installation-id::123456␊
+    ␊
+    ::set-output name=app-slug::github-actions␊
+    ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
+    ::save-state name=expiresAt::2016-07-11T22:14:10Z`
+
+## main-token-get-owner-set-to-user-repo-unset.test.js
+
+> stderr
+
+    ''
+
+> stdout
+
+    `repositories not set, creating token for all repositories for given owner "smockle"␊
+    ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
+    ␊
+    ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
+    ␊
+    ::set-output name=installation-id::123456␊
+    ␊
+    ::set-output name=app-slug::github-actions␊
+    ::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
+    ::save-state name=expiresAt::2016-07-11T22:14:10Z`
+
 ## main-token-get-owner-unset-repo-set.test.js
 
 > stderr
@@ -238,7 +199,7 @@ Generated by [AVA](https://avajs.dev).
 
 > stdout
 
-    `owner not set, creating owner for given repositories "create-github-app-token" in current owner ("actions")␊
+    `owner not set, creating owner for given repositories "actions/create-github-app-token" in current owner ("actions")␊
     ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
     ␊
     ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊