Simplify proxy environment setup in request.js

Removed undici proxy agent configuration and related error handling. Now only sets NODE_USE_ENV_PROXY to encourage Node to honor standard proxy environment variables.

.github/workflows/publish-immutable-action.yml

@@ -12,6 +12,6 @@ jobs:
       id-token: write
       packages: write
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
       - name: Publish Immutable Action
         uses: actions/publish-immutable-action@v0.0.4

.github/workflows/release.yml

@@ -18,13 +18,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       # build local version to create token
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
         with:
           persist-credentials: false
 
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v4
         with:
           node-version-file: package.json
+          cache: 'npm'
 
       - run: npm ci
       - run: npm run build

.github/workflows/stale.yml

@@ -1,34 +0,0 @@
-# This workflow warns and then closes issues that have had no activity for a specified amount of time.
-# https://github.com/actions/stale
-
-name: Stale
-
-on:
-  workflow_dispatch:
-  schedule:
-    # 00:00 UTC on Mondays
-    - cron: '0 0 * * 1'
-
-permissions:
-  issues: write
-  pull-requests: write
-
-env:
-  DAYS_BEFORE_STALE: 180
-  DAYS_BEFORE_CLOSE: 60
-  STALE_LABEL: 'stale'
-  STALE_LABEL_URL: ${{github.server_url}}/${{github.repository}}/labels/stale
-
-jobs:
-  stale:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/stale@v10
-        with:
-          operations-per-run: 100
-          days-before-stale: ${{ env.DAYS_BEFORE_STALE }}
-          days-before-close: ${{ env.DAYS_BEFORE_CLOSE }}
-          stale-issue-label: ${{ env.STALE_LABEL }}
-          stale-pr-label: ${{ env.STALE_LABEL }}
-          stale-issue-message: 'This issue has been marked ${{ env.STALE_LABEL_URL }} because it has been open for ${{ env.DAYS_BEFORE_STALE }} days with no activity. Please close this issue if it is no longer needed. If this issue is still relevant and you would like it to remain open, simply update it within the next ${{ env.DAYS_BEFORE_CLOSE }} days.'
-          stale-pr-message: 'This pull request has been marked ${{ env.STALE_LABEL_URL }} because it has been open for ${{ env.DAYS_BEFORE_STALE }} days with no activity. Please close this pull request if it is no longer needed. If this pull request is still relevant and you would like it to remain open, simply update it within the next ${{ env.DAYS_BEFORE_CLOSE }} days.'

.github/workflows/test.yml

@@ -4,9 +4,7 @@ on:
   push:
     branches:
       - main
-      - beta
   pull_request:
-  merge_group:
   workflow_dispatch:
 
 concurrency:
@@ -18,32 +16,36 @@ permissions:
 
 jobs:
   integration:
-    name: integration
+    name: Integration
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
 
-      - uses: actions/setup-node@v6
+      - uses: actions/setup-node@v4
         with:
           node-version-file: package.json
+          cache: 'npm'
 
       - run: npm ci
       - run: npm test
 
   end-to-end:
-    name: end-to-end
+    name: End-to-End
     runs-on: ubuntu-latest
     # do not run from forks, as forks don’t have access to repository secrets
-    if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
+    if: github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
     steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v4
         with:
           node-version-file: package.json
+          cache: 'npm'
       - run: npm ci
       - run: npm run build
       - uses: ./ # Uses the action in the root directory
         id: test
+        env:
+          https_proxy: https://example.com
         with:
           app-id: ${{ vars.TEST_APP_ID }}
           private-key: ${{ secrets.TEST_APP_PRIVATE_KEY }}
@@ -54,28 +56,3 @@ jobs:
         with:
           route: GET /installation/repositories
       - run: echo '${{ steps.get-repository.outputs.data }}'
-
-  end-to-end-proxy:
-    name: End-to-End with unreachable proxy
-    runs-on: ubuntu-latest
-    # do not run from forks, as forks don’t have access to repository secrets
-    if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
-    steps:
-      - uses: actions/checkout@v5
-      - uses: actions/setup-node@v4
-        with:
-          node-version-file: package.json
-          cache: 'npm'
-      - run: npm ci
-      - run: npm run build
-      - uses: ./ # Uses the action in the root directory
-        continue-on-error: true
-        id: test
-        env:
-          NODE_USE_ENV_PROXY: "1"
-          https_proxy: http://127.0.0.1:9
-        with:
-          app-id: ${{ vars.TEST_APP_ID }}
-          private-key: ${{ secrets.TEST_APP_PRIVATE_KEY }}
-      - name: Assert action failed through unreachable proxy
-        run: test "${{ steps.test.outcome }}" = "failure"

.github/workflows/update-permission-inputs.yml

@@ -13,30 +13,21 @@ concurrency:
 
 permissions:
   contents: write
-  pull-requests: write
 
 jobs:
   update-permission-inputs:
     runs-on: ubuntu-latest
-    env:
-      COMMIT_MESSAGE: 'feat: update permission inputs'
     steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v4
         with:
           node-version-file: package.json
+          cache: 'npm'
       - name: Install dependencies
         run: npm ci
       - name: Run permission inputs update script
         run: node scripts/update-permission-inputs.js
       - name: Commit changes
-        id: auto-commit
-        uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0
+        uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0
         with:
-          commit_message: ${{ env.COMMIT_MESSAGE }}
-      - name: Update PR title
-        if: github.event_name == 'pull_request' && steps.auto-commit.outputs.changes_detected == 'true'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          gh pr edit ${{ github.event.pull_request.number }} --title "${{ env.COMMIT_MESSAGE }}"
+          commit_message: 'feat: update permission inputs'

README.md

@@ -296,24 +296,6 @@ jobs:
           GITHUB_TOKEN: ${{ steps.create_token.outputs.token }}
 ```
 
-### Proxy support
-
-This action relies on Node.js native proxy support.
-
-If you set `HTTP_PROXY` or `HTTPS_PROXY`, also set `NODE_USE_ENV_PROXY: "1"` on the action step so Node.js honors those variables. If you need proxy bypass rules, set `NO_PROXY` alongside them.
-
-```yaml
-- uses: actions/create-github-app-token@v3
-  id: app-token
-  env:
-    HTTPS_PROXY: http://proxy.example.com:8080
-    NO_PROXY: github.example.com
-    NODE_USE_ENV_PROXY: "1"
-  with:
-    app-id: ${{ vars.APP_ID }}
-    private-key: ${{ secrets.PRIVATE_KEY }}
-```
-
 ## Inputs
 
 ### `app-id`

action.yml

@@ -37,16 +37,12 @@ inputs:
     description: "The level of permission to grant the access token to create, edit, delete, and list Codespaces. Can be set to 'read' or 'write'."
   permission-contents:
     description: "The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be set to 'read' or 'write'."
-  permission-custom-properties-for-organizations:
-    description: "The level of permission to grant the access token to view and edit custom properties for an organization, when allowed by the property. Can be set to 'read' or 'write'."
   permission-dependabot-secrets:
     description: "The level of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'."
   permission-deployments:
     description: "The level of permission to grant the access token for deployments and deployment statuses. Can be set to 'read' or 'write'."
   permission-email-addresses:
     description: "The level of permission to grant the access token to manage the email addresses belonging to a user. Can be set to 'read' or 'write'."
-  permission-enterprise-custom-properties-for-organizations:
-    description: "The level of permission to grant the access token for organization custom properties management at the enterprise level. Can be set to 'read', 'write', or 'admin'."
   permission-environments:
     description: "The level of permission to grant the access token for managing repository environments. Can be set to 'read' or 'write'."
   permission-followers:
@@ -72,7 +68,7 @@ inputs:
   permission-organization-custom-org-roles:
     description: "The level of permission to grant the access token for custom organization roles management. Can be set to 'read' or 'write'."
   permission-organization-custom-properties:
-    description: "The level of permission to grant the access token for repository custom properties management at the organization level. Can be set to 'read', 'write', or 'admin'."
+    description: "The level of permission to grant the access token for custom property management. Can be set to 'read', 'write', or 'admin'."
   permission-organization-custom-roles:
     description: "The level of permission to grant the access token for custom repository roles management. Can be set to 'read' or 'write'."
   permission-organization-events:

dist/post.cjs

@@ -227,10 +227,10 @@ var require_proxy = __commonJS({
       })();
       if (proxyVar) {
         try {
-          return new URL(proxyVar);
+          return new DecodedURL(proxyVar);
         } catch (_a) {
           if (!proxyVar.startsWith("http://") && !proxyVar.startsWith("https://"))
-            return new URL(`http://${proxyVar}`);
+            return new DecodedURL(`http://${proxyVar}`);
         }
       } else {
         return void 0;
@@ -273,6 +273,19 @@ var require_proxy = __commonJS({
       const hostLower = host.toLowerCase();
       return hostLower === "localhost" || hostLower.startsWith("127.") || hostLower.startsWith("[::1]") || hostLower.startsWith("[0:0:0:0:0:0:0:1]");
     }
+    var DecodedURL = class extends URL {
+      constructor(url, base) {
+        super(url, base);
+        this._decodedUsername = decodeURIComponent(super.username);
+        this._decodedPassword = decodeURIComponent(super.password);
+      }
+      get username() {
+        return this._decodedUsername;
+      }
+      get password() {
+        return this._decodedPassword;
+      }
+    };
   }
 });
 
@@ -517,67 +530,67 @@ var require_tunnel2 = __commonJS({
 var require_symbols = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/core/symbols.js"(exports2, module2) {
     module2.exports = {
-      kClose: /* @__PURE__ */ Symbol("close"),
-      kDestroy: /* @__PURE__ */ Symbol("destroy"),
-      kDispatch: /* @__PURE__ */ Symbol("dispatch"),
-      kUrl: /* @__PURE__ */ Symbol("url"),
-      kWriting: /* @__PURE__ */ Symbol("writing"),
-      kResuming: /* @__PURE__ */ Symbol("resuming"),
-      kQueue: /* @__PURE__ */ Symbol("queue"),
-      kConnect: /* @__PURE__ */ Symbol("connect"),
-      kConnecting: /* @__PURE__ */ Symbol("connecting"),
-      kHeadersList: /* @__PURE__ */ Symbol("headers list"),
-      kKeepAliveDefaultTimeout: /* @__PURE__ */ Symbol("default keep alive timeout"),
-      kKeepAliveMaxTimeout: /* @__PURE__ */ Symbol("max keep alive timeout"),
-      kKeepAliveTimeoutThreshold: /* @__PURE__ */ Symbol("keep alive timeout threshold"),
-      kKeepAliveTimeoutValue: /* @__PURE__ */ Symbol("keep alive timeout"),
-      kKeepAlive: /* @__PURE__ */ Symbol("keep alive"),
-      kHeadersTimeout: /* @__PURE__ */ Symbol("headers timeout"),
-      kBodyTimeout: /* @__PURE__ */ Symbol("body timeout"),
-      kServerName: /* @__PURE__ */ Symbol("server name"),
-      kLocalAddress: /* @__PURE__ */ Symbol("local address"),
-      kHost: /* @__PURE__ */ Symbol("host"),
-      kNoRef: /* @__PURE__ */ Symbol("no ref"),
-      kBodyUsed: /* @__PURE__ */ Symbol("used"),
-      kRunning: /* @__PURE__ */ Symbol("running"),
-      kBlocking: /* @__PURE__ */ Symbol("blocking"),
-      kPending: /* @__PURE__ */ Symbol("pending"),
-      kSize: /* @__PURE__ */ Symbol("size"),
-      kBusy: /* @__PURE__ */ Symbol("busy"),
-      kQueued: /* @__PURE__ */ Symbol("queued"),
-      kFree: /* @__PURE__ */ Symbol("free"),
-      kConnected: /* @__PURE__ */ Symbol("connected"),
-      kClosed: /* @__PURE__ */ Symbol("closed"),
-      kNeedDrain: /* @__PURE__ */ Symbol("need drain"),
-      kReset: /* @__PURE__ */ Symbol("reset"),
-      kDestroyed: /* @__PURE__ */ Symbol.for("nodejs.stream.destroyed"),
-      kMaxHeadersSize: /* @__PURE__ */ Symbol("max headers size"),
-      kRunningIdx: /* @__PURE__ */ Symbol("running index"),
-      kPendingIdx: /* @__PURE__ */ Symbol("pending index"),
-      kError: /* @__PURE__ */ Symbol("error"),
-      kClients: /* @__PURE__ */ Symbol("clients"),
-      kClient: /* @__PURE__ */ Symbol("client"),
-      kParser: /* @__PURE__ */ Symbol("parser"),
-      kOnDestroyed: /* @__PURE__ */ Symbol("destroy callbacks"),
-      kPipelining: /* @__PURE__ */ Symbol("pipelining"),
-      kSocket: /* @__PURE__ */ Symbol("socket"),
-      kHostHeader: /* @__PURE__ */ Symbol("host header"),
-      kConnector: /* @__PURE__ */ Symbol("connector"),
-      kStrictContentLength: /* @__PURE__ */ Symbol("strict content length"),
-      kMaxRedirections: /* @__PURE__ */ Symbol("maxRedirections"),
-      kMaxRequests: /* @__PURE__ */ Symbol("maxRequestsPerClient"),
-      kProxy: /* @__PURE__ */ Symbol("proxy agent options"),
-      kCounter: /* @__PURE__ */ Symbol("socket request counter"),
-      kInterceptors: /* @__PURE__ */ Symbol("dispatch interceptors"),
-      kMaxResponseSize: /* @__PURE__ */ Symbol("max response size"),
-      kHTTP2Session: /* @__PURE__ */ Symbol("http2Session"),
-      kHTTP2SessionState: /* @__PURE__ */ Symbol("http2Session state"),
-      kHTTP2BuildRequest: /* @__PURE__ */ Symbol("http2 build request"),
-      kHTTP1BuildRequest: /* @__PURE__ */ Symbol("http1 build request"),
-      kHTTP2CopyHeaders: /* @__PURE__ */ Symbol("http2 copy headers"),
-      kHTTPConnVersion: /* @__PURE__ */ Symbol("http connection version"),
-      kRetryHandlerDefaultRetry: /* @__PURE__ */ Symbol("retry agent default retry"),
-      kConstruct: /* @__PURE__ */ Symbol("constructable")
+      kClose: Symbol("close"),
+      kDestroy: Symbol("destroy"),
+      kDispatch: Symbol("dispatch"),
+      kUrl: Symbol("url"),
+      kWriting: Symbol("writing"),
+      kResuming: Symbol("resuming"),
+      kQueue: Symbol("queue"),
+      kConnect: Symbol("connect"),
+      kConnecting: Symbol("connecting"),
+      kHeadersList: Symbol("headers list"),
+      kKeepAliveDefaultTimeout: Symbol("default keep alive timeout"),
+      kKeepAliveMaxTimeout: Symbol("max keep alive timeout"),
+      kKeepAliveTimeoutThreshold: Symbol("keep alive timeout threshold"),
+      kKeepAliveTimeoutValue: Symbol("keep alive timeout"),
+      kKeepAlive: Symbol("keep alive"),
+      kHeadersTimeout: Symbol("headers timeout"),
+      kBodyTimeout: Symbol("body timeout"),
+      kServerName: Symbol("server name"),
+      kLocalAddress: Symbol("local address"),
+      kHost: Symbol("host"),
+      kNoRef: Symbol("no ref"),
+      kBodyUsed: Symbol("used"),
+      kRunning: Symbol("running"),
+      kBlocking: Symbol("blocking"),
+      kPending: Symbol("pending"),
+      kSize: Symbol("size"),
+      kBusy: Symbol("busy"),
+      kQueued: Symbol("queued"),
+      kFree: Symbol("free"),
+      kConnected: Symbol("connected"),
+      kClosed: Symbol("closed"),
+      kNeedDrain: Symbol("need drain"),
+      kReset: Symbol("reset"),
+      kDestroyed: Symbol.for("nodejs.stream.destroyed"),
+      kMaxHeadersSize: Symbol("max headers size"),
+      kRunningIdx: Symbol("running index"),
+      kPendingIdx: Symbol("pending index"),
+      kError: Symbol("error"),
+      kClients: Symbol("clients"),
+      kClient: Symbol("client"),
+      kParser: Symbol("parser"),
+      kOnDestroyed: Symbol("destroy callbacks"),
+      kPipelining: Symbol("pipelining"),
+      kSocket: Symbol("socket"),
+      kHostHeader: Symbol("host header"),
+      kConnector: Symbol("connector"),
+      kStrictContentLength: Symbol("strict content length"),
+      kMaxRedirections: Symbol("maxRedirections"),
+      kMaxRequests: Symbol("maxRequestsPerClient"),
+      kProxy: Symbol("proxy agent options"),
+      kCounter: Symbol("socket request counter"),
+      kInterceptors: Symbol("dispatch interceptors"),
+      kMaxResponseSize: Symbol("max response size"),
+      kHTTP2Session: Symbol("http2Session"),
+      kHTTP2SessionState: Symbol("http2Session state"),
+      kHTTP2BuildRequest: Symbol("http2 build request"),
+      kHTTP1BuildRequest: Symbol("http1 build request"),
+      kHTTP2CopyHeaders: Symbol("http2 copy headers"),
+      kHTTPConnVersion: Symbol("http connection version"),
+      kRetryHandlerDefaultRetry: Symbol("retry agent default retry"),
+      kConstruct: Symbol("constructable")
     };
   }
 });
@@ -3572,7 +3585,7 @@ var require_constants2 = __commonJS({
 var require_global = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/fetch/global.js"(exports2, module2) {
     "use strict";
-    var globalOrigin = /* @__PURE__ */ Symbol.for("undici.globalOrigin.1");
+    var globalOrigin = Symbol.for("undici.globalOrigin.1");
     function getGlobalOrigin() {
       return globalThis[globalOrigin];
     }
@@ -4224,12 +4237,12 @@ var require_symbols2 = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/fetch/symbols.js"(exports2, module2) {
     "use strict";
     module2.exports = {
-      kUrl: /* @__PURE__ */ Symbol("url"),
-      kHeaders: /* @__PURE__ */ Symbol("headers"),
-      kSignal: /* @__PURE__ */ Symbol("signal"),
-      kState: /* @__PURE__ */ Symbol("state"),
-      kGuard: /* @__PURE__ */ Symbol("guard"),
-      kRealm: /* @__PURE__ */ Symbol("realm")
+      kUrl: Symbol("url"),
+      kHeaders: Symbol("headers"),
+      kSignal: Symbol("signal"),
+      kState: Symbol("state"),
+      kGuard: Symbol("guard"),
+      kRealm: Symbol("realm")
     };
   }
 });
@@ -5622,7 +5635,7 @@ var require_request = __commonJS({
     var tokenRegExp = /^[\^_`a-zA-Z\-0-9!#$%&'*+.|~]+$/;
     var headerCharRegex = /[^\t\x20-\x7e\x80-\xff]/;
     var invalidPathRegex = /[^\u0021-\u00ff]/;
-    var kHandler = /* @__PURE__ */ Symbol("handler");
+    var kHandler = Symbol("handler");
     var channels = {};
     var extractBody;
     try {
@@ -6009,11 +6022,11 @@ var require_dispatcher_base = __commonJS({
       InvalidArgumentError
     } = require_errors();
     var { kDestroy, kClose, kDispatch, kInterceptors } = require_symbols();
-    var kDestroyed = /* @__PURE__ */ Symbol("destroyed");
-    var kClosed = /* @__PURE__ */ Symbol("closed");
-    var kOnDestroyed = /* @__PURE__ */ Symbol("onDestroyed");
-    var kOnClosed = /* @__PURE__ */ Symbol("onClosed");
-    var kInterceptedDispatch = /* @__PURE__ */ Symbol("Intercepted Dispatch");
+    var kDestroyed = Symbol("destroyed");
+    var kClosed = Symbol("closed");
+    var kOnDestroyed = Symbol("onDestroyed");
+    var kOnClosed = Symbol("onClosed");
+    var kInterceptedDispatch = Symbol("Intercepted Dispatch");
     var DispatcherBase = class extends Dispatcher {
       constructor() {
         super();
@@ -6668,7 +6681,7 @@ var require_RedirectHandler = __commonJS({
     var { InvalidArgumentError } = require_errors();
     var EE = require("events");
     var redirectableStatusCodes = [300, 301, 302, 303, 307, 308];
-    var kBody = /* @__PURE__ */ Symbol("body");
+    var kBody = Symbol("body");
     var BodyAsyncIterable = class {
       constructor(body) {
         this[kBody] = body;
@@ -6942,7 +6955,7 @@ var require_client = __commonJS({
     } = http2;
     var h2ExperimentalWarned = false;
     var FastBuffer = Buffer[Symbol.species];
-    var kClosedResolve = /* @__PURE__ */ Symbol("kClosedResolve");
+    var kClosedResolve = Symbol("kClosedResolve");
     var channels = {};
     try {
       const diagnosticsChannel = require("diagnostics_channel");
@@ -8612,7 +8625,7 @@ var require_fixed_queue = __commonJS({
 var require_pool_stats = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/pool-stats.js"(exports2, module2) {
     var { kFree, kConnected, kPending, kQueued, kRunning, kSize } = require_symbols();
-    var kPool = /* @__PURE__ */ Symbol("pool");
+    var kPool = Symbol("pool");
     var PoolStats = class {
       constructor(pool) {
         this[kPool] = pool;
@@ -8648,18 +8661,18 @@ var require_pool_base = __commonJS({
     var FixedQueue = require_fixed_queue();
     var { kConnected, kSize, kRunning, kPending, kQueued, kBusy, kFree, kUrl, kClose, kDestroy, kDispatch } = require_symbols();
     var PoolStats = require_pool_stats();
-    var kClients = /* @__PURE__ */ Symbol("clients");
-    var kNeedDrain = /* @__PURE__ */ Symbol("needDrain");
-    var kQueue = /* @__PURE__ */ Symbol("queue");
-    var kClosedResolve = /* @__PURE__ */ Symbol("closed resolve");
-    var kOnDrain = /* @__PURE__ */ Symbol("onDrain");
-    var kOnConnect = /* @__PURE__ */ Symbol("onConnect");
-    var kOnDisconnect = /* @__PURE__ */ Symbol("onDisconnect");
-    var kOnConnectionError = /* @__PURE__ */ Symbol("onConnectionError");
-    var kGetDispatcher = /* @__PURE__ */ Symbol("get dispatcher");
-    var kAddClient = /* @__PURE__ */ Symbol("add client");
-    var kRemoveClient = /* @__PURE__ */ Symbol("remove client");
-    var kStats = /* @__PURE__ */ Symbol("stats");
+    var kClients = Symbol("clients");
+    var kNeedDrain = Symbol("needDrain");
+    var kQueue = Symbol("queue");
+    var kClosedResolve = Symbol("closed resolve");
+    var kOnDrain = Symbol("onDrain");
+    var kOnConnect = Symbol("onConnect");
+    var kOnDisconnect = Symbol("onDisconnect");
+    var kOnConnectionError = Symbol("onConnectionError");
+    var kGetDispatcher = Symbol("get dispatcher");
+    var kAddClient = Symbol("add client");
+    var kRemoveClient = Symbol("remove client");
+    var kStats = Symbol("stats");
     var PoolBase = class extends DispatcherBase {
       constructor() {
         super();
@@ -8813,9 +8826,9 @@ var require_pool = __commonJS({
     var util = require_util();
     var { kUrl, kInterceptors } = require_symbols();
     var buildConnector = require_connect();
-    var kOptions = /* @__PURE__ */ Symbol("options");
-    var kConnections = /* @__PURE__ */ Symbol("connections");
-    var kFactory = /* @__PURE__ */ Symbol("factory");
+    var kOptions = Symbol("options");
+    var kConnections = Symbol("connections");
+    var kFactory = Symbol("factory");
     function defaultFactory(origin, opts) {
       return new Client(origin, opts);
     }
@@ -8904,14 +8917,14 @@ var require_balanced_pool = __commonJS({
     var Pool = require_pool();
     var { kUrl, kInterceptors } = require_symbols();
     var { parseOrigin } = require_util();
-    var kFactory = /* @__PURE__ */ Symbol("factory");
-    var kOptions = /* @__PURE__ */ Symbol("options");
-    var kGreatestCommonDivisor = /* @__PURE__ */ Symbol("kGreatestCommonDivisor");
-    var kCurrentWeight = /* @__PURE__ */ Symbol("kCurrentWeight");
-    var kIndex = /* @__PURE__ */ Symbol("kIndex");
-    var kWeight = /* @__PURE__ */ Symbol("kWeight");
-    var kMaxWeightPerServer = /* @__PURE__ */ Symbol("kMaxWeightPerServer");
-    var kErrorPenalty = /* @__PURE__ */ Symbol("kErrorPenalty");
+    var kFactory = Symbol("factory");
+    var kOptions = Symbol("options");
+    var kGreatestCommonDivisor = Symbol("kGreatestCommonDivisor");
+    var kCurrentWeight = Symbol("kCurrentWeight");
+    var kIndex = Symbol("kIndex");
+    var kWeight = Symbol("kWeight");
+    var kMaxWeightPerServer = Symbol("kMaxWeightPerServer");
+    var kErrorPenalty = Symbol("kErrorPenalty");
     function getGreatestCommonDivisor(a, b) {
       if (b === 0) return a;
       return getGreatestCommonDivisor(b, a % b);
@@ -9074,14 +9087,14 @@ var require_agent = __commonJS({
     var util = require_util();
     var createRedirectInterceptor = require_redirectInterceptor();
     var { WeakRef: WeakRef2, FinalizationRegistry } = require_dispatcher_weakref()();
-    var kOnConnect = /* @__PURE__ */ Symbol("onConnect");
-    var kOnDisconnect = /* @__PURE__ */ Symbol("onDisconnect");
-    var kOnConnectionError = /* @__PURE__ */ Symbol("onConnectionError");
-    var kMaxRedirections = /* @__PURE__ */ Symbol("maxRedirections");
-    var kOnDrain = /* @__PURE__ */ Symbol("onDrain");
-    var kFactory = /* @__PURE__ */ Symbol("factory");
-    var kFinalizer = /* @__PURE__ */ Symbol("finalizer");
-    var kOptions = /* @__PURE__ */ Symbol("options");
+    var kOnConnect = Symbol("onConnect");
+    var kOnDisconnect = Symbol("onDisconnect");
+    var kOnConnectionError = Symbol("onConnectionError");
+    var kMaxRedirections = Symbol("maxRedirections");
+    var kOnDrain = Symbol("onDrain");
+    var kFactory = Symbol("factory");
+    var kFinalizer = Symbol("finalizer");
+    var kOptions = Symbol("options");
     function defaultFactory(origin, opts) {
       return opts && opts.connections === 1 ? new Client(origin, opts) : new Pool(origin, opts);
     }
@@ -9190,12 +9203,12 @@ var require_readable = __commonJS({
     var util = require_util();
     var { ReadableStreamFrom, toUSVString } = require_util();
     var Blob2;
-    var kConsume = /* @__PURE__ */ Symbol("kConsume");
-    var kReading = /* @__PURE__ */ Symbol("kReading");
-    var kBody = /* @__PURE__ */ Symbol("kBody");
-    var kAbort = /* @__PURE__ */ Symbol("abort");
-    var kContentType = /* @__PURE__ */ Symbol("kContentType");
-    var noop2 = () => {
+    var kConsume = Symbol("kConsume");
+    var kReading = Symbol("kReading");
+    var kBody = Symbol("kBody");
+    var kAbort = Symbol("abort");
+    var kContentType = Symbol("kContentType");
+    var noop = () => {
     };
     module2.exports = class BodyReadable extends Readable {
       constructor({
@@ -9317,7 +9330,7 @@ var require_readable = __commonJS({
         return new Promise((resolve, reject) => {
           const signalListenerCleanup = signal ? util.addAbortListener(signal, () => {
             this.destroy();
-          }) : noop2;
+          }) : noop;
           this.on("close", function() {
             signalListenerCleanup();
             if (signal && signal.aborted) {
@@ -9325,7 +9338,7 @@ var require_readable = __commonJS({
             } else {
               resolve(null);
             }
-          }).on("error", noop2).on("data", function(chunk) {
+          }).on("error", noop).on("data", function(chunk) {
             limit -= chunk.length;
             if (limit <= 0) {
               this.destroy();
@@ -9480,8 +9493,8 @@ var require_abort_signal = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/api/abort-signal.js"(exports2, module2) {
     var { addAbortListener } = require_util();
     var { RequestAbortedError } = require_errors();
-    var kListener = /* @__PURE__ */ Symbol("kListener");
-    var kSignal = /* @__PURE__ */ Symbol("kSignal");
+    var kListener = Symbol("kListener");
+    var kSignal = Symbol("kSignal");
     function abort(self) {
       if (self.abort) {
         self.abort();
@@ -9870,7 +9883,7 @@ var require_api_pipeline = __commonJS({
     var { AsyncResource } = require("async_hooks");
     var { addSignal, removeSignal } = require_abort_signal();
     var assert = require("assert");
-    var kResume = /* @__PURE__ */ Symbol("resume");
+    var kResume = Symbol("resume");
     var PipelineRequest = class extends Readable {
       constructor() {
         super({ autoDestroy: true });
@@ -10264,25 +10277,25 @@ var require_mock_symbols = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/mock/mock-symbols.js"(exports2, module2) {
     "use strict";
     module2.exports = {
-      kAgent: /* @__PURE__ */ Symbol("agent"),
-      kOptions: /* @__PURE__ */ Symbol("options"),
-      kFactory: /* @__PURE__ */ Symbol("factory"),
-      kDispatches: /* @__PURE__ */ Symbol("dispatches"),
-      kDispatchKey: /* @__PURE__ */ Symbol("dispatch key"),
-      kDefaultHeaders: /* @__PURE__ */ Symbol("default headers"),
-      kDefaultTrailers: /* @__PURE__ */ Symbol("default trailers"),
-      kContentLength: /* @__PURE__ */ Symbol("content length"),
-      kMockAgent: /* @__PURE__ */ Symbol("mock agent"),
-      kMockAgentSet: /* @__PURE__ */ Symbol("mock agent set"),
-      kMockAgentGet: /* @__PURE__ */ Symbol("mock agent get"),
-      kMockDispatch: /* @__PURE__ */ Symbol("mock dispatch"),
-      kClose: /* @__PURE__ */ Symbol("close"),
-      kOriginalClose: /* @__PURE__ */ Symbol("original agent close"),
-      kOrigin: /* @__PURE__ */ Symbol("origin"),
-      kIsMockActive: /* @__PURE__ */ Symbol("is mock active"),
-      kNetConnect: /* @__PURE__ */ Symbol("net connect"),
-      kGetNetConnect: /* @__PURE__ */ Symbol("get net connect"),
-      kConnected: /* @__PURE__ */ Symbol("connected")
+      kAgent: Symbol("agent"),
+      kOptions: Symbol("options"),
+      kFactory: Symbol("factory"),
+      kDispatches: Symbol("dispatches"),
+      kDispatchKey: Symbol("dispatch key"),
+      kDefaultHeaders: Symbol("default headers"),
+      kDefaultTrailers: Symbol("default trailers"),
+      kContentLength: Symbol("content length"),
+      kMockAgent: Symbol("mock agent"),
+      kMockAgentSet: Symbol("mock agent set"),
+      kMockAgentGet: Symbol("mock agent get"),
+      kMockDispatch: Symbol("mock dispatch"),
+      kClose: Symbol("close"),
+      kOriginalClose: Symbol("original agent close"),
+      kOrigin: Symbol("origin"),
+      kIsMockActive: Symbol("is mock active"),
+      kNetConnect: Symbol("net connect"),
+      kGetNetConnect: Symbol("get net connect"),
+      kConnected: Symbol("connected")
     };
   }
 });
@@ -11054,12 +11067,12 @@ var require_proxy_agent = __commonJS({
     var DispatcherBase = require_dispatcher_base();
     var { InvalidArgumentError, RequestAbortedError } = require_errors();
     var buildConnector = require_connect();
-    var kAgent = /* @__PURE__ */ Symbol("proxy agent");
-    var kClient = /* @__PURE__ */ Symbol("proxy client");
-    var kProxyHeaders = /* @__PURE__ */ Symbol("proxy headers");
-    var kRequestTls = /* @__PURE__ */ Symbol("request tls settings");
-    var kProxyTls = /* @__PURE__ */ Symbol("proxy tls settings");
-    var kConnectEndpoint = /* @__PURE__ */ Symbol("connect endpoint function");
+    var kAgent = Symbol("proxy agent");
+    var kClient = Symbol("proxy client");
+    var kProxyHeaders = Symbol("proxy headers");
+    var kRequestTls = Symbol("request tls settings");
+    var kProxyTls = Symbol("proxy tls settings");
+    var kConnectEndpoint = Symbol("connect endpoint function");
     function defaultProtocolPort(protocol) {
       return protocol === "https:" ? 443 : 80;
     }
@@ -11466,7 +11479,7 @@ var require_RetryHandler = __commonJS({
 var require_global2 = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/global.js"(exports2, module2) {
     "use strict";
-    var globalDispatcher = /* @__PURE__ */ Symbol.for("undici.globalDispatcher.1");
+    var globalDispatcher = Symbol.for("undici.globalDispatcher.1");
     var { InvalidArgumentError } = require_errors();
     var Agent = require_agent();
     if (getGlobalDispatcher() === void 0) {
@@ -11541,8 +11554,8 @@ var require_headers = __commonJS({
     var util = require("util");
     var { webidl } = require_webidl();
     var assert = require("assert");
-    var kHeadersMap = /* @__PURE__ */ Symbol("headers map");
-    var kHeadersSortedMap = /* @__PURE__ */ Symbol("headers map sorted");
+    var kHeadersMap = Symbol("headers map");
+    var kHeadersSortedMap = Symbol("headers map sorted");
     function isHTTPWhiteSpaceCharCode(code) {
       return code === 10 || code === 13 || code === 9 || code === 32;
     }
@@ -11869,7 +11882,7 @@ var require_headers = __commonJS({
           callbackFn.apply(thisArg, [value, key, this]);
         }
       }
-      [/* @__PURE__ */ Symbol.for("nodejs.util.inspect.custom")]() {
+      [Symbol.for("nodejs.util.inspect.custom")]() {
         webidl.brandCheck(this, _Headers);
         return this[kHeadersList];
       }
@@ -12329,7 +12342,7 @@ var require_request2 = __commonJS({
     var assert = require("assert");
     var { getMaxListeners, setMaxListeners, getEventListeners, defaultMaxListeners } = require("events");
     var TransformStream = globalThis.TransformStream;
-    var kAbortController = /* @__PURE__ */ Symbol("abortController");
+    var kAbortController = Symbol("abortController");
     var requestFinalizer = new FinalizationRegistry(({ signal, abort }) => {
       signal.removeEventListener("abort", abort);
     });
@@ -13975,12 +13988,12 @@ var require_symbols3 = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/fileapi/symbols.js"(exports2, module2) {
     "use strict";
     module2.exports = {
-      kState: /* @__PURE__ */ Symbol("FileReader state"),
-      kResult: /* @__PURE__ */ Symbol("FileReader result"),
-      kError: /* @__PURE__ */ Symbol("FileReader error"),
-      kLastProgressEventFired: /* @__PURE__ */ Symbol("FileReader last progress event fired timestamp"),
-      kEvents: /* @__PURE__ */ Symbol("FileReader events"),
-      kAborted: /* @__PURE__ */ Symbol("FileReader aborted")
+      kState: Symbol("FileReader state"),
+      kResult: Symbol("FileReader result"),
+      kError: Symbol("FileReader error"),
+      kLastProgressEventFired: Symbol("FileReader last progress event fired timestamp"),
+      kEvents: Symbol("FileReader events"),
+      kAborted: Symbol("FileReader aborted")
     };
   }
 });
@@ -13990,7 +14003,7 @@ var require_progressevent = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/fileapi/progressevent.js"(exports2, module2) {
     "use strict";
     var { webidl } = require_webidl();
-    var kState = /* @__PURE__ */ Symbol("ProgressEvent state");
+    var kState = Symbol("ProgressEvent state");
     var ProgressEvent = class _ProgressEvent extends Event {
       constructor(type, eventInitDict = {}) {
         type = webidl.converters.DOMString(type);
@@ -15940,14 +15953,14 @@ var require_symbols5 = __commonJS({
   "node_modules/@actions/http-client/node_modules/undici/lib/websocket/symbols.js"(exports2, module2) {
     "use strict";
     module2.exports = {
-      kWebSocketURL: /* @__PURE__ */ Symbol("url"),
-      kReadyState: /* @__PURE__ */ Symbol("ready state"),
-      kController: /* @__PURE__ */ Symbol("controller"),
-      kResponse: /* @__PURE__ */ Symbol("response"),
-      kBinaryType: /* @__PURE__ */ Symbol("binary type"),
-      kSentClose: /* @__PURE__ */ Symbol("sent close"),
-      kReceivedClose: /* @__PURE__ */ Symbol("received close"),
-      kByteParser: /* @__PURE__ */ Symbol("byte parser")
+      kWebSocketURL: Symbol("url"),
+      kReadyState: Symbol("ready state"),
+      kController: Symbol("controller"),
+      kResponse: Symbol("response"),
+      kBinaryType: Symbol("binary type"),
+      kSentClose: Symbol("sent close"),
+      kReceivedClose: Symbol("received close"),
+      kByteParser: Symbol("byte parser")
     };
   }
 });
@@ -17812,7 +17825,7 @@ var require_lib = __commonJS({
         }
         const usingSsl = parsedUrl.protocol === "https:";
         proxyAgent = new undici_1.ProxyAgent(Object.assign({ uri: proxyUrl.href, pipelining: !this._keepAlive ? 0 : 1 }, (proxyUrl.username || proxyUrl.password) && {
-          token: `${proxyUrl.username}:${proxyUrl.password}`
+          token: `Basic ${Buffer.from(`${proxyUrl.username}:${proxyUrl.password}`).toString("base64")}`
         }));
         this._proxyAgentDispatcher = proxyAgent;
         if (usingSsl && this._ignoreSslError) {
@@ -20076,7 +20089,7 @@ function isKeyOperator(operator) {
 function getValues(context, operator, key, modifier) {
   var value = context[key], result = [];
   if (isDefined(value) && value !== "") {
-    if (typeof value === "string" || typeof value === "number" || typeof value === "bigint" || typeof value === "boolean") {
+    if (typeof value === "string" || typeof value === "number" || typeof value === "boolean") {
       value = value.toString();
       if (modifier && modifier !== "*") {
         value = value.substring(0, parseInt(modifier, 10));
@@ -20257,92 +20270,6 @@ var endpoint = withDefaults(null, DEFAULTS);
 // node_modules/@octokit/request/dist-bundle/index.js
 var import_fast_content_type_parse = __toESM(require_fast_content_type_parse(), 1);
 
-// node_modules/json-with-bigint/json-with-bigint.js
-var intRegex = /^-?\d+$/;
-var noiseValue = /^-?\d+n+$/;
-var originalStringify = JSON.stringify;
-var originalParse = JSON.parse;
-var customFormat = /^-?\d+n$/;
-var bigIntsStringify = /([\[:])?"(-?\d+)n"($|([\\n]|\s)*(\s|[\\n])*[,\}\]])/g;
-var noiseStringify = /([\[:])?("-?\d+n+)n("$|"([\\n]|\s)*(\s|[\\n])*[,\}\]])/g;
-var JSONStringify = (value, replacer, space) => {
-  if ("rawJSON" in JSON) {
-    return originalStringify(
-      value,
-      (key, value2) => {
-        if (typeof value2 === "bigint") return JSON.rawJSON(value2.toString());
-        if (typeof replacer === "function") return replacer(key, value2);
-        if (Array.isArray(replacer) && replacer.includes(key)) return value2;
-        return value2;
-      },
-      space
-    );
-  }
-  if (!value) return originalStringify(value, replacer, space);
-  const convertedToCustomJSON = originalStringify(
-    value,
-    (key, value2) => {
-      const isNoise = typeof value2 === "string" && Boolean(value2.match(noiseValue));
-      if (isNoise) return value2.toString() + "n";
-      if (typeof value2 === "bigint") return value2.toString() + "n";
-      if (typeof replacer === "function") return replacer(key, value2);
-      if (Array.isArray(replacer) && replacer.includes(key)) return value2;
-      return value2;
-    },
-    space
-  );
-  const processedJSON = convertedToCustomJSON.replace(
-    bigIntsStringify,
-    "$1$2$3"
-  );
-  const denoisedJSON = processedJSON.replace(noiseStringify, "$1$2$3");
-  return denoisedJSON;
-};
-var isContextSourceSupported = () => JSON.parse("1", (_, __, context) => !!context && context.source === "1");
-var convertMarkedBigIntsReviver = (key, value, context, userReviver) => {
-  const isCustomFormatBigInt = typeof value === "string" && value.match(customFormat);
-  if (isCustomFormatBigInt) return BigInt(value.slice(0, -1));
-  const isNoiseValue = typeof value === "string" && value.match(noiseValue);
-  if (isNoiseValue) return value.slice(0, -1);
-  if (typeof userReviver !== "function") return value;
-  return userReviver(key, value, context);
-};
-var JSONParseV2 = (text, reviver) => {
-  return JSON.parse(text, (key, value, context) => {
-    const isBigNumber = typeof value === "number" && (value > Number.MAX_SAFE_INTEGER || value < Number.MIN_SAFE_INTEGER);
-    const isInt = context && intRegex.test(context.source);
-    const isBigInt = isBigNumber && isInt;
-    if (isBigInt) return BigInt(context.source);
-    if (typeof reviver !== "function") return value;
-    return reviver(key, value, context);
-  });
-};
-var MAX_INT = Number.MAX_SAFE_INTEGER.toString();
-var MAX_DIGITS = MAX_INT.length;
-var stringsOrLargeNumbers = /"(?:\\.|[^"])*"|-?(0|[1-9][0-9]*)(\.[0-9]+)?([eE][+-]?[0-9]+)?/g;
-var noiseValueWithQuotes = /^"-?\d+n+"$/;
-var JSONParse = (text, reviver) => {
-  if (!text) return originalParse(text, reviver);
-  if (isContextSourceSupported()) return JSONParseV2(text, reviver);
-  const serializedData = text.replace(
-    stringsOrLargeNumbers,
-    (text2, digits, fractional, exponential) => {
-      const isString = text2[0] === '"';
-      const isNoise = isString && Boolean(text2.match(noiseValueWithQuotes));
-      if (isNoise) return text2.substring(0, text2.length - 1) + 'n"';
-      const isFractionalOrExponential = fractional || exponential;
-      const isLessThanMaxSafeInt = digits && (digits.length < MAX_DIGITS || digits.length === MAX_DIGITS && digits <= MAX_INT);
-      if (isString || isFractionalOrExponential || isLessThanMaxSafeInt)
-        return text2;
-      return '"' + text2 + 'n"';
-    }
-  );
-  return originalParse(
-    serializedData,
-    (key, value, context) => convertMarkedBigIntsReviver(key, value, context, reviver)
-  );
-};
-
 // node_modules/@octokit/request-error/dist-src/index.js
 var RequestError = class extends Error {
   name;
@@ -20359,7 +20286,7 @@ var RequestError = class extends Error {
    */
   response;
   constructor(message, statusCode, options) {
-    super(message, { cause: options.cause });
+    super(message);
     this.name = "HttpError";
     this.status = Number.parseInt(statusCode);
     if (Number.isNaN(this.status)) {
@@ -20383,7 +20310,7 @@ var RequestError = class extends Error {
 };
 
 // node_modules/@octokit/request/dist-bundle/index.js
-var VERSION2 = "10.0.8";
+var VERSION2 = "9.2.4";
 var defaults_default = {
   headers: {
     "user-agent": `octokit-request.js/${VERSION2} ${getUserAgent()}`
@@ -20397,7 +20324,6 @@ function isPlainObject2(value) {
   const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor;
   return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value);
 }
-var noop = () => "";
 async function fetchWrapper(requestOptions) {
   const fetch = requestOptions.request?.fetch || globalThis.fetch;
   if (!fetch) {
@@ -20407,7 +20333,7 @@ async function fetchWrapper(requestOptions) {
   }
   const log = requestOptions.request?.log || console;
   const parseSuccessResponseBody = requestOptions.request?.parseSuccessResponseBody !== false;
-  const body = isPlainObject2(requestOptions.body) || Array.isArray(requestOptions.body) ? JSONStringify(requestOptions.body) : requestOptions.body;
+  const body = isPlainObject2(requestOptions.body) || Array.isArray(requestOptions.body) ? JSON.stringify(requestOptions.body) : requestOptions.body;
   const requestHeaders = Object.fromEntries(
     Object.entries(requestOptions.headers).map(([name, value]) => [
       name,
@@ -20499,24 +20425,21 @@ async function fetchWrapper(requestOptions) {
 async function getResponseData(response) {
   const contentType = response.headers.get("content-type");
   if (!contentType) {
-    return response.text().catch(noop);
+    return response.text().catch(() => "");
   }
   const mimetype = (0, import_fast_content_type_parse.safeParse)(contentType);
   if (isJSONResponse(mimetype)) {
     let text = "";
     try {
       text = await response.text();
-      return JSONParse(text);
+      return JSON.parse(text);
     } catch (err) {
       return text;
     }
   } else if (mimetype.type.startsWith("text/") || mimetype.parameters.charset?.toLowerCase() === "utf-8") {
-    return response.text().catch(noop);
+    return response.text().catch(() => "");
   } else {
-    return response.arrayBuffer().catch(
-      /* v8 ignore next -- @preserve */
-      () => new ArrayBuffer(0)
-    );
+    return response.arrayBuffer().catch(() => new ArrayBuffer(0));
   }
 }
 function isJSONResponse(mimetype) {
@@ -20562,37 +20485,13 @@ var request = withDefaults2(endpoint, defaults_default);
 
 // lib/request.js
 var baseUrl = import_core.default.getInput("github-api-url").replace(/\/$/, "");
-var proxyEnvironmentKeys = [
-  "https_proxy",
-  "HTTPS_PROXY",
-  "http_proxy",
-  "HTTP_PROXY"
-];
-function proxyEnvironmentConfigured() {
-  return proxyEnvironmentKeys.some((key) => process.env[key]);
-}
-function nativeProxySupportEnabled() {
-  return process.env.NODE_USE_ENV_PROXY === "1";
-}
-function ensureNativeProxySupport() {
-  if (!proxyEnvironmentConfigured() || nativeProxySupportEnabled()) {
-    return;
-  }
-  throw new Error(
-    "A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step."
-  );
-}
 var request_default = request.defaults({
   headers: { "user-agent": "actions/create-github-app-token" },
   baseUrl
 });
 
 // post.js
-async function run() {
-  ensureNativeProxySupport();
-  return post(import_core2.default, request_default);
-}
-run().catch((error) => {
+post(import_core2.default, request_default).catch((error) => {
   console.error(error);
   import_core2.default.setFailed(error.message);
 });
@@ -20603,11 +20502,4 @@ undici/lib/fetch/body.js:
 
 undici/lib/websocket/frame.js:
   (*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *)
-
-@octokit/request-error/dist-src/index.js:
-  (* v8 ignore else -- @preserve -- Bug with vitest coverage where it sees an else branch that doesn't exist *)
-
-@octokit/request/dist-bundle/index.js:
-  (* v8 ignore next -- @preserve *)
-  (* v8 ignore else -- @preserve *)
 */

lib/main.js

@@ -89,12 +89,12 @@ export async function main(
           permissions
         ),
       {
-        shouldRetry: ({ error }) => error.status >= 500,
-        onFailedAttempt: (context) => {
+        shouldRetry: (error) => error.status >= 500,
+        onFailedAttempt: (error) => {
           core.info(
             `Failed to create token for "${parsedRepositoryNames.join(
               ","
-            )}" (attempt ${context.attemptNumber}): ${context.error.message}`
+            )}" (attempt ${error.attemptNumber}): ${error.message}`
           );
         },
         retries: 3,
@@ -105,9 +105,9 @@ export async function main(
     ({ authentication, installationId, appSlug } = await pRetry(
       () => getTokenFromOwner(request, auth, parsedOwner, permissions),
       {
-        onFailedAttempt: (context) => {
+        onFailedAttempt: (error) => {
           core.info(
-            `Failed to create token for "${parsedOwner}" (attempt ${context.attemptNumber}): ${context.error.message}`
+            `Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`
           );
         },
         retries: 3,

lib/request.js

@@ -1,34 +1,16 @@
 import core from "@actions/core";
 import { request } from "@octokit/request";
 
+/* c8 ignore start -- env knob setup */
+// Encourage Node to honor standard *_PROXY vars for core HTTP(S) agents.
+if (process.env.NODE_USE_ENV_PROXY == null) {
+  process.env.NODE_USE_ENV_PROXY = "1";
+}
+/* c8 ignore stop */
+
 // Get the GitHub API URL from the action input and remove any trailing slash
 const baseUrl = core.getInput("github-api-url").replace(/\/$/, "");
 
-const proxyEnvironmentKeys = [
-  "https_proxy",
-  "HTTPS_PROXY",
-  "http_proxy",
-  "HTTP_PROXY",
-];
-
-function proxyEnvironmentConfigured() {
-  return proxyEnvironmentKeys.some((key) => process.env[key]);
-}
-
-function nativeProxySupportEnabled() {
-  return process.env.NODE_USE_ENV_PROXY === "1";
-}
-
-export function ensureNativeProxySupport() {
-  if (!proxyEnvironmentConfigured() || nativeProxySupportEnabled()) {
-    return;
-  }
-
-  throw new Error(
-    "A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.",
-  );
-}
-
 // Configure the default settings for GitHub API requests
 export default request.defaults({
   headers: { "user-agent": "actions/create-github-app-token" },

main.js

@@ -1,11 +1,10 @@
 // @ts-check
-
 import core from "@actions/core";
 import { createAppAuth } from "@octokit/auth-app";
 
 import { getPermissionsFromInputs } from "./lib/get-permissions-from-inputs.js";
 import { main } from "./lib/main.js";
-import request, { ensureNativeProxySupport } from "./lib/request.js";
+import request from "./lib/request.js";
 
 if (!process.env.GITHUB_REPOSITORY) {
   throw new Error("GITHUB_REPOSITORY missing, must be set to '<owner>/<repo>'");
@@ -15,37 +14,31 @@ if (!process.env.GITHUB_REPOSITORY_OWNER) {
   throw new Error("GITHUB_REPOSITORY_OWNER missing, must be set to '<owner>'");
 }
 
-async function run() {
-  ensureNativeProxySupport();
+const appId = core.getInput("app-id");
+const privateKey = core.getInput("private-key");
+const owner = core.getInput("owner");
+const repositories = core
+  .getInput("repositories")
+  .split(/[\n,]+/)
+  .map((s) => s.trim())
+  .filter((x) => x !== "");
 
-  const appId = core.getInput("app-id");
-  const privateKey = core.getInput("private-key");
-  const owner = core.getInput("owner");
-  const repositories = core
-    .getInput("repositories")
-    .split(/[\n,]+/)
-    .map((s) => s.trim())
-    .filter((x) => x !== "");
+const skipTokenRevoke = core.getBooleanInput("skip-token-revoke");
 
-  const skipTokenRevoke = core.getBooleanInput("skip-token-revoke");
-
-  const permissions = getPermissionsFromInputs(process.env);
-
-  return main(
-    appId,
-    privateKey,
-    owner,
-    repositories,
-    permissions,
-    core,
-    createAppAuth,
-    request,
-    skipTokenRevoke,
-  );
-}
+const permissions = getPermissionsFromInputs(process.env);
 
 // Export promise for testing
-export default run().catch((error) => {
+export default main(
+  appId,
+  privateKey,
+  owner,
+  repositories,
+  permissions,
+  core,
+  createAppAuth,
+  request,
+  skipTokenRevoke
+).catch((error) => {
   /* c8 ignore next 3 */
   console.error(error);
   core.setFailed(error.message);

package.json

@@ -2,14 +2,13 @@
   "name": "create-github-app-token",
   "private": true,
   "type": "module",
-  "version": "3.0.0-beta.4",
+  "version": "3.0.0-beta.2",
   "description": "GitHub Action for creating a GitHub App Installation Access Token",
   "engines": {
     "node": ">=24.4.0"
   },
-  "packageManager": "npm@10.9.4",
   "scripts": {
-    "build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --packages=bundle",
+  "build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --packages=bundle",
     "test": "c8 --100 ava tests/index.js",
     "coverage": "c8 report --reporter html",
     "postcoverage": "open-cli coverage/index.html"
@@ -17,21 +16,21 @@
   "license": "MIT",
   "dependencies": {
     "@actions/core": "^1.11.1",
-    "@octokit/auth-app": "^8.1.2",
-    "@octokit/request": "^10.0.3",
-    "p-retry": "^7.1.0",
-    "undici": "^7.16.0"
+    "@octokit/auth-app": "^7.2.1",
+    "@octokit/request": "^9.2.2",
+    "p-retry": "^6.2.1"
   },
   "devDependencies": {
-    "@octokit/openapi": "^21.0.0",
-    "@sinonjs/fake-timers": "^15.1.0",
+    "@octokit/openapi": "^19.1.0",
+    "@sinonjs/fake-timers": "^14.0.0",
     "ava": "^6.4.1",
     "c8": "^10.1.3",
-    "dotenv": "^17.3.1",
-    "esbuild": "^0.27.3",
-    "execa": "^9.6.1",
+    "dotenv": "^17.2.1",
+    "esbuild": "^0.25.8",
+    "execa": "^9.6.0",
     "open-cli": "^8.0.0",
-    "yaml": "^2.8.2"
+    "undici": "^7.13.0",
+    "yaml": "^2.8.1"
   },
   "release": {
     "branches": [

post.js

@@ -3,15 +3,9 @@
 import core from "@actions/core";
 
 import { post } from "./lib/post.js";
-import request, { ensureNativeProxySupport } from "./lib/request.js";
+import request from "./lib/request.js";
 
-async function run() {
-  ensureNativeProxySupport();
-
-  return post(core, request);
-}
-
-run().catch((error) => {
+post(core, request).catch((error) => {
   /* c8 ignore next 3 */
   console.error(error);
   core.setFailed(error.message);

scripts/generated/app-permissions.json

@@ -187,14 +187,6 @@
         "write"
       ]
     },
-    "custom_properties_for_organizations": {
-      "type": "string",
-      "description": "The level of permission to grant the access token to view and edit custom properties for an organization, when allowed by the property.",
-      "enum": [
-        "read",
-        "write"
-      ]
-    },
     "members": {
       "type": "string",
       "description": "The level of permission to grant the access token for organization teams and members.",
@@ -229,7 +221,7 @@
     },
     "organization_custom_properties": {
       "type": "string",
-      "description": "The level of permission to grant the access token for repository custom properties management at the organization level.",
+      "description": "The level of permission to grant the access token for custom property management.",
       "enum": [
         "read",
         "write",
@@ -392,15 +384,6 @@
         "read",
         "write"
       ]
-    },
-    "enterprise_custom_properties_for_organizations": {
-      "type": "string",
-      "description": "The level of permission to grant the access token for organization custom properties management at the enterprise level.",
-      "enum": [
-        "read",
-        "write",
-        "admin"
-      ]
     }
   },
   "example": {

tests/index.js

@@ -21,14 +21,6 @@ for (const file of testFiles) {
     const env = {
       GITHUB_OUTPUT: undefined,
       GITHUB_STATE: undefined,
-      HTTP_PROXY: undefined,
-      HTTPS_PROXY: undefined,
-      http_proxy: undefined,
-      https_proxy: undefined,
-      NO_PROXY: undefined,
-      no_proxy: undefined,
-      NODE_OPTIONS: undefined,
-      NODE_USE_ENV_PROXY: undefined,
     };
     const { stderr, stdout } = await execa("node", [`tests/${file}`], { env });
     t.snapshot(stderr, "stderr");

tests/main-proxy-requires-native-support.test.js

@@ -1,14 +0,0 @@
-process.env.GITHUB_REPOSITORY = "actions/create-github-app-token";
-process.env.GITHUB_REPOSITORY_OWNER = "actions";
-process.env.HTTPS_PROXY = "http://127.0.0.1:3128";
-
-const originalConsoleError = console.error;
-console.error = (...args) => {
-  originalConsoleError(
-    ...args.map((arg) => (arg instanceof Error ? arg.message : arg)),
-  );
-};
-
-await import("../main.js");
-await new Promise((resolve) => setImmediate(resolve));
-process.exitCode = 0;

tests/post-proxy-requires-native-support.test.js

@@ -1,13 +0,0 @@
-process.env["INPUT_GITHUB-API-URL"] = "https://api.github.com";
-process.env.HTTPS_PROXY = "http://127.0.0.1:3128";
-
-const originalConsoleError = console.error;
-console.error = (...args) => {
-  originalConsoleError(
-    ...args.map((arg) => (arg instanceof Error ? arg.message : arg)),
-  );
-};
-
-await import("../post.js");
-await new Promise((resolve) => setImmediate(resolve));
-process.exitCode = 0;

tests/snapshots/index.js.md

@@ -82,16 +82,6 @@ Generated by [AVA](https://avajs.dev).
     POST /app/installations/123456/access_tokens␊
     {"repositories":["create-github-app-token"]}`
 
-## main-proxy-requires-native-support.test.js
-
-> stderr
-
-    'A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.'
-
-> stdout
-
-    '::error::A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.'
-
 ## main-repo-skew.test.js
 
 > stderr
@@ -343,16 +333,6 @@ Generated by [AVA](https://avajs.dev).
     POST /app/installations/123456/access_tokens␊
     {"repositories":["create-github-app-token"],"permissions":{"issues":"write","pull_requests":"read"}}`
 
-## post-proxy-requires-native-support.test.js
-
-> stderr
-
-    'A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.'
-
-> stdout
-
-    '::error::A proxy environment variable is set, but Node.js native proxy support is not enabled. Set NODE_USE_ENV_PROXY=1 for this action step.'
-
 ## post-revoke-token-fail-response.test.js
 
 > stderr